Netskope Help

Evaluate Custom Rules

Use this endpoint to evaluate domain specific language (DSL) custom rules against its resources. Custom rules are the rules defined by DSL specifications.

Request Endpoint
https://<tenant-name>.goskope.com/api/v1/public_cloud/rule_evaluate

All parameters except resource_ids are required:

Key

Value

Description

cloud_provider

azure | aws | googlecloud

The IaaS platform provider.

rule_code

URL-encoded string

The rule definition written in DSL.

resource_ids

URL-encoded string

The list of resource IDs. There are these variations:

  • resource_ids: [] evaluates a given rule against all resources.

  • resource_ids:['a','b'] evaluates a given rule against ‘a' and 'b’ resources.

  • This is an optional parameter. If it's an empty array, then the API evaluates a given rule against all resources.

instance

URL-encoded string

AWS: Account name.

Azure: AD application.

GCP: Service account.

Example Request and Response
POST 'https://<tenant-name>.goskope.com/api/v1/public_cloud/rule_evaluate?token=f39866cb86ab84a0208e&cloud_provider="aws"&rule_code="RDSInstance should have MultiAZ eq true"&instance="API Test Instance"&resource_ids=["mariadb-1","mariadb-2"]'

{
"status": "success",
"message": {
"mariadb-1": true, // true =  resource passed the rule.
"mariadb-2": false // false = resource failed the rule.}}