Cloud Configuration Governance scripting reference

  • Release version: Xanadu
  • Updated August 1, 2024
  • 1 minute to read

    • Cloud Configuration Governance provides several objects and variables that you can use to create script-based policies and CI finder mapping scripts.

    Scripting reference for the Cloud Configuration Governance policies

    Table 1. Cloud Configuration Governance objects
    Name Description Schema
    configSettings Represents the configuration data imported from the cloud. 
    [
  {
    "config_key":"configuration_key",
    "type":"data_type",
    "value":"configuration_value"
  },
  ...
]
    current Represents the current glide record object for the select resource type. It contains the following fields:
    • Name: Name of the resource
    • Type: Resource type
    • Identifier: Unique identifier of the cloud resource
    • Details: Cloud resource-specific details
    resourceInformation Resource record and its attributes. 
    [
  {
    "attribute": "Attribute name",
    "tableName" : "Referenced table",
    "documentId": "Referenced record",        
  },
  ...
]
    auditResult Audit details that must be written to the Configuration Management Database (CMDB). 
    {
  "details": "Violation definition "’
  "severity": "severity of the violation",
  "auditViolationName": "Violation name" 
};
    Table 2. Cloud Configuration Governance variables
    Name Data type Description
    answer Boolean Variable to specify whether the policy reports the violation or not.
    • true: Report the violation. Create the auditResult object to create a custom audit result record in the CMDB. If you do not create an audit result object, Cloud Configuration Governance reports the violation as per the violation definition specified in the policy.
    • false: Do not report the violation.
    violatingConfigSettings JSON Reason of the policy violation.

    Syntax

    {
  "config_key": "value" 
};

    Scripting reference for the CI finder mapping script

    Table 3. Cloud Configuration Governance objects
    Name Description Schema
    attributes A map containing the resource attribute key and attribute value from the Resource Attribute table for the given resource. 
    {
"LogicalDatacenter": "Referenced record",
"ServiceAccount": "Referenced record"
}
    Table 4. Cloud Configuration Governance variables
    Name Data type Description
    Name String Name of the resource.
    identifier Resource record Identifier of the Cloud Configuration Governance resource record.
    type Resource record Resource type of the Cloud Configuration Governance resource resource.
    answer JSON CI class with which the resource needs to be mapped.
    The answer contains the following information:
    • sysId of the CI class.
    • tableName of the CI class.

    If the CI finder mapping fails to identify the CI class, set this variable to null.

    Syntax

    { sysId: "value", tableName: "value" }