Policies API
The Policies API manages rules and bindings that shape privileged actions.
Typical operations
Section titled “Typical operations”- List policies.
- Create or update policies.
- Update policy rules.
- Bind policies to resources or scopes.
- Review effective policy posture.
Create a policy
Section titled “Create a policy”This representative example shows the kind of policy payload an automation workflow manages. Validate field names against the deployed API version.
curl -sS -X POST "$ANCHOR_API/policies" \ -H "Authorization: Bearer $ANCHOR_TOKEN" \ -H "Content-Type: application/json" \ -d '{ "name": "Production Linux rotation policy", "description": "Requires verification and scheduled rotation for production Linux accounts.", "rules": { "verification_required": true, "rotation_interval_days": 30, "connect_allowed": true, "reason_required": true } }'Assign a policy
Section titled “Assign a policy”A representative binding request looks like this:
curl -sS -X POST "$ANCHOR_API/policy-bindings" \ -H "Authorization: Bearer $ANCHOR_TOKEN" \ -H "Content-Type: application/json" \ -d '{ "policy_id": 12, "target_type": "resource", "target_id": 42 }'Review effective policy
Section titled “Review effective policy”curl -sS "$ANCHOR_API/resources/42/effective-policy" \ -H "Authorization: Bearer $ANCHOR_TOKEN"Safety
Section titled “Safety”Automated policy changes are security-relevant. Use review workflows, narrow automation identities, and logs to keep changes explainable.