User Guide
Release Notes

List Certification Results

Get results for workflow certifications

Returns the results of the certification query, including any special properties, decisions, and notes.

Methodsyntax

GET

{{base_url}}/api/preview/awf/certifications/{certification_id}/results

Parameters

NameTypeReq.Description

certification_id

string

Y

Certification id

page_token

int

N

next_page_token to list results from

page_size

int

N

Max results to return per page (default 100, minimum 1, maximum 2,000)

paginate_direction_backwards

boolean

N

When true, use reverse order from the last page of results

Examples

Request

curl '{{VEZA_URL}}/api/preview/awf/certifications/f9123002-f056-491f-978f-f203bc9885ed/results?page_token=0&page_size=1' \
  -H 'authorization: Bearer '$token

Provide the UUID of the certification to get results. You can page through responses by providing a starting result number, and setting the maximum results to return.

Response

Each row in a certification describes an identity and resource entity pair, connected by a set of concrete and abstract permissions. Responses can be partial, depending on the page_size. You can get the next set of results by requesting a valid next_page_token as the page_token.

See Workflow Parameters for more details on the Certification Result object.

{
    "values": [
        {
            "result_id": 0,
            "source": {
                "aliases": [],
                "created_at": "2023-05-03T14:25:43Z",
                "datasource_id": "datasource:google_cloud_workspace",
                "email_addresses": [
                    "jdoe@cookiebeta.ai",
                    "jdoe@cookiebeta.ai.test-google-a.com",
                    "jdoe@veza.com"
                ],
                "full_admin": false,
                "google_cloud_organization_name": "organizations/123456789012",
                "guest": false,
                "id": "datasource:112655590859538682841",
                "idp_unique_id": "jdoe@cookiebeta.ai",
                "is_active": true,
                "last_login_at": "2023-05-10T15:25:04Z",
                "location_areas": [],
                "mfa_enabled": false,
                "name": "jdoe@cookiebeta.ai",
                "organization_names": [],
                "provider_id": "datasource",
                "suspended": false,
                "type": "GoogleWorkspaceUser"
            },
            "destination": {
                "created_at": "2021-11-01T14:23:35Z",
                "datasource_id": "datasource:google_cloud_iam",
                "google_cloud_organization_name": "organizations/123456789012",
                "id": "projects/743979515322",
                "name": "Dev GCP Project",
                "parent_id": "organizations/123456789012",
                "project_id": "striped-graph-330814",
                "provider_id": "datasource",
                "type": "GoogleCloudProject",
                "updated_at": "2022-04-07T22:08:48Z"
            },
            "accumulated_effective_permissions": [],
            "accumulated_raw_permissions": [
                "bigquery.datasets.get",
                "bigquery.datasets.getIamPolicy",
                "bigquery.tables.get",
                "bigquery.tables.getIamPolicy",
                "bigquery.tables.list",
                "iam.roles.get",
                "iam.roles.list",
                "iam.serviceAccounts.create",
                "iam.serviceAccounts.list",
                "resourcemanager.folders.create",
                "resourcemanager.folders.delete",
                "resourcemanager.folders.get",
                "resourcemanager.folders.getIamPolicy",
                "resourcemanager.folders.list",
                "resourcemanager.folders.move",
                "resourcemanager.folders.setIamPolicy",
                "resourcemanager.folders.undelete",
                "resourcemanager.organizations.get",
                "resourcemanager.organizations.getIamPolicy",
                "resourcemanager.organizations.setIamPolicy",
                "resourcemanager.projects.create",
                "resourcemanager.projects.delete",
                "resourcemanager.projects.get",
                "resourcemanager.projects.getIamPolicy",
                "resourcemanager.projects.list",
                "resourcemanager.projects.move",
                "resourcemanager.projects.setIamPolicy",
                "resourcemanager.projects.update",
                "storage.buckets.create",
                "storage.buckets.createTagBinding",
                "storage.buckets.delete",
                "storage.buckets.deleteTagBinding",
                "storage.buckets.get",
                "storage.buckets.getIamPolicy",
                "storage.buckets.list",
                "storage.buckets.listTagBindings",
                "storage.buckets.setIamPolicy",
                "storage.buckets.update"
            ],
            "updated_at": null,
            "updated_by": null,
            "signed_off_at": null,
            "signed_off_by": null,
            "notification_response_infos": [],
            "notification_status": "UNKNOWN",
            "waypoint": {
                "id": "organizations/123456789012_policy_role_binding0",
                "name": "CookieAIDevServicePrincipalRole",
                "type": "GoogleCloudIamRoleBinding"
            },
            "action_log_entries": [],
            "decision": "NONE",
            "notes": "",
            "reviewers": [
                {
                    "user_type": "localCookieUser",
                    "id": "e3ac5e6a-1946-4688-82a7-8a607133a1c8",
                    "email": "cookie@cookie.ai",
                    "name": "External User"
                }
            ],
            "signed_off_state": "NOT_SIGNED_OFF",
            "reviewer_assignment": null
        },
        {
            "result_id": 1,
            "source": {
                "aliases": [],
                "created_at": "2023-05-03T14:25:43Z",
                "datasource_id": "datasource:google_cloud_workspace",
                "email_addresses": [
                    "jdoe@cookiebeta.ai",
                    "jdoe@cookiebeta.ai.test-google-a.com",
                    "jdoe@veza.com"
                ],
                "full_admin": false,
                "google_cloud_organization_name": "organizations/123456789012",
                "guest": false,
                "id": "datasource:112655590859538682841",
                "idp_unique_id": "jdoe@cookiebeta.ai",
                "is_active": true,
                "last_login_at": "2023-05-10T15:25:04Z",
                "location_areas": [],
                "mfa_enabled": false,
                "name": "jdoe@cookiebeta.ai",
                "organization_names": [],
                "provider_id": "datasource",
                "suspended": false,
                "type": "GoogleWorkspaceUser"
            },
            "destination": {
                "created_at": "2021-11-01T14:23:35Z",
                "datasource_id": "datasource:google_cloud_iam",
                "google_cloud_organization_name": "organizations/123456789012",
                "id": "projects/743979515322",
                "name": "Dev GCP Project",
                "parent_id": "organizations/123456789012",
                "project_id": "striped-graph-330814",
                "provider_id": "datasource",
                "type": "GoogleCloudProject",
                "updated_at": "2022-04-07T22:08:48Z"
            },
            "accumulated_effective_permissions": [],
            "accumulated_raw_permissions": [
                "cloudkms.cryptoKeyVersions.create",
                "cloudkms.cryptoKeyVersions.destroy",
                "cloudkms.cryptoKeyVersions.get",
                "cloudkms.cryptoKeyVersions.list",
                "cloudkms.cryptoKeyVersions.restore",
                "cloudkms.cryptoKeyVersions.update",
                "cloudkms.cryptoKeyVersions.useToDecryptViaDelegation",
                "cloudkms.cryptoKeyVersions.useToEncryptViaDelegation",
                "cloudkms.cryptoKeys.create",
                "cloudkms.cryptoKeys.get",
                "cloudkms.cryptoKeys.getIamPolicy",
                "cloudkms.cryptoKeys.list",
                "cloudkms.cryptoKeys.setIamPolicy",
                "cloudkms.cryptoKeys.update",
                "cloudkms.keyRings.create",
                "cloudkms.keyRings.createTagBinding",
                "cloudkms.keyRings.deleteTagBinding",
                "cloudkms.keyRings.get",
                "cloudkms.keyRings.getIamPolicy",
                "cloudkms.keyRings.list",
                "cloudkms.keyRings.listTagBindings",
                "cloudkms.keyRings.setIamPolicy",
                "cloudkms.locations.get",
                "cloudkms.locations.list",
                "resourcemanager.projects.get"
            ],
            "updated_at": null,
            "updated_by": null,
            "signed_off_at": null,
            "signed_off_by": null,
            "notification_response_infos": [],
            "notification_status": "UNKNOWN",
            "waypoint": {
                "id": "organizations/123456789012_policy_role_binding11",
                "name": "cloudkms.admin",
                "type": "GoogleCloudIamRoleBinding"
            },
            "action_log_entries": [],
            "decision": "NONE",
            "notes": "",
            "reviewers": [
                {
                    "user_type": "localCookieUser",
                    "id": "e3ac5e6a-1946-4688-82a7-8a607133a1c8",
                    "email": "cookie@cookie.ai",
                    "name": "External User"
                }
            ],
            "signed_off_state": "NOT_SIGNED_OFF",
            "reviewer_assignment": null
        }
    ],
    "next_page_token": "EAI=",
    "has_more": true,
    "has_previous": false
}
PreviousList CertificationsNextUpdate Certification Result

Last updated