Getting Information for a Sentinel Policy from an External API

Introduction

This guide explains how to use data from external JSON-based APIs within HashiCorp Sentinel policies. This allows you to enrich policy decisions with external data sources.

Prerequisites

• Sentinel runtime version 0.13.0 or newer.

Procedure

The process involves making an HTTP request to an external API, parsing the JSON response, and then using that data in your policy logic.

1. Make the HTTP Request

   First, use the Sentinel http import to make a request to your external API. The http.request function is typically used for this purpose.

2. Unmarshal the JSON Response

   Once you receive the API response, use the Sentinel json import to unmarshal the JSON body into a usable data structure within Sentinel.

3. Process the Data

   After unmarshalling the data, you can process it to find the information you need for your policy. The specific approach depends on the structure of the API response, but common methods include iterating over the data with a for loop or using a filter expression.

Additional Information

• For further questions and community support, visit the Sentinel Discuss Forum.