Prerequisites (if applicable)
- Sentinel runtime 0.13.0 or newer
Procedure
It is possible to use data from external APIs (that return JSON) in Hashicorp Sentinel policies for use cases that require it via the http Sentinel import.
While the specifics of this will depend on your configuration, typically you will use the http.request function to obtain the API JSON, and then use the json import here to unmarshal the response.
From here, the approach will depend on the contents returned by your API, but will typically involve iterating over the response(via filter or for loop) to obtain the desired information for use in your policy.