Skip to main content
POST
/
access-requests
/
rules
Create Access Request Rule
curl --request POST \
  --url https://use.hoop.dev/api/access-requests/rules \
  --header 'Content-Type: application/json' \
  --data '
{
  "access_type": "command",
  "approval_required_groups": [
    "developers",
    "analysts"
  ],
  "connection_names": [
    "pgdemo",
    "mysql-prod"
  ],
  "force_approval_groups": [
    "admin"
  ],
  "name": "default-access-request-rule",
  "reviewers_groups": [
    "sre",
    "dba"
  ],
  "access_max_duration": 3600,
  "all_groups_must_approve": false,
  "description": "Access request rule for production databases",
  "min_approvals": 2
}
'
{
  "access_max_duration": 3600,
  "access_type": "command",
  "all_groups_must_approve": false,
  "approval_required_groups": [
    "developers",
    "analysts"
  ],
  "connection_names": [
    "pgdemo",
    "mysql-prod"
  ],
  "created_at": "2024-07-25T15:56:35.317601Z",
  "description": "Access control rule for production databases",
  "force_approval_groups": [
    "admin"
  ],
  "id": "15B5A2FD-0706-4A47-B1CF-B93CCFC5B3D7",
  "min_approvals": 2,
  "name": "default-access-request-rule",
  "reviewers_groups": [
    "sre",
    "dba"
  ],
  "updated_at": "2024-07-25T15:56:35.317601Z"
}

Body

application/json

The request body resource

access_type
enum<string>
required

The access type

Available options:
jit,
command
Example:

"command"

approval_required_groups
string[]
required

Groups that require approval

Example:
["developers", "analysts"]
connection_names
string[]
required

Connection names that this rule applies to

Example:
["pgdemo", "mysql-prod"]
force_approval_groups
string[]
required

Groups that can force approve sessions

Example:
["admin"]
name
string
required

The name of the access request rule

Example:

"default-access-request-rule"

reviewers_groups
string[]
required

Groups that can review sessions

Example:
["sre", "dba"]
access_max_duration
integer

Maximum access duration in seconds

Example:

3600

all_groups_must_approve
boolean

Whether all groups must approve

Example:

false

description
string

The description of the access request rule

Example:

"Access request rule for production databases"

min_approvals
integer

Minimum number of approvals required

Example:

2

Response

Created

access_max_duration
integer

Maximum access duration in seconds

Example:

3600

access_type
enum<string>

The access type

Available options:
jit,
command
Example:

"command"

all_groups_must_approve
boolean

Whether all groups must approve

Example:

false

approval_required_groups
string[]

Groups that require approval

Example:
["developers", "analysts"]
connection_names
string[]

Connection names that this rule applies to

Example:
["pgdemo", "mysql-prod"]
created_at
string

The time the resource was created

Example:

"2024-07-25T15:56:35.317601Z"

description
string

The description of the access request rule

Example:

"Access control rule for production databases"

force_approval_groups
string[]

Groups that can force approve sessions

Example:
["admin"]
id
string<uuid>

The resource identifier

Example:

"15B5A2FD-0706-4A47-B1CF-B93CCFC5B3D7"

min_approvals
integer

Minimum number of approvals required

Example:

2

name
string

The name of the access request rule

Example:

"default-access-request-rule"

reviewers_groups
string[]

Groups that can review sessions

Example:
["sre", "dba"]
updated_at
string

The time the resource was updated

Example:

"2024-07-25T15:56:35.317601Z"