Testing your policy
Portal
The policy tester can be found in the portal:
- Select
Policies
in the left menu - Click the policy you want to test
- In the
action
menu clickTester
In the the tester menu you need to specify the following information:
- Identity: the users email you want to test
- Source: the IP address from which the user originates
- Time: the data/time you want test
Click the Test
button to test the policy, the result should look something like this:
API
The API has a policy test endpoint that allows the Border0 administrator to test a policy. Using this API, the endpoint administrator can see if a user will be allowed access to a Socket and what actions are allowed
Given this example input file: testp.json
{
"email": "[email protected]",
"ip_address": "206.214.246.96",
"time": "2022-10-06T20:00:00Z"
}
We can now test the policy using curl like this (note that you need your API admin token).
The UUID in the curl command below is the UUID of the policy.
$ curl -s -d @testp.json -H "x-access-token: $(cat ~/.mysocketio_token)"\
https://api.border0.com/api/v1/policy/48529a18-747c-443c-a589-f4fb60f40aa1/test
{
"Actions": {
"database": [
"*"
],
"http": [
"*"
],
"ssh": [
"*"
]
},
"Info": {
"allowed": [
"policy: \"default-connector-policy\", email addres did match policy",
"policy: \"default-connector-policy\", IP address did match policy",
"policy: \"default-connector-policy\", Country code did match policy"
]
}
}
Updated 7 months ago