Controls operations
The following query creates a control.
Variables
input: CreateComplianceLibraryItemInputname: The human readable name for this compliance library item (e.g.,Acceptable Use of End User Computing)description: Any other relevant information for this compliance library item.ref: The human readable identifier used in question/policy mapping operations (e.g.,cp-access-aws).webLink: An external web link to this library item's definition.
Query
query ComplianceControl($input: CreateComplianceLibraryItemInput!) {
createComplianceLibraryItem(input: $input) {
id
name
description
ref
displayCategory
policyItemId
webLink
linkedPolicyItem {
id
ref
name
isAdopted
linkedPolicy {
id
ref
name
}
}
}
Retrieve a control
This query exposes more data on top of the base ComplianceLibraryItemMetadatas object and retrieves a control with evidence and associated Framework data. Any information you need about a control is exposed via this query.
Variables
input: ComplianceLibraryItemInputid: Unique identifier of the library item to fetch.
Query
query ComplianceControl($input: ComplianceLibraryItemInput!) {
complianceLibraryItem(input: $input) {
id
name
description
ref
displayCategory
policyItemId
webLink
linkedPolicyItem {
id
ref
name
isAdopted
linkedPolicy {
id
ref
name
}
}
frameworkItemMetadatas {
id
frameworkId
name
description
displayCategory
auditStatus
webLink
evaluationProgress
lastEvaluationTimestamp
ref
frameworkMetadata {
id
createTimestamp
lastUpdatedTimestamp
name
version
frameworkType
webLink
scopeFilters
}
}
evidence {
allEvidence {
id
evidenceType
... on ComplianceQuestionEvaluation {
questionId
evaluationResult
lastUpdatedTimestamp
results {
name
query
rawResultKey
recordCount
}
}
... on ComplianceNote {
creatorUserId
body
createTimestamp
name
}
... on ComplianceLink {
creatorUserId
description
linkUrl
createTimestamp
name
}
... on ExternalUploadEvidence {
lastUpdatedTimestamp
creatorUserId
body
externalUploadId
createTimestamp
}
}
questionEvaluations {
id
questionId
lastUpdatedTimestamp
evidenceType
evaluationResult
results {
name
query
rawResultKey
recordCount
}
}
notes {
id
evidenceType
creatorUserId
body
createTimestamp
name
}
links {
id
evidenceType
creatorUserId
description
linkUrl
createTimestamp
name
}
externalUploadEvidences {
id
evidenceType
creatorUserId
body
externalUploadId
createTimestamp
lastUpdatedTimestamp
}
}
}
}
List controls
Controls, called "Library Items" in our internal data model, are reusable objects of compliance data that exist outside the context of a framework. You can link the controls to different frameworkItems to provide additional evidence.
Variables
input: ComplianceLibraryItemMetadatasInputfilter- Specifies the type of filter employed. Can beACCOUNT|FRAMEWORK_ITEMframeworkItemId- When filtering byFRAMEWORK_ITEM, this is the uuid identifier for which to filter
returnAllPages- Returns all pages of data and ignores any pagination optionscursor- Cursor for paginationlimit- Pagination page size limit, defaults to 50
Query
query ComplianceLibraryItemMetadatas($input: ComplianceLibraryItemMetadatasInput!) {
complianceLibraryItemMetadatas(input: $input) {
items {
id
name
description
ref
displayCategory
policyItemId
webLink
linkedPolicyItem {
id
ref
name
isAdopted
linkedPolicy {
id
ref
name
}
}
}
pageInfo {
endCursor
hasNextPage
}
}
}