filter

The filter parameter is used to filter the results based on values. Multiple filters can be provided.

Each filter is a 3-tuple comma-delimited expression:

fieldName,operator,value

• fieldName: The field names can be attributes or sub-attributes (i.e. nested values) specified using a JSON path syntax using . for delimiters. For example rules.type will check the type attribute in the nested rules object array.
• operator: the following operators are supported:
  • eq, equals
  • ne, notEquals
  • gt, greaterThan
  • lt, lessThan
  • gte, greaterThanOrEquals
  • lte, lessThanOrEquals
  • sw, startswith
  • ew, endswith
  • cs, contains
• value: the field JSON value

This query returns the IDs and names of all policies with mutate rules:

nctl raw "/policies/api/policy?filter=rules.type,equals,Mutation&fields=id,name" | jq

results:

[
  {
    "id": "9ddaac9f-075f-4e69-a1bc-a0243d2f6072",
    "name": "disable-automount-sa-token"
  },
  {
    "id": "668bbd6a-c433-41a2-ab1d-325120ed14f2",
    "name": "check-images"
  },
  {
    "id": "44ec005e-f7ed-431f-99ba-89918205fe6c",
    "name": "disable-automount-sa-token"
  }
]