# Kosli Documentation

## Docs

- [Managing Custom Attestation Types](https://docs.kosli.com/administration/managing_custom_attestation_types/overview.md): Learn how to manage Kosli custom attestation types via Terraform, including creating and importing types with JSON Schema and jq evaluation rules.
- [Managing Environments](https://docs.kosli.com/administration/managing_environments/overview.md): Learn how to manage Kosli environments via Terraform, including creating and importing physical and logical environments.
- [Roles in Kosli](https://docs.kosli.com/administration/managing_users/roles_in_kosli.md): Understand the different user roles in Kosli and their permissions to manage access within your organization.
- [Create or update environment action](https://docs.kosli.com/api-reference/actions/create-or-update-environment-action.md): Create or Update an environment action for an org.
- [Create or update flow action](https://docs.kosli.com/api-reference/actions/create-or-update-flow-action.md): Create or Update a flow action for an org.
- [Delete an action](https://docs.kosli.com/api-reference/actions/delete-an-action.md): Delete a specific action for an org.
- [Get action](https://docs.kosli.com/api-reference/actions/get-action.md): Get a specific action for an org.
- [List actions](https://docs.kosli.com/api-reference/actions/list-actions.md): List actions for an org.
- [Allow artifact for environment](https://docs.kosli.com/api-reference/allowlists/allow-artifact-for-environment.md): Allow an artifact for an environment.
- [List allowlist](https://docs.kosli.com/api-reference/allowlists/list-allowlist.md): List Allowlist records in an organization.
- [Create approval](https://docs.kosli.com/api-reference/approval/create-approval.md): Create an approval.
- [Get approval](https://docs.kosli.com/api-reference/approval/get-approval.md): Get an approval record.
- [Get commit of running artifact](https://docs.kosli.com/api-reference/approval/get-commit-of-running-artifact.md): Get the git commit of a running artifact in a specific environment that comes from a given flow
- [List approvals](https://docs.kosli.com/api-reference/approval/list-approvals.md): List Allowlist records in an organization.
- [Get artifact audit package](https://docs.kosli.com/api-reference/artifacts/get-artifact-audit-package.md): Get audit package for an artifact.
- [Get artifact by fingerprint](https://docs.kosli.com/api-reference/artifacts/get-artifact-by-fingerprint.md): Get artifact by fingerprint.
- [Get artifacts by commit SHA](https://docs.kosli.com/api-reference/artifacts/get-artifacts-by-commit-sha.md): Get artifact by commit sha.
- [Get latest artifact commit](https://docs.kosli.com/api-reference/artifacts/get-latest-artifact-commit.md): Get the latest git commit of the artifact.
- [List artifact approvals](https://docs.kosli.com/api-reference/artifacts/list-artifact-approvals.md): List approvals for an artifact.
- [List artifacts](https://docs.kosli.com/api-reference/artifacts/list-artifacts.md): List artifacts in organization. Can be filtered by flow name or repo name.
- [List artifacts in flow](https://docs.kosli.com/api-reference/artifacts/list-artifacts-in-flow.md): Get artifacts in flow.
- [Report artifact](https://docs.kosli.com/api-reference/artifacts/report-artifact.md): Create an artifact for organization.
- [Assert artifact](https://docs.kosli.com/api-reference/asserts/assert-artifact.md): Assert an artifact.
- [Attest custom](https://docs.kosli.com/api-reference/attestation/attest-custom.md): Add custom attestation to a trail with an optional attachment file.
- [Attest generic](https://docs.kosli.com/api-reference/attestation/attest-generic.md): Add Generic attestation to a trail with an optional attachment file.
- [Attest Jira issue](https://docs.kosli.com/api-reference/attestation/attest-jira-issue.md): Add Jira attestation to a trail with an optional attachment file.
- [Attest JUnit test results](https://docs.kosli.com/api-reference/attestation/attest-junit-test-results.md): Add JUnit attestation to a trail with an optional attachment file.
- [Attest pull request](https://docs.kosli.com/api-reference/attestation/attest-pull-request.md): Add Pull-Request attestation to a trail with an optional attachment file.
- [Attest Snyk scan](https://docs.kosli.com/api-reference/attestation/attest-snyk-scan.md): Add Snyk attestation to a trail with an optional attachment file.
- [Attest Sonar scan](https://docs.kosli.com/api-reference/attestation/attest-sonar-scan.md): Add Sonar attestation to a trail with an optional attachment file.
- [Get artifact attestation](https://docs.kosli.com/api-reference/attestation/get-artifact-attestation.md)
- [Get attestation evidence file](https://docs.kosli.com/api-reference/attestation/get-attestation-evidence-file.md): Download the evidence file attached to an attestation.
- [Get trail attestation](https://docs.kosli.com/api-reference/attestation/get-trail-attestation.md)
- [List attestations](https://docs.kosli.com/api-reference/attestation/list-attestations.md): Get a paginated list attestations for an organization based on filters provided as query parameters.
- [List attestations for criteria](https://docs.kosli.com/api-reference/attestation/list-attestations-for-criteria.md): List attestations matching a search criteria within an organization.
- [List flow attestations](https://docs.kosli.com/api-reference/attestation/list-flow-attestations.md): Get all attestations for a flow for a given time span.
- [Override attestation](https://docs.kosli.com/api-reference/attestation/override-attestation.md): Override an attestation in a trail.
- [List Builds](https://docs.kosli.com/api-reference/builds/list-builds.md): List builds for an organization.
- [Archive custom attestation type](https://docs.kosli.com/api-reference/custom-attestation-types/archive-custom-attestation-type.md): Archive a custom attestation type.
- [Create or update custom attestation type](https://docs.kosli.com/api-reference/custom-attestation-types/create-or-update-custom-attestation-type.md): Create or update a custom attestation type for an org.
- [Get custom attestation type](https://docs.kosli.com/api-reference/custom-attestation-types/get-custom-attestation-type.md): Get a custom attestation type.
- [List custom attestation types](https://docs.kosli.com/api-reference/custom-attestation-types/list-custom-attestation-types.md): List all custom attestation types for an org.
- [Get Deployment](https://docs.kosli.com/api-reference/deployments/get-deployment.md): Get a single deployment by environment and fingerprint.
- [List Deployments](https://docs.kosli.com/api-reference/deployments/list-deployments.md): List deployments for an organization.
- [Get environment diff](https://docs.kosli.com/api-reference/envdiff/get-environment-diff.md): Get diff between to snapshots
- [Add environment to logical environment](https://docs.kosli.com/api-reference/environments/add-environment-to-logical-environment.md): Join the given physical environment to this Logical environment
- [Archive environment](https://docs.kosli.com/api-reference/environments/archive-environment.md): Archive an environment.
- [Attach policy to environment](https://docs.kosli.com/api-reference/environments/attach-policy-to-environment.md): Attach a Policy to an environment.
- [Create or update environment](https://docs.kosli.com/api-reference/environments/create-or-update-environment.md): Create or update an Environment for an organization.
- [Detach policy from environment](https://docs.kosli.com/api-reference/environments/detach-policy-from-environment.md): Detach a Policy from an environment.
- [Get environment](https://docs.kosli.com/api-reference/environments/get-environment.md): Get an environment for an organization.
- [Get environment audit log](https://docs.kosli.com/api-reference/environments/get-environment-audit-log.md): Get audit log (as a CSV file) for an environment.
- [List environment events](https://docs.kosli.com/api-reference/environments/list-environment-events.md): Get events log for an environment.
- [List environments](https://docs.kosli.com/api-reference/environments/list-environments.md): List environments of an organization.
- [Rename environment](https://docs.kosli.com/api-reference/environments/rename-environment.md): Rename an environment
- [Report Azure Web and Function Apps environment](https://docs.kosli.com/api-reference/environments/report-azure-web-and-function-apps-environment.md): [beta] Process a report for an Azure Web and Function Apps environment.
- [Report Docker environment](https://docs.kosli.com/api-reference/environments/report-docker-environment.md): Process a report for a Docker environment.
- [Report ECS environment](https://docs.kosli.com/api-reference/environments/report-ecs-environment.md): Process a report for an ECS environment.
- [Report K8S environment](https://docs.kosli.com/api-reference/environments/report-k8s-environment.md): Process a report for a K8S environment.
- [Report Lambda environment](https://docs.kosli.com/api-reference/environments/report-lambda-environment.md): Process a report for a Lambda environment.
- [Report S3 environment](https://docs.kosli.com/api-reference/environments/report-s3-environment.md): Process a report for an S3 environment.
- [Report server environment](https://docs.kosli.com/api-reference/environments/report-server-environment.md): Process a report for a server environment.
- [Update environment](https://docs.kosli.com/api-reference/environments/update-environment.md): Update an existing Environment for an organization. Only fields present in the request body are updated; omitted fields are left unchanged. Unlike the PUT endpoint, an empty string for description will clear the description.
- [Archive flow](https://docs.kosli.com/api-reference/flows/archive-flow.md): Archive a flow.
- [Create or update flow](https://docs.kosli.com/api-reference/flows/create-or-update-flow.md): Create or update a flow for an organization.
- [Create or update flow with template](https://docs.kosli.com/api-reference/flows/create-or-update-flow-with-template.md): Create or update a flow for an organization.
- [Get flow](https://docs.kosli.com/api-reference/flows/get-flow.md): Get a flow for an organization.
- [List flows](https://docs.kosli.com/api-reference/flows/list-flows.md): List flows for an organization.
- [Rename flow](https://docs.kosli.com/api-reference/flows/rename-flow.md): Rename a flow. The flow will remain available under its old name until that name is taken by another flow.
- [Create or update environment notification](https://docs.kosli.com/api-reference/organizations/create-or-update-environment-notification.md): Create or Update an environments-notification for an org.
- [Delete environment notification](https://docs.kosli.com/api-reference/organizations/delete-environment-notification.md): Delete a specific environments-notification for an org.
- [Get environment notification](https://docs.kosli.com/api-reference/organizations/get-environment-notification.md): Get a specific environments-notification for an org.
- [Get organization](https://docs.kosli.com/api-reference/organizations/get-organization.md): Get a specific org.
- [List environment notifications](https://docs.kosli.com/api-reference/organizations/list-environment-notifications.md): List environments-notifications for an org.
- [Update environment notification](https://docs.kosli.com/api-reference/organizations/update-environment-notification.md): Update a specific environments-notification for an org.
- [Update experimental features](https://docs.kosli.com/api-reference/organizations/update-experimental-features.md): Enable/Disable beta features for an org.
- [Create or update policy](https://docs.kosli.com/api-reference/policies/create-or-update-policy.md): Create or update a Policy in an organization.
- [Get policy](https://docs.kosli.com/api-reference/policies/get-policy.md): Get a Policy in an organization.
- [List policies](https://docs.kosli.com/api-reference/policies/list-policies.md): List Policies in an organization.
- [Get live artifacts for a repo](https://docs.kosli.com/api-reference/repos/get-live-artifacts-for-a-repo.md): Get the live status of artifacts from a repository across all environments.
- [List repos](https://docs.kosli.com/api-reference/repos/list-repos.md): List repos for an organization.
- [Search artifacts by SHA or fingerprint](https://docs.kosli.com/api-reference/search/search-artifacts-by-sha-or-fingerprint.md): Get artifacts that match fingerprint or commit-sha.
- [Create an API key for a service account](https://docs.kosli.com/api-reference/service-accounts/create-an-api-key-for-a-service-account.md): Create a new API key for a service account. The key value is only returned once.
- [List API keys for a service account](https://docs.kosli.com/api-reference/service-accounts/list-api-keys-for-a-service-account.md): List all active API keys for a service account.
- [Revoke an API key for a service account](https://docs.kosli.com/api-reference/service-accounts/revoke-an-api-key-for-a-service-account.md): Revoke an API key for a service account.
- [Get snapshot](https://docs.kosli.com/api-reference/snapshots/get-snapshot.md): Get a snapshot for an environment.
- [List snapshots](https://docs.kosli.com/api-reference/snapshots/list-snapshots.md): Get list of snapshots for an environment.
- [Update tags](https://docs.kosli.com/api-reference/tags/update-tags.md): Patch tags for resource.
- [Begin trail](https://docs.kosli.com/api-reference/trails/begin-trail.md): Add a Trail to a Flow.
- [Download trail audit package](https://docs.kosli.com/api-reference/trails/download-trail-audit-package.md): Download the full trail audit package (same content as the app “Download Full Audit Package”).
- [Download trail audit PDF](https://docs.kosli.com/api-reference/trails/download-trail-audit-pdf.md): Download only the trail PDF report (same as `trail-page.pdf` inside the full audit package).
- [Get trail](https://docs.kosli.com/api-reference/trails/get-trail.md): Get a Trail for a Flow in an organization.
- [List trails](https://docs.kosli.com/api-reference/trails/list-trails.md): List Trails of a Flow.
- [List trails for organization](https://docs.kosli.com/api-reference/trails/list-trails-for-organization.md): Get a paginated list of trails for an organization based on filters provided as query parameters.
- [Set default organization](https://docs.kosli.com/api-reference/user/set-default-organization.md): Set a default org for the current user.
- [Changelog](https://docs.kosli.com/changelog/index.md): Release notes for Kosli products.
- [kosli](https://docs.kosli.com/client_reference/kosli.md): The Kosli CLI.
- [kosli allow artifact](https://docs.kosli.com/client_reference/kosli_allow_artifact.md): Add an artifact to an environment's allowlist.
- [kosli archive attestation-type](https://docs.kosli.com/client_reference/kosli_archive_attestation-type.md): Archive a custom Kosli attestation type.
- [kosli archive environment](https://docs.kosli.com/client_reference/kosli_archive_environment.md): Archive a Kosli environment.
- [kosli archive flow](https://docs.kosli.com/client_reference/kosli_archive_flow.md): Archive a Kosli flow.
- [kosli assert approval](https://docs.kosli.com/client_reference/kosli_assert_approval.md): Assert an artifact in Kosli has been approved for deployment.
- [kosli assert artifact](https://docs.kosli.com/client_reference/kosli_assert_artifact.md): Assert the compliance status of an artifact in Kosli.  There are three ways to choose what to assert against: 1. Against an environment. When `--environment` is specified, asserts against all poli...
- [kosli assert pullrequest azure](https://docs.kosli.com/client_reference/kosli_assert_pullrequest_azure.md): Assert an Azure DevOps pull request for a git commit exists.
- [kosli assert pullrequest bitbucket](https://docs.kosli.com/client_reference/kosli_assert_pullrequest_bitbucket.md): Assert a Bitbucket pull request for a git commit exists.
- [kosli assert pullrequest github](https://docs.kosli.com/client_reference/kosli_assert_pullrequest_github.md): Assert a Github pull request for a git commit exists.
- [kosli assert pullrequest gitlab](https://docs.kosli.com/client_reference/kosli_assert_pullrequest_gitlab.md): Assert a Gitlab merge request for a git commit exists.
- [kosli assert snapshot](https://docs.kosli.com/client_reference/kosli_assert_snapshot.md): Assert the compliance status of an environment in Kosli.
- [kosli assert status](https://docs.kosli.com/client_reference/kosli_assert_status.md): Assert the status of a Kosli server.
- [kosli attach-policy](https://docs.kosli.com/client_reference/kosli_attach-policy.md): Attach a policy to one or more Kosli environments.
- [kosli attest artifact](https://docs.kosli.com/client_reference/kosli_attest_artifact.md): Attest an artifact creation to a Kosli flow.
- [kosli attest custom](https://docs.kosli.com/client_reference/kosli_attest_custom.md): Report a custom attestation to an artifact or a trail in a Kosli flow.
- [kosli attest generic](https://docs.kosli.com/client_reference/kosli_attest_generic.md): Report a generic attestation to an artifact or a trail in a Kosli flow.
- [kosli attest jira](https://docs.kosli.com/client_reference/kosli_attest_jira.md): Report a jira attestation to an artifact or a trail in a Kosli flow.
- [kosli attest junit](https://docs.kosli.com/client_reference/kosli_attest_junit.md): Report a junit attestation to an artifact or a trail in a Kosli flow. JUnit xml files are read from the `--results-dir` directory which defaults to the current directory. The xml files are automati...
- [kosli attest pullrequest azure](https://docs.kosli.com/client_reference/kosli_attest_pullrequest_azure.md): Report an Azure Devops pull request attestation to an artifact or a trail in a Kosli flow.
- [kosli attest pullrequest bitbucket](https://docs.kosli.com/client_reference/kosli_attest_pullrequest_bitbucket.md): Report a Bitbucket pull request attestation to an artifact or a trail in a Kosli flow.
- [kosli attest pullrequest github](https://docs.kosli.com/client_reference/kosli_attest_pullrequest_github.md): Report a Github pull request attestation to an artifact or a trail in a Kosli flow.
- [kosli attest pullrequest gitlab](https://docs.kosli.com/client_reference/kosli_attest_pullrequest_gitlab.md): Report a Gitlab merge request attestation to an artifact or a trail in a Kosli flow.
- [kosli attest snyk](https://docs.kosli.com/client_reference/kosli_attest_snyk.md): Report a snyk attestation to an artifact or a trail in a Kosli flow.
- [kosli attest sonar](https://docs.kosli.com/client_reference/kosli_attest_sonar.md): Report a SonarQube attestation to an artifact or a trail in a Kosli flow.
- [kosli begin trail](https://docs.kosli.com/client_reference/kosli_begin_trail.md): Begin or update a Kosli flow trail.
- [kosli completion](https://docs.kosli.com/client_reference/kosli_completion.md): Generate completion script
- [kosli config](https://docs.kosli.com/client_reference/kosli_config.md): Config global Kosli flags values and store them in $HOME/.kosli .
- [kosli create attestation-type](https://docs.kosli.com/client_reference/kosli_create_attestation-type.md): Create or update a Kosli custom attestation type.
- [kosli create environment](https://docs.kosli.com/client_reference/kosli_create_environment.md): Create or update a Kosli environment.
- [kosli create flow](https://docs.kosli.com/client_reference/kosli_create_flow.md): Create or update a Kosli flow.
- [kosli create policy](https://docs.kosli.com/client_reference/kosli_create_policy.md): Create or update a Kosli policy.
- [kosli detach-policy](https://docs.kosli.com/client_reference/kosli_detach-policy.md): Detach a policy from one or more Kosli environments.
- [kosli diff snapshots](https://docs.kosli.com/client_reference/kosli_diff_snapshots.md): Diff environment snapshots.
- [kosli disable beta](https://docs.kosli.com/client_reference/kosli_disable_beta.md): Disable beta features for an organization.
- [kosli enable beta](https://docs.kosli.com/client_reference/kosli_enable_beta.md): Enable beta features for an organization.
- [kosli evaluate input](https://docs.kosli.com/client_reference/kosli_evaluate_input.md): [BETA] Evaluate a local JSON input against a Rego policy.
- [kosli evaluate trail](https://docs.kosli.com/client_reference/kosli_evaluate_trail.md): [BETA] Evaluate a trail against a policy.
- [kosli evaluate trails](https://docs.kosli.com/client_reference/kosli_evaluate_trails.md): [BETA] Evaluate multiple trails against a policy.
- [kosli fingerprint](https://docs.kosli.com/client_reference/kosli_fingerprint.md): Calculate the SHA256 fingerprint of an artifact.
- [kosli get approval](https://docs.kosli.com/client_reference/kosli_get_approval.md): Get an approval from a specified flow.
- [kosli get artifact](https://docs.kosli.com/client_reference/kosli_get_artifact.md): Get artifact from a specified flow
- [kosli get attestation](https://docs.kosli.com/client_reference/kosli_get_attestation.md): Get an attestation using its name or id.
- [kosli get attestation-type](https://docs.kosli.com/client_reference/kosli_get_attestation-type.md): Get a custom Kosli attestation type.
- [kosli get environment](https://docs.kosli.com/client_reference/kosli_get_environment.md): Get an environment's metadata.
- [kosli get flow](https://docs.kosli.com/client_reference/kosli_get_flow.md): Get the metadata of a specific flow.
- [kosli get policy](https://docs.kosli.com/client_reference/kosli_get_policy.md): Get a policy's metadata.
- [kosli get snapshot](https://docs.kosli.com/client_reference/kosli_get_snapshot.md): Get a specified environment snapshot.
- [kosli get trail](https://docs.kosli.com/client_reference/kosli_get_trail.md): Get the metadata of a specific trail.
- [kosli join environment](https://docs.kosli.com/client_reference/kosli_join_environment.md): Join a physical environment to a logical environment.
- [kosli list approvals](https://docs.kosli.com/client_reference/kosli_list_approvals.md): List approvals in a flow.
- [kosli list artifacts](https://docs.kosli.com/client_reference/kosli_list_artifacts.md): List artifacts in a flow or repo.
- [kosli list attestation-types](https://docs.kosli.com/client_reference/kosli_list_attestation-types.md): List all Kosli attestation types for an org.
- [kosli list environments](https://docs.kosli.com/client_reference/kosli_list_environments.md): List environments for an org.
- [kosli list flows](https://docs.kosli.com/client_reference/kosli_list_flows.md): List flows for an org.
- [kosli list policies](https://docs.kosli.com/client_reference/kosli_list_policies.md): List environment policies for an org.
- [kosli list snapshots](https://docs.kosli.com/client_reference/kosli_list_snapshots.md): List environment snapshots.
- [kosli list trails](https://docs.kosli.com/client_reference/kosli_list_trails.md): List Trails of an org.
- [kosli log environment](https://docs.kosli.com/client_reference/kosli_log_environment.md): List environment events.
- [kosli rename environment](https://docs.kosli.com/client_reference/kosli_rename_environment.md): Rename a Kosli environment.
- [kosli rename flow](https://docs.kosli.com/client_reference/kosli_rename_flow.md): Rename a Kosli flow.
- [kosli report approval](https://docs.kosli.com/client_reference/kosli_report_approval.md): Report an approval of deploying an artifact to an environment to Kosli.
- [kosli report artifact](https://docs.kosli.com/client_reference/kosli_report_artifact.md): Report an artifact creation to a Kosli flow.
- [kosli request approval](https://docs.kosli.com/client_reference/kosli_request_approval.md): Request an approval of a deployment of an artifact to an environment in Kosli.
- [kosli search](https://docs.kosli.com/client_reference/kosli_search.md): Search for a git commit or an artifact fingerprint in Kosli.
- [kosli snapshot azure](https://docs.kosli.com/client_reference/kosli_snapshot_azure.md): Report a snapshot of running Azure web apps and function apps in an Azure resource group to Kosli.
- [kosli snapshot docker](https://docs.kosli.com/client_reference/kosli_snapshot_docker.md): Report a snapshot of running containers from docker host to Kosli.
- [kosli snapshot ecs](https://docs.kosli.com/client_reference/kosli_snapshot_ecs.md): Report a snapshot of running containers in one or more AWS ECS cluster(s) to Kosli.
- [kosli snapshot k8s](https://docs.kosli.com/client_reference/kosli_snapshot_k8s.md): Report a snapshot of running pods in a K8S cluster or namespace(s) to Kosli.
- [kosli snapshot lambda](https://docs.kosli.com/client_reference/kosli_snapshot_lambda.md): Report a snapshot of artifacts deployed as one or more AWS Lambda functions and their digests to Kosli.
- [kosli snapshot path](https://docs.kosli.com/client_reference/kosli_snapshot_path.md): Report a snapshot of a single artifact running in a specific filesystem path to Kosli.
- [kosli snapshot paths](https://docs.kosli.com/client_reference/kosli_snapshot_paths.md): Report a snapshot of artifacts running in specific filesystem paths to Kosli.
- [kosli snapshot s3](https://docs.kosli.com/client_reference/kosli_snapshot_s3.md): Report a snapshot of the content of an AWS S3 bucket to Kosli.
- [kosli snapshot server](https://docs.kosli.com/client_reference/kosli_snapshot_server.md): Report a snapshot of artifacts running in a server environment to Kosli.
- [kosli status](https://docs.kosli.com/client_reference/kosli_status.md): Check the status of a Kosli server.
- [kosli tag](https://docs.kosli.com/client_reference/kosli_tag.md): Tag a resource in Kosli with key-value pairs.
- [kosli version](https://docs.kosli.com/client_reference/kosli_version.md): Print the version of a Kosli CLI.
- [CLI Reference](https://docs.kosli.com/client_reference/overview.md): Reference documentation for the Kosli CLI.
- [FAQ](https://docs.kosli.com/faq/faq.md): Frequently asked questions
- [Approvals](https://docs.kosli.com/getting_started/approvals.md): Learn about approvals in Kosli
- [Artifacts](https://docs.kosli.com/getting_started/artifacts.md): Learn how to attest artifacts to Kosli and establish binary provenance.
- [Attestations](https://docs.kosli.com/getting_started/attestations.md): Learn how to make attestations to Kosli to prove compliance in your software supply chain.
- [Enforce policies](https://docs.kosli.com/getting_started/enforce_policies.md): Block non-compliant artifacts from deploying by enforcing policies in CI/CD pipelines, via the API, or with Kubernetes admission controllers.
- [Environments](https://docs.kosli.com/getting_started/environments.md): Learn how to create and manage Kosli environments to track your runtime artifacts.
- [Flows](https://docs.kosli.com/getting_started/flows.md): Learn about Kosli Flows, how to create and manage them.
- [Install Kosli CLI](https://docs.kosli.com/getting_started/install.md): Instructions to install Kosli CLI on various platforms
- [Environment Policies](https://docs.kosli.com/getting_started/policies.md): Define and enforce compliance requirements for artifact deployments across different environments.
- [Service Accounts](https://docs.kosli.com/getting_started/service-accounts.md): Learn how to create and manage Kosli Service Accounts and API keys.
- [Trails](https://docs.kosli.com/getting_started/trails.md): Learn about Kosli Trails, how to create and manage them.
- [Kubernetes Reporter Helm Chart](https://docs.kosli.com/helm/k8s_reporter.md): A Helm chart for installing the Kosli K8S reporter as a cronjob.
- [Application Developers](https://docs.kosli.com/implementation_guide/phase_1/roles_and_responsibilities/app_developers.md): Role guide for Application Developers using Kosli
- [Overview](https://docs.kosli.com/implementation_guide/phase_1/roles_and_responsibilities/overview.md): Define roles and responsibilities for Kosli implementation
- [Platform Engineers](https://docs.kosli.com/implementation_guide/phase_1/roles_and_responsibilities/platform_engineers.md): Role guide for Platform and DevOps Engineers using Kosli
- [Security and Compliance](https://docs.kosli.com/implementation_guide/phase_1/roles_and_responsibilities/security_compliance.md): How security and compliance teams use Kosli to enforce controls and prepare for audits.
- [Sponsors](https://docs.kosli.com/implementation_guide/phase_1/roles_and_responsibilities/sponsors.md): How Sponsors can use Kosli to drive safe and compliant software delivery at speed.
- [Attestation Types](https://docs.kosli.com/implementation_guide/phase_2/plan_organizational_structure/naming_conventions/attestation_types.md): Naming convention guidance for custom attestation types following the control-objective, evidence-type, detail, and version pattern.
- [Flows and Trails](https://docs.kosli.com/implementation_guide/phase_2/plan_organizational_structure/naming_conventions/flows_and_trails.md): Recommended naming conventions for Flows and Trails in Kosli.
- [Overview](https://docs.kosli.com/implementation_guide/phase_2/plan_organizational_structure/naming_conventions/overview.md): Best practices for naming Flows, Attestation Types, and Environments in Kosli.
- [Actions](https://docs.kosli.com/integrations/actions.md): Automate if-this-then-that workflows with Kosli Actions.
- [CI/CD](https://docs.kosli.com/integrations/ci_cd.md): Use Kosli in CI Systems like GitHub Actions, GitLab CI, and more.
- [LaunchDarkly](https://docs.kosli.com/integrations/launchdarkly.md): LaunchDarkly feature flag changes can be tracked in Kosli trails.
- [Slack](https://docs.kosli.com/integrations/slack.md): Integrate Kosli with Slack using the Kosli Slack App to receive notifications and query your environments and artifacts directly from Slack.
- [Sonar](https://docs.kosli.com/integrations/sonar.md): The results of SonarQube Server and SonarQube Cloud scans can be tracked in Kosli trails. This integration involves setting up a Sonar webhook in Kosli and a corresponding webhook in SonarQube.
- [Kosli Learning Labs](https://docs.kosli.com/labs/index.md): A hands-on five-lab series taking you from your first Kosli account to full supply chain compliance enforcement.
- [Lab 1: Get Ready](https://docs.kosli.com/labs/lab-01-get-ready.md): Fork the sample repository, verify the CI/CD pipeline, and install the Kosli CLI.
- [Lab 2: Flows and Trails](https://docs.kosli.com/labs/lab-02-flows-and-trails.md): Create Flows and Trails using the Kosli CLI, and integrate them into your GitHub Actions workflow.
- [Lab 3: Build Controls](https://docs.kosli.com/labs/lab-03-build-controls.md): Attest artifacts, attach JUnit test results, and generate and attest a Software Bill of Materials.
- [Lab 4: Release Controls](https://docs.kosli.com/labs/lab-04-release-controls.md): Define compliance requirements with Flow Templates and gate deployments with kosli assert artifact.
- [Lab 5: Runtime Controls](https://docs.kosli.com/labs/lab-05-runtime-controls.md): Create environments, snapshot what's running in production, and enforce compliance policies.
- [Environment Policy](https://docs.kosli.com/policy-reference/environment_policy.md): Reference for the YAML policy files used to define compliance requirements for Kosli environments.
- [Rego Policy](https://docs.kosli.com/policy-reference/rego_policy.md): Reference for Rego policy files used with kosli evaluate trail and kosli evaluate trails.
- [Flow Template](https://docs.kosli.com/template-reference/flow_template.md): Reference for the YAML template file used to define compliance controls for a Kosli flow.
- [kosli_action data source](https://docs.kosli.com/terraform-reference/data-sources/action.md): Fetches details of an existing Kosli action.
- [kosli_custom_attestation_type data source](https://docs.kosli.com/terraform-reference/data-sources/custom_attestation_type.md): Fetches details of an existing custom attestation type from Kosli. Custom attestation types define how Kosli validates and evaluates evidence from proprietary tools, custom metrics, or specialized compliance requirements.
- [kosli_environment data source](https://docs.kosli.com/terraform-reference/data-sources/environment.md): Fetches details of an existing Kosli environment. Use this data source to reference environments and access metadata like last modified and last reported timestamps.
- [kosli_flow data source](https://docs.kosli.com/terraform-reference/data-sources/flow.md): Fetches details of an existing Kosli flow. Use this data source to reference flow configurations and templates.
- [kosli_logical_environment data source](https://docs.kosli.com/terraform-reference/data-sources/logical_environment.md): Fetches details of an existing Kosli logical environment. Use this data source to reference logical environments and access their aggregated physical environments.
- [kosli_policy data source](https://docs.kosli.com/terraform-reference/data-sources/policy.md): Fetches details of an existing Kosli policy.
- [Kosli Terraform Provider](https://docs.kosli.com/terraform-reference/index.md): Manage Kosli resources as Infrastructure-as-Code using Terraform.
- [kosli_action resource](https://docs.kosli.com/terraform-reference/resources/action.md): Manages a Kosli action. Actions define webhook notifications triggered by environment compliance events.
- [kosli_custom_attestation_type resource](https://docs.kosli.com/terraform-reference/resources/custom_attestation_type.md): Manages a custom attestation type in Kosli. Custom attestation types define how Kosli validates and evaluates evidence from proprietary tools, custom metrics, or specialized compliance requirements.
- [kosli_environment resource](https://docs.kosli.com/terraform-reference/resources/environment.md): Manages a Kosli environment. Environments represent deployment targets where artifacts are deployed. Supports physical environment types: K8S, ECS, S3, docker, server, and lambda.
- [kosli_flow resource](https://docs.kosli.com/terraform-reference/resources/flow.md): Manages a Kosli flow. Flows represent business or software processes that require change tracking.
- [kosli_logical_environment resource](https://docs.kosli.com/terraform-reference/resources/logical_environment.md): Manages a Kosli logical environment. Logical environments aggregate multiple physical environments for organizational purposes.
- [kosli_policy resource](https://docs.kosli.com/terraform-reference/resources/policy.md): Manages a Kosli policy. Policies define artifact compliance requirements that can be attached to environments.
- [kosli_policy_attachment resource](https://docs.kosli.com/terraform-reference/resources/policy_attachment.md): Attaches a Kosli policy to an environment. When this resource is destroyed, the policy is detached from the environment.
- [Docker API version error in GitHub Actions](https://docs.kosli.com/troubleshooting/docker_api_version_error.md): How to fix the "client version 1.51 is too new" error when running the Kosli CLI with Docker operations.
- [GitHub can't see KOSLI_API_TOKEN secret](https://docs.kosli.com/troubleshooting/github_kosli_api_token.md): How to make the KOSLI_API_TOKEN secret available in GitHub Actions workflows.
- [Repo digest unavailable](https://docs.kosli.com/troubleshooting/repo_digest_unavailable.md): How to fix the "repo digest unavailable for the image" error when running kosli attest artifact with --artifact-type=docker.
- [CLI in subshell captures stderr](https://docs.kosli.com/troubleshooting/subshell_stderr.md): How to handle Kosli CLI debug output being captured in subshell variables in CI workflows.
- [What do I do if Kosli is down?](https://docs.kosli.com/troubleshooting/what_do_i_do_if_kosli_is_down.md): This page shows you how to bypass Kosli attestations if Kosli is down so your CI pipelines keep running, and how to re-enable them when it recovers.
- [Path/Image name is a single whitespace character](https://docs.kosli.com/troubleshooting/whitespace_path.md): How to fix the whitespace path error when using multi-line Kosli CLI commands.
- [zsh: no such user or named directory](https://docs.kosli.com/troubleshooting/zsh_no_such_user.md): How to fix the zsh error when using arguments starting with ~ in Kosli CLI commands.
- [Attesting large documents (SBOMs, SARIF, vulnerability reports)](https://docs.kosli.com/tutorials/attest_large_documents.md): How to attest large security and compliance reports in Kosli using summary attestations and the Evidence Vault
- [Attesting Snyk scans](https://docs.kosli.com/tutorials/attest_snyk.md): In this tutorial, we will see how you can run and attest different types of Snyk scans to Kosli. We will run the scans on the Kosli CLI git repo
- [Using Kosli CLI with an HTTP proxy](https://docs.kosli.com/tutorials/cli_and_http_proxy.md): This tutorial shows you how to set up an HTTP proxy and configure the Kosli CLI to route all traffic through it.
- [Creating custom CTRF attestation type](https://docs.kosli.com/tutorials/custom-attestation-ctrf.md): In this tutorial, we will create a custom attestation type with schema and evaluation for Common Test Report Format
- [Evaluate trails with OPA policies](https://docs.kosli.com/tutorials/evaluate_trails_with_opa.md): Learn how to use kosli evaluate trail and kosli evaluate trails to check your Kosli trails against custom OPA/Rego policies. This tutorial walks through writing a policy that verifies pull requests have been approved.
- [From commit to production](https://docs.kosli.com/tutorials/following_a_git_commit_to_runtime_environments.md): In this 5 minute tutorial you'll learn how Kosli tracks "life after git" and shows you events from CI pipelines (eg, building the docker image, running the unit tests, deploying, etc) and runtime environments (eg, the blue-green rollover, instance scaling, etc)
- [Linking trails across branches](https://docs.kosli.com/tutorials/linking_trails_across_branches.md): How to connect compliance evidence from PR trails to main-branch trails in Kosli.
- [Organizing Flows and Environments with Spaces](https://docs.kosli.com/tutorials/organizing_with_spaces.md): Learn how to use Kosli Spaces to hierarchically organize your Flows and Environments
- [Querying Kosli](https://docs.kosli.com/tutorials/querying_kosli.md): This tutorial shows you how to use Kosli's query commands to search for artifacts, inspect their history, and browse runtime environment snapshots.
- [Report AWS environments to Kosli](https://docs.kosli.com/tutorials/report_aws_envs.md): Learn how to report running artifacts from ECS, Lambda, and S3 environments to Kosli — using the CLI for a quick test or a Terraform module for production.
- [Report Kubernetes environments to Kosli](https://docs.kosli.com/tutorials/report_k8s_envs.md): Learn how to report running artifacts from a Kubernetes cluster to Kosli — using a Helm chart for production, the CLI for a quick test, or an externally scheduled cron job.
- [Working with repositories](https://docs.kosli.com/tutorials/repositories.md): Learn how VCS code repositories are captured in Kosli and how to view builds, deployments, and live artifacts from the Kosli app.
- [Tracing a production incident to its git commit](https://docs.kosli.com/tutorials/tracing_a_production_incident_back_to_git_commits.md): Learn how to use Kosli to trace a production 500 error in cyber-dojo back to the specific git commit that caused it — without any access to the production environment.
- [Try Kosli locally](https://docs.kosli.com/tutorials/try_kosli_locally.md): A quick local demo of Kosli's core features using Docker — no GitHub account or CI pipeline required. Runs entirely from your terminal in about 10 minutes.
- [Detecting unauthorized Terraform changes](https://docs.kosli.com/tutorials/unauthorized_iac_changes.md): Learn how to use Kosli to detect unauthorized Terraform infrastructure changes — changes made outside your approved CI process.
- [AI access to these docs](https://docs.kosli.com/understand_kosli/ai_docs_access.md): Use MCP servers, skill.md, and llms.txt to let AI tools read and search Kosli documentation.
- [Controls](https://docs.kosli.com/understand_kosli/controls.md): Why SDLC controls exist, how they mitigate software delivery risks, and how Kosli implements them.
- [Glossary](https://docs.kosli.com/understand_kosli/glossary.md): Quick-reference definitions of Kosli terms and concepts.
- [How Kosli works](https://docs.kosli.com/understand_kosli/how_kosli_works.md): How Kosli models software delivery using Flows, Trails, Artifacts, Attestations, and Environments.
- [Risks](https://docs.kosli.com/understand_kosli/risks.md): Why modern software delivery introduces risks that are hard to manage, and how to think about them.
- [What is Kosli?](https://docs.kosli.com/understand_kosli/what_is_kosli.md): Why compliance automation matters and how Kosli approaches it.

## OpenAPI Specs

- [openapi](https://app.kosli.com/api/v2/openapi.json)