Red Hat SummitAPI reference
API Reference guide for Red Hat Advanced Cluster Security for Kubernetes.
Abstract
Chapter 1. Administration Event Service
1.1. Administration Event Service
1.1.1. CountAdministrationEvents
GET /v1/count/administration/events
CountAdministrationEvents returns the number of events after filtering by requested fields.
1.1.1.1. Description
1.1.1.2. Parameters
1.1.1.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| filter.from | Matches events with last_occurred_at after a specific timestamp, i.e. the lower boundary. | - | null | |
| filter.until | Matches events with last_occurred_at before a specific timestamp, i.e. the upper boundary. | - | null | |
| filter.domain |
Matches events from a specific domain. | - | null | |
| filter.resourceType |
Matches events associated with a specific resource type. | - | null | |
| filter.type |
Matches events based on their type. | - | null | |
| filter.level |
Matches events based on their level. | - | null |
1.1.1.3. Return Type
1.1.1.4. Content Type
- application/json
1.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
1.1.1.6. Samples
1.1.2. GetAdministrationEvent
GET /v1/administration/events/{id}
GetAdministrationEvent retrieves an event by ID.
1.1.2.1. Description
1.1.2.2. Parameters
1.1.2.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
1.1.2.3. Return Type
1.1.2.4. Content Type
- application/json
1.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
1.1.2.6. Samples
1.1.3. ListAdministrationEvents
GET /v1/administration/events
ListAdministrationEvents returns the list of events after filtered by requested fields.
1.1.3.1. Description
1.1.3.2. Parameters
1.1.3.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null | ||
| filter.from | Matches events with last_occurred_at after a specific timestamp, i.e. the lower boundary. | - | null | |
| filter.until | Matches events with last_occurred_at before a specific timestamp, i.e. the upper boundary. | - | null | |
| filter.domain |
Matches events from a specific domain. | - | null | |
| filter.resourceType |
Matches events associated with a specific resource type. | - | null | |
| filter.type |
Matches events based on their type. | - | null | |
| filter.level |
Matches events based on their level. | - | null |
1.1.3.3. Return Type
1.1.3.4. Content Type
- application/json
1.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
1.1.3.6. Samples
Chapter 2. Administration Usage Service
2.1. Administration Usage Service
2.1.1. GetCurrentSecuredUnitsUsage
GET /v1/administration/usage/secured-units/current
GetCurrentSecuredUnitsUsage returns the current secured units usage metrics values.
2.1.1.1. Description
The secured units metrics are collected from all connected clusters every 5 minutes, so the returned result includes data for the connected clusters accurate to about these 5 minutes, and potentially some outdated data for the disconnected clusters.
2.1.1.2. Parameters
2.1.1.3. Return Type
2.1.1.4. Content Type
- application/json
2.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
2.1.1.6. Samples
2.1.2. GetMaxSecuredUnitsUsage
GET /v1/administration/usage/secured-units/max
GetMaxSecuredUnitsUsage returns the maximum, i.e. peak, secured units usage observed during a given time range, together with the time when this maximum was aggregated and stored.
2.1.2.1. Description
The usage metrics are continuously collected from all the connected clusters. The maximum values are kept for some period of time in memory, and then, periodically, are stored to the database. The last data from disconnected clusters are taken into account.
2.1.2.2. Parameters
2.1.2.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| from | - | null | ||
| to | - | null |
2.1.2.3. Return Type
2.1.2.4. Content Type
- application/json
2.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
2.1.2.6. Samples
Chapter 3. Alert Service
3.1. Alert Service
3.1.1. CountAlerts
GET /v1/alertscount
CountAlerts counts how many alerts match the get request.
3.1.1.1. Description
3.1.1.2. Parameters
3.1.1.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
3.1.1.3. Return Type
3.1.1.4. Content Type
- application/json
3.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
3.1.1.6. Samples
3.1.2. DeleteAlerts
DELETE /v1/alerts
3.1.2.1. Description
3.1.2.2. Parameters
3.1.2.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query.query | - | null | ||
| query.pagination.limit | - | null | ||
| query.pagination.offset | - | null | ||
| query.pagination.sortOption.field | - | null | ||
| query.pagination.sortOption.reversed | - | null | ||
| query.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| query.pagination.sortOption.aggregateBy.distinct | - | null | ||
| confirm | - | null |
3.1.2.3. Return Type
3.1.2.4. Content Type
- application/json
3.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
3.1.2.6. Samples
3.1.3. GetAlert
GET /v1/alerts/{id}
GetAlert returns the alert given its id.
3.1.3.1. Description
3.1.3.2. Parameters
3.1.3.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
3.1.3.3. Return Type
3.1.3.4. Content Type
- application/json
3.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
3.1.3.6. Samples
3.1.4. GetAlertTimeseries
GET /v1/alerts/summary/timeseries
GetAlertTimeseries returns the alerts sorted by time.
3.1.4.1. Description
3.1.4.2. Parameters
3.1.4.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
3.1.4.3. Return Type
3.1.4.4. Content Type
- application/json
3.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
3.1.4.6. Samples
3.1.5. GetAlertsCounts
GET /v1/alerts/summary/counts
GetAlertsCounts returns the number of alerts in the requested cluster or category.
3.1.5.1. Description
3.1.5.2. Parameters
3.1.5.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| request.query | - | null | ||
| request.pagination.limit | - | null | ||
| request.pagination.offset | - | null | ||
| request.pagination.sortOption.field | - | null | ||
| request.pagination.sortOption.reversed | - | null | ||
| request.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| request.pagination.sortOption.aggregateBy.distinct | - | null | ||
| groupBy | - | UNSET |
3.1.5.3. Return Type
3.1.5.4. Content Type
- application/json
3.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
3.1.5.6. Samples
3.1.6. GetAlertsGroup
GET /v1/alerts/summary/groups
GetAlertsGroup returns alerts grouped by policy.
3.1.6.1. Description
3.1.6.2. Parameters
3.1.6.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
3.1.6.3. Return Type
3.1.6.4. Content Type
- application/json
3.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
3.1.6.6. Samples
3.1.7. ListAlerts
GET /v1/alerts
List returns the slim list version of the alerts.
3.1.7.1. Description
3.1.7.2. Parameters
3.1.7.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
3.1.7.3. Return Type
3.1.7.4. Content Type
- application/json
3.1.7.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
3.1.7.6. Samples
3.1.8. ResolveAlert
PATCH /v1/alerts/{id}/resolve
ResolveAlert marks the given alert (by ID) as resolved.
3.1.8.1. Description
3.1.8.2. Parameters
3.1.8.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
3.1.8.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
3.1.8.3. Return Type
Object
3.1.8.4. Content Type
- application/json
3.1.8.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
3.1.8.6. Samples
3.1.9. ResolveAlerts
PATCH /v1/alerts/resolve
ResolveAlertsByQuery marks alerts matching search query as resolved.
3.1.9.1. Description
3.1.9.2. Parameters
3.1.9.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
3.1.9.3. Return Type
Object
3.1.9.4. Content Type
- application/json
3.1.9.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
3.1.9.6. Samples
Chapter 4. APIToken Service
4.1. A P I Token Service
4.1.1. GenerateToken
POST /v1/apitokens/generate
GenerateToken generates API token for a given user and role.
4.1.1.1. Description
4.1.1.2. Parameters
4.1.1.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
4.1.1.3. Return Type
4.1.1.4. Content Type
- application/json
4.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
4.1.1.6. Samples
4.1.2. GetAPIToken
GET /v1/apitokens/{id}
GetAPIToken returns API token metadata for a given id.
4.1.2.1. Description
4.1.2.2. Parameters
4.1.2.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
4.1.2.3. Return Type
4.1.2.4. Content Type
- application/json
4.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
4.1.2.6. Samples
4.1.3. GetAPITokens
GET /v1/apitokens
GetAPITokens returns all the API tokens.
4.1.3.1. Description
4.1.3.2. Parameters
4.1.3.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| revoked | - | null |
4.1.3.3. Return Type
4.1.3.4. Content Type
- application/json
4.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
4.1.3.6. Samples
4.1.4. ListAllowedTokenRoles
GET /v1/apitokens/generate/allowed-roles
GetAllowedTokenRoles return roles that user is allowed to request for API token.
4.1.4.1. Description
4.1.4.2. Parameters
4.1.4.3. Return Type
4.1.4.4. Content Type
- application/json
4.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
4.1.4.6. Samples
4.1.5. RevokeToken
PATCH /v1/apitokens/revoke/{id}
RevokeToken removes the API token for a given id.
4.1.5.1. Description
4.1.5.2. Parameters
4.1.5.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
4.1.5.3. Return Type
Object
4.1.5.4. Content Type
- application/json
4.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
4.1.5.6. Samples
Chapter 5. Auth Provider Service
5.1. Auth Provider Service
5.1.1. DeleteAuthProvider
DELETE /v1/authProviders/{id}
5.1.1.1. Description
5.1.1.2. Parameters
5.1.1.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
5.1.1.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| force | - | null |
5.1.1.3. Return Type
Object
5.1.1.4. Content Type
- application/json
5.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
5.1.1.6. Samples
5.1.2. ExchangeToken
POST /v1/authProviders/exchangeToken
5.1.2.1. Description
5.1.2.2. Parameters
5.1.2.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
5.1.2.3. Return Type
5.1.2.4. Content Type
- application/json
5.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
5.1.2.6. Samples
5.1.3. GetAuthProvider
GET /v1/authProviders/{id}
5.1.3.1. Description
5.1.3.2. Parameters
5.1.3.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
5.1.3.3. Return Type
5.1.3.4. Content Type
- application/json
5.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
5.1.3.6. Samples
5.1.4. GetAuthProviders
GET /v1/authProviders
5.1.4.1. Description
5.1.4.2. Parameters
5.1.4.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| name | - | null | ||
| type | - | null |
5.1.4.3. Return Type
5.1.4.4. Content Type
- application/json
5.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
5.1.4.6. Samples
5.1.5. GetLoginAuthProviders
GET /v1/login/authproviders
5.1.5.1. Description
5.1.5.2. Parameters
5.1.5.3. Return Type
5.1.5.4. Content Type
- application/json
5.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
5.1.5.6. Samples
5.1.6. ListAvailableProviderTypes
GET /v1/availableAuthProviders
5.1.6.1. Description
5.1.6.2. Parameters
5.1.6.3. Return Type
5.1.6.4. Content Type
- application/json
5.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
5.1.6.6. Samples
5.1.7. PostAuthProvider
POST /v1/authProviders
5.1.7.1. Description
5.1.7.2. Parameters
5.1.7.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| provider | X |
5.1.7.3. Return Type
5.1.7.4. Content Type
- application/json
5.1.7.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
5.1.7.6. Samples
5.1.8. PutAuthProvider
PUT /v1/authProviders/{id}
5.1.8.1. Description
5.1.8.2. Parameters
5.1.8.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
5.1.8.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
5.1.8.3. Return Type
5.1.8.4. Content Type
- application/json
5.1.8.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
5.1.8.6. Samples
5.1.9. UpdateAuthProvider
PATCH /v1/authProviders/{id}
5.1.9.1. Description
5.1.9.2. Parameters
5.1.9.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
5.1.9.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
5.1.9.3. Return Type
5.1.9.4. Content Type
- application/json
5.1.9.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
5.1.9.6. Samples
Chapter 6. Auth Service
6.1. Auth Service
6.1.1. AddAuthMachineToMachineConfig
POST /v1/auth/m2m
AddAuthMachineToMachineConfig creates a new auth machine to machine config.
6.1.1.1. Description
6.1.1.2. Parameters
6.1.1.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
6.1.1.3. Return Type
6.1.1.4. Content Type
- application/json
6.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
6.1.1.6. Samples
6.1.2. DeleteAuthMachineToMachineConfig
DELETE /v1/auth/m2m/{id}
DeleteAuthMachineToMachineConfig deletes the specific auth machine to machine config. In case a specified auth machine to machine config does not exist is deleted, no error will be returned.
6.1.2.1. Description
6.1.2.2. Parameters
6.1.2.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
6.1.2.3. Return Type
Object
6.1.2.4. Content Type
- application/json
6.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
6.1.2.6. Samples
6.1.3. ExchangeAuthMachineToMachineToken
POST /v1/auth/m2m/exchange
ExchangeAuthMachineToMachineToken exchanges a given identity token for a Central access token based on configured auth machine to machine configs.
6.1.3.1. Description
6.1.3.2. Parameters
6.1.3.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
6.1.3.3. Return Type
6.1.3.4. Content Type
- application/json
6.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
6.1.3.6. Samples
6.1.4. GetAuthMachineToMachineConfig
GET /v1/auth/m2m/{id}
GetAuthMachineToMachineConfig retrieves the specific auth machine to machine config.
6.1.4.1. Description
6.1.4.2. Parameters
6.1.4.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
6.1.4.3. Return Type
6.1.4.4. Content Type
- application/json
6.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
6.1.4.6. Samples
6.1.5. GetAuthStatus
GET /v1/auth/status
GetAuthStatus returns the status for the current client.
6.1.5.1. Description
6.1.5.2. Parameters
6.1.5.3. Return Type
6.1.5.4. Content Type
- application/json
6.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
6.1.5.6. Samples
6.1.6. ListAuthMachineToMachineConfigs
GET /v1/auth/m2m
ListAuthMachineToMachineConfigs lists the available auth machine to machine configs.
6.1.6.1. Description
6.1.6.2. Parameters
6.1.6.3. Return Type
6.1.6.4. Content Type
- application/json
6.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
6.1.6.6. Samples
6.1.7. UpdateAuthMachineToMachineConfig
PUT /v1/auth/m2m/{config.id}
UpdateAuthMachineToMachineConfig updates an existing auth machine to machine config. In case the auth machine to machine config does not exist, a new one will be created.
6.1.7.1. Description
6.1.7.2. Parameters
6.1.7.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| config.id | UUID of the config. Note that when adding a machine to machine config, this field should not be set. | X | null |
6.1.7.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
6.1.7.3. Return Type
Object
6.1.7.4. Content Type
- application/json
6.1.7.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
6.1.7.6. Samples
Chapter 7. Central Health Service
7.1. Central Health Service
7.1.1. GetUpgradeStatus
GET /v1/centralhealth/upgradestatus
7.1.1.1. Description
7.1.1.2. Parameters
7.1.1.3. Return Type
7.1.1.4. Content Type
- application/json
7.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
7.1.1.6. Samples
Chapter 8. Cloud Sources Service
8.1. Cloud Sources Service
8.1.1. CountCloudSources
GET /v1/count/cloud-sources
CountCloudSources returns the number of cloud sources after filtering by requested fields.
8.1.1.1. Description
8.1.1.2. Parameters
8.1.1.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| filter.names |
Matches cloud sources based on their name. | - | null | |
| filter.types |
Matches cloud sources based on their type. | - | null |
8.1.1.3. Return Type
8.1.1.4. Content Type
- application/json
8.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
8.1.1.6. Samples
8.1.2. CreateCloudSource
POST /v1/cloud-sources
CreateCloudSource creates a cloud source.
8.1.2.1. Description
8.1.2.2. Parameters
8.1.2.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
8.1.2.3. Return Type
8.1.2.4. Content Type
- application/json
8.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
8.1.2.6. Samples
8.1.3. DeleteCloudSource
DELETE /v1/cloud-sources/{id}
DeleteCloudSource removes a cloud source.
8.1.3.1. Description
8.1.3.2. Parameters
8.1.3.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
8.1.3.3. Return Type
Object
8.1.3.4. Content Type
- application/json
8.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
8.1.3.6. Samples
8.1.4. GetCloudSource
GET /v1/cloud-sources/{id}
GetCloudSource retrieves a cloud source by ID.
8.1.4.1. Description
8.1.4.2. Parameters
8.1.4.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
8.1.4.3. Return Type
8.1.4.4. Content Type
- application/json
8.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
8.1.4.6. Samples
8.1.5. ListCloudSources
GET /v1/cloud-sources
ListCloudSources returns the list of cloud sources after filtered by requested fields.
8.1.5.1. Description
8.1.5.2. Parameters
8.1.5.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null | ||
| filter.names |
Matches cloud sources based on their name. | - | null | |
| filter.types |
Matches cloud sources based on their type. | - | null |
8.1.5.3. Return Type
8.1.5.4. Content Type
- application/json
8.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
8.1.5.6. Samples
8.1.6. TestCloudSource
POST /v1/cloud-sources/test
TestCloudSource tests a cloud source.
8.1.6.1. Description
8.1.6.2. Parameters
8.1.6.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
8.1.6.3. Return Type
Object
8.1.6.4. Content Type
- application/json
8.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
8.1.6.6. Samples
8.1.7. UpdateCloudSource
PUT /v1/cloud-sources/{cloudSource.id}
UpdateCloudSource creates or replaces a cloud source.
8.1.7.1. Description
8.1.7.2. Parameters
8.1.7.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| cloudSource.id | X | null |
8.1.7.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
8.1.7.3. Return Type
Object
8.1.7.4. Content Type
- application/json
8.1.7.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
8.1.7.6. Samples
Chapter 9. Cluster CVEService
9.1. Cluster C V E Service
9.1.1. SuppressCVEs
PATCH /v1/clustercves/suppress
SuppressCVE suppresses cluster cves.
9.1.1.1. Description
9.1.1.2. Parameters
9.1.1.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
9.1.1.3. Return Type
Object
9.1.1.4. Content Type
- application/json
9.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
9.1.1.6. Samples
9.1.2. UnsuppressCVEs
PATCH /v1/clustercves/unsuppress
UnsuppressCVE unsuppresses cluster cves.
9.1.2.1. Description
9.1.2.2. Parameters
9.1.2.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
9.1.2.3. Return Type
Object
9.1.2.4. Content Type
- application/json
9.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
9.1.2.6. Samples
Chapter 10. Cluster Init Service
10.1. Cluster Init Service
10.1.1. GenerateCRS
POST /v1/cluster-init/crs
10.1.1.1. Description
10.1.1.2. Parameters
10.1.1.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
10.1.1.3. Return Type
10.1.1.4. Content Type
- application/json
10.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
10.1.1.6. Samples
10.1.2. GenerateCRSExtended
POST /v1/cluster-init/crs-extended
10.1.2.1. Description
10.1.2.2. Parameters
10.1.2.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
10.1.2.3. Return Type
10.1.2.4. Content Type
- application/json
10.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
10.1.2.6. Samples
10.1.3. GenerateInitBundle
POST /v1/cluster-init/init-bundles
10.1.3.1. Description
10.1.3.2. Parameters
10.1.3.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
10.1.3.3. Return Type
10.1.3.4. Content Type
- application/json
10.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
10.1.3.6. Samples
10.1.4. GetCAConfig
GET /v1/cluster-init/ca-config
10.1.4.1. Description
10.1.4.2. Parameters
10.1.4.3. Return Type
10.1.4.4. Content Type
- application/json
10.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
10.1.4.6. Samples
10.1.5. GetCRSs
GET /v1/cluster-init/crs
10.1.5.1. Description
10.1.5.2. Parameters
10.1.5.3. Return Type
10.1.5.4. Content Type
- application/json
10.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
10.1.5.6. Samples
10.1.6. GetInitBundles
GET /v1/cluster-init/init-bundles
10.1.6.1. Description
10.1.6.2. Parameters
10.1.6.3. Return Type
10.1.6.4. Content Type
- application/json
10.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
10.1.6.6. Samples
10.1.7. RevokeCRS
PATCH /v1/cluster-init/crs/revoke
RevokeCRSBundle deletes cluster registration secrets.
10.1.7.1. Description
10.1.7.2. Parameters
10.1.7.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
10.1.7.3. Return Type
10.1.7.4. Content Type
- application/json
10.1.7.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
10.1.7.6. Samples
10.1.8. RevokeInitBundle
PATCH /v1/cluster-init/init-bundles/revoke
RevokeInitBundle deletes cluster init bundle. If this operation impacts any cluster then its ID should be included in request. If confirm_impacted_clusters_ids does not match with current impacted clusters then request will fail with error that includes all impacted clusters.
10.1.8.1. Description
10.1.8.2. Parameters
10.1.8.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
10.1.8.3. Return Type
10.1.8.4. Content Type
- application/json
10.1.8.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
10.1.8.6. Samples
Chapter 11. Clusters Service
11.1. Clusters Service
11.1.1. DeleteCluster
DELETE /v1/clusters/{id}
11.1.1.1. Description
11.1.1.2. Parameters
11.1.1.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
11.1.1.3. Return Type
Object
11.1.1.4. Content Type
- application/json
11.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
11.1.1.6. Samples
11.1.2. GetCluster
GET /v1/clusters/{id}
11.1.2.1. Description
11.1.2.2. Parameters
11.1.2.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
11.1.2.3. Return Type
11.1.2.4. Content Type
- application/json
11.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
11.1.2.6. Samples
11.1.3. GetClusterDefaultValues
GET /v1/cluster-defaults
11.1.3.1. Description
11.1.3.2. Parameters
11.1.3.3. Return Type
11.1.3.4. Content Type
- application/json
11.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
11.1.3.6. Samples
11.1.4. GetClusters
GET /v1/clusters
11.1.4.1. Description
11.1.4.2. Parameters
11.1.4.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null |
11.1.4.3. Return Type
11.1.4.4. Content Type
- application/json
11.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
11.1.4.6. Samples
11.1.5. GetKernelSupportAvailable
GET /v1/clusters-env/kernel-support-available
GetKernelSupportAvailable is deprecated in favor of GetClusterDefaultValues.
11.1.5.1. Description
11.1.5.2. Parameters
11.1.5.3. Return Type
11.1.5.4. Content Type
- application/json
11.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
11.1.5.6. Samples
11.1.6. PostCluster
POST /v1/clusters
11.1.6.1. Description
11.1.6.2. Parameters
11.1.6.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
11.1.6.3. Return Type
11.1.6.4. Content Type
- application/json
11.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
11.1.6.6. Samples
11.1.7. PutCluster
PUT /v1/clusters/{id}
11.1.7.1. Description
11.1.7.2. Parameters
11.1.7.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
11.1.7.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
11.1.7.3. Return Type
11.1.7.4. Content Type
- application/json
11.1.7.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
11.1.7.6. Samples
Chapter 12. Collection Service
12.1. Collection Service
12.1.1. CreateCollection
POST /v1/collections
12.1.1.1. Description
12.1.1.2. Parameters
12.1.1.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
12.1.1.3. Return Type
12.1.1.4. Content Type
- application/json
12.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
12.1.1.6. Samples
12.1.2. DeleteCollection
DELETE /v1/collections/{id}
12.1.2.1. Description
12.1.2.2. Parameters
12.1.2.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
12.1.2.3. Return Type
Object
12.1.2.4. Content Type
- application/json
12.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
12.1.2.6. Samples
12.1.3. DryRunCollection
POST /v1/collections/dryrun
12.1.3.1. Description
12.1.3.2. Parameters
12.1.3.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
12.1.3.3. Return Type
12.1.3.4. Content Type
- application/json
12.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
12.1.3.6. Samples
12.1.4. GetCollection
GET /v1/collections/{id}
12.1.4.1. Description
12.1.4.2. Parameters
12.1.4.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
12.1.4.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| options.withMatches | - | null | ||
| options.filterQuery.query | - | null | ||
| options.filterQuery.pagination.limit | - | null | ||
| options.filterQuery.pagination.offset | - | null | ||
| options.filterQuery.pagination.sortOption.field | - | null | ||
| options.filterQuery.pagination.sortOption.reversed | - | null | ||
| options.filterQuery.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| options.filterQuery.pagination.sortOption.aggregateBy.distinct | - | null |
12.1.4.3. Return Type
12.1.4.4. Content Type
- application/json
12.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
12.1.4.6. Samples
12.1.5. GetCollectionCount
GET /v1/collectionscount
12.1.5.1. Description
12.1.5.2. Parameters
12.1.5.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query.query | - | null | ||
| query.pagination.limit | - | null | ||
| query.pagination.offset | - | null | ||
| query.pagination.sortOption.field | - | null | ||
| query.pagination.sortOption.reversed | - | null | ||
| query.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| query.pagination.sortOption.aggregateBy.distinct | - | null |
12.1.5.3. Return Type
12.1.5.4. Content Type
- application/json
12.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
12.1.5.6. Samples
12.1.6. ListCollectionSelectors
GET /v1/collections/selectors
12.1.6.1. Description
12.1.6.2. Parameters
12.1.6.3. Return Type
12.1.6.4. Content Type
- application/json
12.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
12.1.6.6. Samples
12.1.7. ListCollections
GET /v1/collections
12.1.7.1. Description
12.1.7.2. Parameters
12.1.7.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query.query | - | null | ||
| query.pagination.limit | - | null | ||
| query.pagination.offset | - | null | ||
| query.pagination.sortOption.field | - | null | ||
| query.pagination.sortOption.reversed | - | null | ||
| query.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| query.pagination.sortOption.aggregateBy.distinct | - | null |
12.1.7.3. Return Type
12.1.7.4. Content Type
- application/json
12.1.7.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
12.1.7.6. Samples
12.1.8. UpdateCollection
PATCH /v1/collections/{id}
12.1.8.1. Description
12.1.8.2. Parameters
12.1.8.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
12.1.8.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
12.1.8.3. Return Type
12.1.8.4. Content Type
- application/json
12.1.8.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
12.1.8.6. Samples
Chapter 13. Compliance Integration Service
13.1. Compliance Integration Service
13.1.1. ListComplianceIntegrations
GET /v2/compliance/integrations
ListComplianceIntegrations lists all the compliance operator metadata for the secured clusters
13.1.1.1. Description
13.1.1.2. Parameters
13.1.1.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
13.1.1.3. Return Type
13.1.1.4. Content Type
- application/json
13.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
13.1.1.6. Samples
Chapter 14. Compliance Management Service
14.1. Compliance Management Service
14.1.1. GetRecentRuns
GET /v1/complianceManagement/runs
14.1.1.1. Description
14.1.1.2. Parameters
14.1.1.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| clusterId | - | null | ||
| standardId | - | null | ||
| since | - | null |
14.1.1.3. Return Type
14.1.1.4. Content Type
- application/json
14.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
14.1.1.6. Samples
14.1.2. GetRunStatuses
GET /v1/compliancemanagement/runstatuses
14.1.2.1. Description
14.1.2.2. Parameters
14.1.2.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| runIds |
| - | null | |
| latest | - | null |
14.1.2.3. Return Type
14.1.2.4. Content Type
- application/json
14.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
14.1.2.6. Samples
14.1.3. TriggerRuns
POST /v1/compliancemanagement/runs
14.1.3.1. Description
14.1.3.2. Parameters
14.1.3.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
14.1.3.3. Return Type
14.1.3.4. Content Type
- application/json
14.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
14.1.3.6. Samples
Chapter 15. Compliance Profile Service
15.1. Compliance Profile Service
15.1.1. GetComplianceProfile
GET /v2/compliance/profile/{id}
GetComplianceProfile retrieves the specified compliance profile
15.1.1.1. Description
15.1.1.2. Parameters
15.1.1.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
15.1.1.3. Return Type
15.1.1.4. Content Type
- application/json
15.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
15.1.1.6. Samples
15.1.2. ListComplianceProfiles
GET /v2/compliance/profiles/cluster
ListComplianceProfiles returns profiles matching given request
15.1.2.1. Description
15.1.2.2. Parameters
15.1.2.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| clusterId | - | null | ||
| query.query | - | null | ||
| query.pagination.limit | - | null | ||
| query.pagination.offset | - | null | ||
| query.pagination.sortOption.field | - | null | ||
| query.pagination.sortOption.reversed | - | null | ||
| query.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| query.pagination.sortOption.aggregateBy.distinct | - | null |
15.1.2.3. Return Type
15.1.2.4. Content Type
- application/json
15.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
15.1.2.6. Samples
15.1.3. ListProfileSummaries
GET /v2/compliance/profiles/summary
ListProfileSummaries returns profiles matching each cluster and the given query
15.1.3.1. Description
15.1.3.2. Parameters
15.1.3.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| clusterIds |
| - | null | |
| query.query | - | null | ||
| query.pagination.limit | - | null | ||
| query.pagination.offset | - | null | ||
| query.pagination.sortOption.field | - | null | ||
| query.pagination.sortOption.reversed | - | null | ||
| query.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| query.pagination.sortOption.aggregateBy.distinct | - | null |
15.1.3.3. Return Type
15.1.3.4. Content Type
- application/json
15.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
15.1.3.6. Samples
Chapter 16. Compliance Results Service
16.1. Compliance Results Service
16.1.1. GetComplianceProfileCheckDetails
GET /v2/compliance/scan/results/profiles/{profileName}/checks/{checkName}/details
GetComplianceProfileCheckDetails
16.1.1.1. Description
16.1.1.2. Parameters
16.1.1.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| profileName | X | null | ||
| checkName | X | null |
16.1.1.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query.query | - | null | ||
| query.pagination.limit | - | null | ||
| query.pagination.offset | - | null | ||
| query.pagination.sortOption.field | - | null | ||
| query.pagination.sortOption.reversed | - | null | ||
| query.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| query.pagination.sortOption.aggregateBy.distinct | - | null |
16.1.1.3. Return Type
16.1.1.4. Content Type
- application/json
16.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
16.1.1.6. Samples
16.1.2. GetComplianceProfileCheckResult
GET /v2/compliance/scan/results/profiles/{profileName}/checks/{checkName}
GetComplianceProfileCheckResult lists status of a check per cluster
16.1.2.1. Description
16.1.2.2. Parameters
16.1.2.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| profileName | X | null | ||
| checkName | X | null |
16.1.2.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query.query | - | null | ||
| query.pagination.limit | - | null | ||
| query.pagination.offset | - | null | ||
| query.pagination.sortOption.field | - | null | ||
| query.pagination.sortOption.reversed | - | null | ||
| query.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| query.pagination.sortOption.aggregateBy.distinct | - | null |
16.1.2.3. Return Type
16.1.2.4. Content Type
- application/json
16.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
16.1.2.6. Samples
16.1.3. GetComplianceProfileClusterResults
GET /v2/compliance/scan/results/profiles/{profileName}/clusters/{clusterId}
GetComplianceProfileClusterResults lists check results for a specific profile on a specific cluster
16.1.3.1. Description
16.1.3.2. Parameters
16.1.3.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| profileName | X | null | ||
| clusterId | X | null |
16.1.3.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query.query | - | null | ||
| query.pagination.limit | - | null | ||
| query.pagination.offset | - | null | ||
| query.pagination.sortOption.field | - | null | ||
| query.pagination.sortOption.reversed | - | null | ||
| query.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| query.pagination.sortOption.aggregateBy.distinct | - | null |
16.1.3.3. Return Type
16.1.3.4. Content Type
- application/json
16.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
16.1.3.6. Samples
16.1.4. GetComplianceProfileResults
GET /v2/compliance/scan/results/profiles/{profileName}/checks
GetComplianceProfileResults retrieves the most recent compliance operator scan results for the specified query Optional RawQuery query fields can be combined.
16.1.4.1. Description
16.1.4.2. Parameters
16.1.4.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| profileName | X | null |
16.1.4.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query.query | - | null | ||
| query.pagination.limit | - | null | ||
| query.pagination.offset | - | null | ||
| query.pagination.sortOption.field | - | null | ||
| query.pagination.sortOption.reversed | - | null | ||
| query.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| query.pagination.sortOption.aggregateBy.distinct | - | null |
16.1.4.3. Return Type
16.1.4.4. Content Type
- application/json
16.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
16.1.4.6. Samples
16.1.5. GetComplianceScanCheckResult
GET /v2/compliance/scan/result/{id}
GetComplianceScanCheckResult returns the specific result by ID
16.1.5.1. Description
16.1.5.2. Parameters
16.1.5.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
16.1.5.3. Return Type
16.1.5.4. Content Type
- application/json
16.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
16.1.5.6. Samples
16.1.6. GetComplianceScanConfigurationResults
GET /v2/compliance/scan/results/{scanConfigName}
GetComplianceScanConfigurationResults retrieves the most recent compliance operator scan results for the specified query Optional RawQuery query fields can be combined.
16.1.6.1. Description
16.1.6.2. Parameters
16.1.6.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| scanConfigName | X | null |
16.1.6.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query.query | - | null | ||
| query.pagination.limit | - | null | ||
| query.pagination.offset | - | null | ||
| query.pagination.sortOption.field | - | null | ||
| query.pagination.sortOption.reversed | - | null | ||
| query.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| query.pagination.sortOption.aggregateBy.distinct | - | null |
16.1.6.3. Return Type
16.1.6.4. Content Type
- application/json
16.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
16.1.6.6. Samples
16.1.7. GetComplianceScanResults
GET /v2/compliance/scan/results
GetComplianceScanResults retrieves the most recent compliance operator scan results for the specified query Optional RawQuery query fields can be combined. Commonly used ones include but are not limited to - scan: id(s) of the compliance scan - cluster: id(s) of the cluster - profile: id(s) of the profile
16.1.7.1. Description
16.1.7.2. Parameters
16.1.7.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
16.1.7.3. Return Type
16.1.7.4. Content Type
- application/json
16.1.7.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
16.1.7.6. Samples
Chapter 17. Compliance Results Stats Service
17.1. Compliance Results Stats Service
17.1.1. GetComplianceClusterScanStats
GET /v2/compliance/stats/configurations/clusters/{clusterId}
GetComplianceClusterScanStats lists the current scan stats for a cluster for each scan configuration
17.1.1.1. Description
17.1.1.2. Parameters
17.1.1.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| clusterId | X | null |
17.1.1.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query.query | - | null | ||
| query.pagination.limit | - | null | ||
| query.pagination.offset | - | null | ||
| query.pagination.sortOption.field | - | null | ||
| query.pagination.sortOption.reversed | - | null | ||
| query.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| query.pagination.sortOption.aggregateBy.distinct | - | null |
17.1.1.3. Return Type
17.1.1.4. Content Type
- application/json
17.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
17.1.1.6. Samples
17.1.2. GetComplianceClusterStats
GET /v2/compliance/scan/stats/profiles/{profileName}/clusters
17.1.2.1. Description
17.1.2.2. Parameters
17.1.2.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| profileName | X | null |
17.1.2.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query.query | - | null | ||
| query.pagination.limit | - | null | ||
| query.pagination.offset | - | null | ||
| query.pagination.sortOption.field | - | null | ||
| query.pagination.sortOption.reversed | - | null | ||
| query.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| query.pagination.sortOption.aggregateBy.distinct | - | null |
17.1.2.3. Return Type
17.1.2.4. Content Type
- application/json
17.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
17.1.2.6. Samples
17.1.3. GetComplianceOverallClusterStats
GET /v2/compliance/scan/stats/overall/cluster
Deprecated in favor of GetComplianceClusterStats
17.1.3.1. Description
17.1.3.2. Parameters
17.1.3.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
17.1.3.3. Return Type
17.1.3.4. Content Type
- application/json
17.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
17.1.3.6. Samples
17.1.4. GetComplianceProfileCheckStats
GET /v2/compliance/scan/stats/profiles/{profileName}/checks/{checkName}
GetComplianceProfileCheckStats lists current stats for a specific cluster check
17.1.4.1. Description
17.1.4.2. Parameters
17.1.4.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| profileName | X | null | ||
| checkName | X | null |
17.1.4.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query.query | - | null | ||
| query.pagination.limit | - | null | ||
| query.pagination.offset | - | null | ||
| query.pagination.sortOption.field | - | null | ||
| query.pagination.sortOption.reversed | - | null | ||
| query.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| query.pagination.sortOption.aggregateBy.distinct | - | null |
17.1.4.3. Return Type
17.1.4.4. Content Type
- application/json
17.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
17.1.4.6. Samples
17.1.5. GetComplianceProfileStats
GET /v2/compliance/scan/stats/profiles/{profileName}
GetComplianceProfileStats lists current scan stats grouped by profile Optional RawQuery query fields can be combined. Commonly used ones include but are not limited to - scan: id(s) of the compliance scan - cluster: id(s) of the cluster - profile: id(s) of the profile
17.1.5.1. Description
17.1.5.2. Parameters
17.1.5.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| profileName | X | null |
17.1.5.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query.query | - | null | ||
| query.pagination.limit | - | null | ||
| query.pagination.offset | - | null | ||
| query.pagination.sortOption.field | - | null | ||
| query.pagination.sortOption.reversed | - | null | ||
| query.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| query.pagination.sortOption.aggregateBy.distinct | - | null |
17.1.5.3. Return Type
17.1.5.4. Content Type
- application/json
17.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
17.1.5.6. Samples
17.1.6. GetComplianceProfilesClusterStats
GET /v2/compliance/scan/stats/profiles/clusters/{clusterId}
GetComplianceProfilesClusterStats lists cluster stats grouped by profile
17.1.6.1. Description
17.1.6.2. Parameters
17.1.6.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| clusterId | X | null |
17.1.6.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query.query | - | null | ||
| query.pagination.limit | - | null | ||
| query.pagination.offset | - | null | ||
| query.pagination.sortOption.field | - | null | ||
| query.pagination.sortOption.reversed | - | null | ||
| query.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| query.pagination.sortOption.aggregateBy.distinct | - | null |
17.1.6.3. Return Type
17.1.6.4. Content Type
- application/json
17.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
17.1.6.6. Samples
17.1.7. GetComplianceProfilesStats
GET /v2/compliance/scan/stats/profiles
GetComplianceProfileScanStats lists current scan stats grouped by profile Optional RawQuery query fields can be combined. Commonly used ones include but are not limited to - scan: id(s) of the compliance scan - cluster: id(s) of the cluster - profile: id(s) of the profile
17.1.7.1. Description
17.1.7.2. Parameters
17.1.7.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
17.1.7.3. Return Type
17.1.7.4. Content Type
- application/json
17.1.7.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
17.1.7.6. Samples
Chapter 18. Compliance Rule Service
18.1. Compliance Rule Service
18.1.1. GetComplianceRule
GET /v2/compliance/rule/summary/{ruleName}
GetComplianceRule returns rule matching given request
18.1.1.1. Description
18.1.1.2. Parameters
18.1.1.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| ruleName | X | null |
18.1.1.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query.query | - | null | ||
| query.pagination.limit | - | null | ||
| query.pagination.offset | - | null | ||
| query.pagination.sortOption.field | - | null | ||
| query.pagination.sortOption.reversed | - | null | ||
| query.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| query.pagination.sortOption.aggregateBy.distinct | - | null |
18.1.1.3. Return Type
18.1.1.4. Content Type
- application/json
18.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
18.1.1.6. Samples
Chapter 19. Compliance Scan Configuration Service
19.1. Compliance Scan Configuration Service
19.1.1. CreateComplianceScanConfiguration
POST /v2/compliance/scan/configurations
CreateComplianceScanConfiguration creates a compliance scan configuration
19.1.1.1. Description
19.1.1.2. Parameters
19.1.1.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
19.1.1.3. Return Type
19.1.1.4. Content Type
- application/json
19.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
19.1.1.6. Samples
19.1.2. DeleteComplianceScanConfiguration
DELETE /v2/compliance/scan/configurations/{id}
DeleteComplianceScanConfiguration removes the compliance scan configuration with given Name
19.1.2.1. Description
19.1.2.2. Parameters
19.1.2.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
19.1.2.3. Return Type
Object
19.1.2.4. Content Type
- application/json
19.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
19.1.2.6. Samples
19.1.3. DeleteReport
DELETE /v2/compliance/scan/configurations/reports/{id}
DeleteReport deletes a given snapshot (scan execution).
19.1.3.1. Description
19.1.3.2. Parameters
19.1.3.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
19.1.3.3. Return Type
Object
19.1.3.4. Content Type
- application/json
19.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
19.1.3.6. Samples
19.1.4. GetComplianceScanConfiguration
GET /v2/compliance/scan/configurations/{id}
GetComplianceScanConfiguration retrieves the specified compliance scan configurations
19.1.4.1. Description
19.1.4.2. Parameters
19.1.4.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
19.1.4.3. Return Type
19.1.4.4. Content Type
- application/json
19.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
19.1.4.6. Samples
19.1.5. GetMyReportHistory
GET /v2/compliance/scan/configurations/{id}/reports/my-history
GetMyReportHistory returns a list of snapshots (scan executions) executed by the current user from a given scan configuration.
19.1.5.1. Description
19.1.5.2. Parameters
19.1.5.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
19.1.5.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| reportParamQuery.query | - | null | ||
| reportParamQuery.pagination.limit | - | null | ||
| reportParamQuery.pagination.offset | - | null | ||
| reportParamQuery.pagination.sortOption.field | - | null | ||
| reportParamQuery.pagination.sortOption.reversed | - | null | ||
| reportParamQuery.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| reportParamQuery.pagination.sortOption.aggregateBy.distinct | - | null |
19.1.5.3. Return Type
19.1.5.4. Content Type
- application/json
19.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
19.1.5.6. Samples
19.1.6. GetReportHistory
GET /v2/compliance/scan/configurations/{id}/reports/history
GetReportHistory returns a list of snapshots (scan executions) from a given scan configuration.
19.1.6.1. Description
19.1.6.2. Parameters
19.1.6.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
19.1.6.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| reportParamQuery.query | - | null | ||
| reportParamQuery.pagination.limit | - | null | ||
| reportParamQuery.pagination.offset | - | null | ||
| reportParamQuery.pagination.sortOption.field | - | null | ||
| reportParamQuery.pagination.sortOption.reversed | - | null | ||
| reportParamQuery.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| reportParamQuery.pagination.sortOption.aggregateBy.distinct | - | null |
19.1.6.3. Return Type
19.1.6.4. Content Type
- application/json
19.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
19.1.6.6. Samples
19.1.7. ListComplianceScanConfigClusterProfiles
GET /v2/compliance/scan/configurations/clusters/{clusterId}/profiles/collection
GetComplianceScanConfiguration retrieves the specified compliance scan configurations
19.1.7.1. Description
19.1.7.2. Parameters
19.1.7.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| clusterId | X | null |
19.1.7.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query.query | - | null | ||
| query.pagination.limit | - | null | ||
| query.pagination.offset | - | null | ||
| query.pagination.sortOption.field | - | null | ||
| query.pagination.sortOption.reversed | - | null | ||
| query.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| query.pagination.sortOption.aggregateBy.distinct | - | null |
19.1.7.3. Return Type
19.1.7.4. Content Type
- application/json
19.1.7.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
19.1.7.6. Samples
19.1.8. ListComplianceScanConfigProfiles
GET /v2/compliance/scan/configurations/profiles/collection
ListComplianceScanConfigurations lists all the compliance operator scan configurations for the secured clusters
19.1.8.1. Description
19.1.8.2. Parameters
19.1.8.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
19.1.8.3. Return Type
19.1.8.4. Content Type
- application/json
19.1.8.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
19.1.8.6. Samples
19.1.9. ListComplianceScanConfigurations
GET /v2/compliance/scan/configurations
ListComplianceScanConfigurations lists all the compliance operator scan configurations for the secured clusters
19.1.9.1. Description
19.1.9.2. Parameters
19.1.9.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
19.1.9.3. Return Type
19.1.9.4. Content Type
- application/json
19.1.9.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
19.1.9.6. Samples
19.1.10. RunComplianceScanConfiguration
POST /v2/compliance/scan/configurations/{id}/run
RunComplianceScanConfiguration launches scan for the specified scan configuration, which will invoke scans to run for the applicable profiles across the configured clusters.
19.1.10.1. Description
19.1.10.2. Parameters
19.1.10.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
19.1.10.3. Return Type
Object
19.1.10.4. Content Type
- application/json
19.1.10.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
19.1.10.6. Samples
19.1.11. RunReport
POST /v2/compliance/scan/configurations/reports/run
RunReport runs an on demand compliance report for the scan configuration
19.1.11.1. Description
19.1.11.2. Parameters
19.1.11.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
19.1.11.3. Return Type
19.1.11.4. Content Type
- application/json
19.1.11.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
19.1.11.6. Samples
19.1.12. UpdateComplianceScanConfiguration
PUT /v2/compliance/scan/configurations/{id}
UpdateComplianceScanConfiguration updates a compliance scan configuration
19.1.12.1. Description
19.1.12.2. Parameters
19.1.12.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
19.1.12.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | ComplianceScanConfigurationServiceUpdateComplianceScanConfigurationBody | X |
19.1.12.3. Return Type
Object
19.1.12.4. Content Type
- application/json
19.1.12.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
19.1.12.6. Samples
Chapter 20. Compliance Service
20.1. Compliance Service
20.1.1. GetAggregatedResults
GET /v1/compliance/aggregatedresults
20.1.1.1. Description
20.1.1.2. Parameters
20.1.1.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| groupBy |
| - | null | |
| unit | - | UNKNOWN | ||
| where.query | - | null | ||
| where.pagination.limit | - | null | ||
| where.pagination.offset | - | null | ||
| where.pagination.sortOption.field | - | null | ||
| where.pagination.sortOption.reversed | - | null | ||
| where.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| where.pagination.sortOption.aggregateBy.distinct | - | null |
20.1.1.3. Return Type
20.1.1.4. Content Type
- application/json
20.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
20.1.1.6. Samples
20.1.2. GetRunResults
GET /v1/compliance/runresults
20.1.2.1. Description
20.1.2.2. Parameters
20.1.2.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| clusterId | - | null | ||
| standardId | - | null | ||
| runId | Specifies the run ID for which to return results. If empty, the most recent run is returned. CAVEAT: Setting this field circumvents the results cache on the server-side, which may lead to significantly increased memory pressure and decreased performance. | - | null |
20.1.2.3. Return Type
20.1.2.4. Content Type
- application/json
20.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
20.1.2.6. Samples
20.1.3. GetStandard
GET /v1/compliance/standards/{id}
20.1.3.1. Description
20.1.3.2. Parameters
20.1.3.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
20.1.3.3. Return Type
20.1.3.4. Content Type
- application/json
20.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
20.1.3.6. Samples
20.1.4. GetStandards
GET /v1/compliance/standards
20.1.4.1. Description
20.1.4.2. Parameters
20.1.4.3. Return Type
20.1.4.4. Content Type
- application/json
20.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
20.1.4.6. Samples
20.1.5. UpdateComplianceStandardConfig
PATCH /v1/compliance/standards/{id}
20.1.5.1. Description
20.1.5.2. Parameters
20.1.5.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
20.1.5.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
20.1.5.3. Return Type
Object
20.1.5.4. Content Type
- application/json
20.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
20.1.5.6. Samples
Chapter 21. Config Service
21.1. Config Service
21.1.1. GetConfig
GET /v1/config
21.1.1.1. Description
21.1.1.2. Parameters
21.1.1.3. Return Type
21.1.1.4. Content Type
- application/json
21.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
21.1.1.6. Samples
21.1.2. GetDefaultRedHatLayeredProductsRegex
GET /v1/config/platformcomponent/rhlp/default
GetDefaultRedHatLayeredProductsRegex returns a static string containing the default Red Hat Layered Products regex.
21.1.2.1. Description
21.1.2.2. Parameters
21.1.2.3. Return Type
21.1.2.4. Content Type
- application/json
21.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
21.1.2.6. Samples
21.1.3. GetPlatformComponentConfig
GET /v1/config/platformcomponent
21.1.3.1. Description
21.1.3.2. Parameters
21.1.3.3. Return Type
21.1.3.4. Content Type
- application/json
21.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
21.1.3.6. Samples
21.1.4. GetPrivateConfig
GET /v1/config/private
21.1.4.1. Description
21.1.4.2. Parameters
21.1.4.3. Return Type
21.1.4.4. Content Type
- application/json
21.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
21.1.4.6. Samples
21.1.5. GetPublicConfig
GET /v1/config/public
21.1.5.1. Description
21.1.5.2. Parameters
21.1.5.3. Return Type
21.1.5.4. Content Type
- application/json
21.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
21.1.5.6. Samples
21.1.6. GetVulnerabilityExceptionConfig
GET /v1/config/private/exception/vulnerabilities
21.1.6.1. Description
21.1.6.2. Parameters
21.1.6.3. Return Type
21.1.6.4. Content Type
- application/json
21.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
21.1.6.6. Samples
21.1.7. PutConfig
PUT /v1/config
21.1.7.1. Description
21.1.7.2. Parameters
21.1.7.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
21.1.7.3. Return Type
21.1.7.4. Content Type
- application/json
21.1.7.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
21.1.7.6. Samples
21.1.8. UpdatePlatformComponentConfig
PUT /v1/config/platformcomponent
21.1.8.1. Description
21.1.8.2. Parameters
21.1.8.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
21.1.8.3. Return Type
21.1.8.4. Content Type
- application/json
21.1.8.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
21.1.8.6. Samples
21.1.9. UpdateVulnerabilityExceptionConfig
PUT /v1/config/private/exception/vulnerabilities
21.1.9.1. Description
21.1.9.2. Parameters
21.1.9.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
21.1.9.3. Return Type
21.1.9.4. Content Type
- application/json
21.1.9.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
21.1.9.6. Samples
Chapter 22. Credential Expiry Service
22.1. Credential Expiry Service
22.1.1. GetCertExpiry
GET /v1/credentialexpiry
GetCertExpiry returns information related to the expiry component mTLS certificate.
22.1.1.1. Description
22.1.1.2. Parameters
22.1.1.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| component | - | UNKNOWN |
22.1.1.3. Return Type
22.1.1.4. Content Type
- application/json
22.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
22.1.1.6. Samples
Chapter 23. DBService
23.1. D B Service
23.1.1. CancelRestoreProcess
DELETE /v1/db/restore/{id}
23.1.1.1. Description
23.1.1.2. Parameters
23.1.1.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
23.1.1.3. Return Type
Object
23.1.1.4. Content Type
- application/json
23.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
23.1.1.6. Samples
23.1.2. GetActiveRestoreProcess
GET /v1/db/restore
23.1.2.1. Description
23.1.2.2. Parameters
23.1.2.3. Return Type
23.1.2.4. Content Type
- application/json
23.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
23.1.2.6. Samples
23.1.3. GetExportCapabilities
GET /v1/db/exportcaps
23.1.3.1. Description
23.1.3.2. Parameters
23.1.3.3. Return Type
23.1.3.4. Content Type
- application/json
23.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
23.1.3.6. Samples
23.1.4. InterruptRestoreProcess
POST /v1/db/interruptrestore/{processId}/{attemptId}
23.1.4.1. Description
23.1.4.2. Parameters
23.1.4.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| processId | X | null | ||
| attemptId | X | null |
23.1.4.3. Return Type
23.1.4.4. Content Type
- application/json
23.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
23.1.4.6. Samples
Chapter 24. Debug Service
24.1. Debug Service
24.1.1. GetLogLevel
GET /v1/debug/loglevel
Get the current logging level for StackRox services.
24.1.1.1. Description
24.1.1.2. Parameters
24.1.1.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| modules |
| - | null |
24.1.1.3. Return Type
24.1.1.4. Content Type
- application/json
24.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
24.1.1.6. Samples
24.1.2. ResetDBStats
POST /v1/debug/db/stats/reset
Reset database debugging statistics.
24.1.2.1. Description
24.1.2.2. Parameters
24.1.2.3. Return Type
Object
24.1.2.4. Content Type
- application/json
24.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
24.1.2.6. Samples
24.1.3. SetLogLevel
PATCH /v1/debug/loglevel
Set logging level for StackRox services.
24.1.3.1. Description
24.1.3.2. Parameters
24.1.3.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
24.1.3.3. Return Type
Object
24.1.3.4. Content Type
- application/json
24.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
24.1.3.6. Samples
24.1.4. StreamAuthzTraces
GET /v1/debug/authz/trace
Stream authorization traces for all incoming requests.
24.1.4.1. Description
24.1.4.2. Parameters
24.1.4.3. Return Type
Stream result of v1AuthorizationTraceResponse.
24.1.4.4. Content Type
- application/json
24.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response.(streaming responses) | Stream result of v1AuthorizationTraceResponse. |
| 0 | An unexpected error response. |
24.1.4.6. Samples
Chapter 25. Declarative Config Health Service
25.1. Declarative Config Health Service
25.1.1. GetDeclarativeConfigHealths
GET /v1/declarative-config/health
25.1.1.1. Description
25.1.1.2. Parameters
25.1.1.3. Return Type
25.1.1.4. Content Type
- application/json
25.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
25.1.1.6. Samples
Chapter 26. Delegated Registry Config Service
26.1. Delegated Registry Config Service
26.1.1. GetClusters
GET /v1/delegatedregistryconfig/clusters
GetClusters returns the list of clusters (id + name) and a flag indicating whether or not the cluster is valid for use in the delegated registry config
26.1.1.1. Description
26.1.1.2. Parameters
26.1.1.3. Return Type
26.1.1.4. Content Type
- application/json
26.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
26.1.1.6. Samples
26.1.2. GetConfig
GET /v1/delegatedregistryconfig
GetConfig returns the current delegated registry configuration
26.1.2.1. Description
26.1.2.2. Parameters
26.1.2.3. Return Type
26.1.2.4. Content Type
- application/json
26.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
26.1.2.6. Samples
26.1.3. UpdateConfig
PUT /v1/delegatedregistryconfig
UpdateConfig updates the stored delegated registry configuration
26.1.3.1. Description
26.1.3.2. Parameters
26.1.3.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | DelegatedRegistryConfig determines if and where scan requests are delegated to, such as kept in central services or sent to particular secured clusters. V1DelegatedRegistryConfig | X |
26.1.3.3. Return Type
26.1.3.4. Content Type
- application/json
26.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
26.1.3.6. Samples
Chapter 27. Deployment Service
27.1. Deployment Service
27.1.1. CountDeployments
GET /v1/deploymentscount
CountDeployments returns the number of deployments.
27.1.1.1. Description
27.1.1.2. Parameters
27.1.1.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
27.1.1.3. Return Type
27.1.1.4. Content Type
- application/json
27.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
27.1.1.6. Samples
27.1.2. ExportDeployments
GET /v1/export/deployments
27.1.2.1. Description
27.1.2.2. Parameters
27.1.2.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| timeout | - | null | ||
| query | - | null |
27.1.2.3. Return Type
Stream result of v1ExportDeploymentResponse.
27.1.2.4. Content Type
- application/json
27.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response.(streaming responses) | Stream result of v1ExportDeploymentResponse. |
| 0 | An unexpected error response. |
27.1.2.6. Samples
27.1.3. GetDeployment
GET /v1/deployments/{id}
GetDeployment returns a deployment given its ID.
27.1.3.1. Description
27.1.3.2. Parameters
27.1.3.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
27.1.3.3. Return Type
27.1.3.4. Content Type
- application/json
27.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
27.1.3.6. Samples
27.1.4. GetDeploymentWithRisk
GET /v1/deploymentswithrisk/{id}
GetDeploymentWithRisk returns a deployment and its risk given its ID.
27.1.4.1. Description
27.1.4.2. Parameters
27.1.4.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
27.1.4.3. Return Type
27.1.4.4. Content Type
- application/json
27.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
27.1.4.6. Samples
27.1.5. GetLabels
GET /v1/deployments/metadata/labels
GetLabels returns the labels used by deployments.
27.1.5.1. Description
27.1.5.2. Parameters
27.1.5.3. Return Type
27.1.5.4. Content Type
- application/json
27.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
27.1.5.6. Samples
27.1.6. ListDeployments
GET /v1/deployments
ListDeployments returns the list of deployments.
27.1.6.1. Description
27.1.6.2. Parameters
27.1.6.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
27.1.6.3. Return Type
27.1.6.4. Content Type
- application/json
27.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
27.1.6.6. Samples
27.1.7. ListDeploymentsWithProcessInfo
GET /v1/deploymentswithprocessinfo
ListDeploymentsWithProcessInfo returns the list of deployments with process information.
27.1.7.1. Description
27.1.7.2. Parameters
27.1.7.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
27.1.7.3. Return Type
27.1.7.4. Content Type
- application/json
27.1.7.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
27.1.7.6. Samples
Chapter 28. Detection Service
28.1. Detection Service
28.1.1. DetectBuildTime
POST /v1/detect/build
DetectBuildTime checks if any images violate build time policies.
28.1.1.1. Description
28.1.1.2. Parameters
28.1.1.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
28.1.1.3. Return Type
28.1.1.4. Content Type
- application/json
28.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
28.1.1.6. Samples
28.1.2. DetectDeployTime
POST /v1/detect/deploy
DetectDeployTime checks if any deployments violate deploy time policies.
28.1.2.1. Description
28.1.2.2. Parameters
28.1.2.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
28.1.2.3. Return Type
28.1.2.4. Content Type
- application/json
28.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
28.1.2.6. Samples
28.1.3. DetectDeployTimeFromYAML
POST /v1/detect/deploy/yaml
DetectDeployTimeFromYAML checks if the given deployment yaml violates any deploy time policies.
28.1.3.1. Description
28.1.3.2. Parameters
28.1.3.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
28.1.3.3. Return Type
28.1.3.4. Content Type
- application/json
28.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
28.1.3.6. Samples
Chapter 29. Discovered Clusters Service
29.1. Discovered Clusters Service
29.1.1. CountDiscoveredClusters
GET /v1/count/discovered-clusters
CountDiscoveredClusters returns the number of discovered clusters after filtering by requested fields.
29.1.1.1. Description
29.1.1.2. Parameters
29.1.1.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| filter.names |
Matches discovered clusters of specific names. | - | null | |
| filter.types |
Matches discovered clusters of specific types. | - | null | |
| filter.statuses |
Matches discovered clusters of specific statuses. - STATUS_UNSPECIFIED: The status of the cluster is unknown. May occur if a secured cluster is missing the metadata for a possible match. - STATUS_SECURED: The discovered cluster was matched with a secured cluster. - STATUS_UNSECURED: The discovered cluster was not matched with a secured cluster. | - | null | |
| filter.sourceIds |
Matches discovered clusters of specific cloud source IDs. | - | null |
29.1.1.3. Return Type
29.1.1.4. Content Type
- application/json
29.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
29.1.1.6. Samples
29.1.2. GetDiscoveredCluster
GET /v1/discovered-clusters/{id}
GetDiscoveredCluster retrieves a discovered cluster by ID.
29.1.2.1. Description
29.1.2.2. Parameters
29.1.2.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
29.1.2.3. Return Type
29.1.2.4. Content Type
- application/json
29.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
29.1.2.6. Samples
29.1.3. ListDiscoveredClusters
GET /v1/discovered-clusters
ListDiscoveredClusters returns the list of discovered clusters after filtered by requested fields.
29.1.3.1. Description
29.1.3.2. Parameters
29.1.3.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null | ||
| filter.names |
Matches discovered clusters of specific names. | - | null | |
| filter.types |
Matches discovered clusters of specific types. | - | null | |
| filter.statuses |
Matches discovered clusters of specific statuses. - STATUS_UNSPECIFIED: The status of the cluster is unknown. May occur if a secured cluster is missing the metadata for a possible match. - STATUS_SECURED: The discovered cluster was matched with a secured cluster. - STATUS_UNSECURED: The discovered cluster was not matched with a secured cluster. | - | null | |
| filter.sourceIds |
Matches discovered clusters of specific cloud source IDs. | - | null |
29.1.3.3. Return Type
29.1.3.4. Content Type
- application/json
29.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
29.1.3.6. Samples
Chapter 30. External Backup Service
30.1. External Backup Service
30.1.1. DeleteExternalBackup
DELETE /v1/externalbackups/{id}
DeleteExternalBackup removes an external backup configuration given its ID.
30.1.1.1. Description
30.1.1.2. Parameters
30.1.1.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
30.1.1.3. Return Type
Object
30.1.1.4. Content Type
- application/json
30.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
30.1.1.6. Samples
30.1.2. GetExternalBackup
GET /v1/externalbackups/{id}
GetExternalBackup returns the external backup configuration given its ID.
30.1.2.1. Description
30.1.2.2. Parameters
30.1.2.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
30.1.2.3. Return Type
30.1.2.4. Content Type
- application/json
30.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
30.1.2.6. Samples
30.1.3. GetExternalBackups
GET /v1/externalbackups
GetExternalBackups returns all external backup configurations.
30.1.3.1. Description
30.1.3.2. Parameters
30.1.3.3. Return Type
30.1.3.4. Content Type
- application/json
30.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
30.1.3.6. Samples
30.1.4. PostExternalBackup
POST /v1/externalbackups
PostExternalBackup creates an external backup configuration.
30.1.4.1. Description
30.1.4.2. Parameters
30.1.4.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
30.1.4.3. Return Type
30.1.4.4. Content Type
- application/json
30.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
30.1.4.6. Samples
30.1.5. PutExternalBackup
PUT /v1/externalbackups/{id}
PutExternalBackup modifies a given external backup, without using stored credential reconciliation.
30.1.5.1. Description
30.1.5.2. Parameters
30.1.5.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
30.1.5.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
30.1.5.3. Return Type
30.1.5.4. Content Type
- application/json
30.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
30.1.5.6. Samples
30.1.6. TestExternalBackup
POST /v1/externalbackups/test
TestExternalBackup tests an external backup configuration.
30.1.6.1. Description
30.1.6.2. Parameters
30.1.6.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
30.1.6.3. Return Type
Object
30.1.6.4. Content Type
- application/json
30.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
30.1.6.6. Samples
30.1.7. TestUpdatedExternalBackup
POST /v1/externalbackups/test/updated
TestUpdatedExternalBackup checks if the given external backup is correctly configured, with optional stored credential reconciliation.
30.1.7.1. Description
30.1.7.2. Parameters
30.1.7.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
30.1.7.3. Return Type
Object
30.1.7.4. Content Type
- application/json
30.1.7.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
30.1.7.6. Samples
30.1.8. TriggerExternalBackup
POST /v1/externalbackups/{id}
TriggerExternalBackup initiates an external backup for the given configuration.
30.1.8.1. Description
30.1.8.2. Parameters
30.1.8.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
30.1.8.3. Return Type
Object
30.1.8.4. Content Type
- application/json
30.1.8.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
30.1.8.6. Samples
30.1.9. UpdateExternalBackup
PATCH /v1/externalbackups/{externalBackup.id}
UpdateExternalBackup modifies a given external backup, with optional stored credential reconciliation.
30.1.9.1. Description
30.1.9.2. Parameters
30.1.9.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| externalBackup.id | X | null |
30.1.9.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
30.1.9.3. Return Type
30.1.9.4. Content Type
- application/json
30.1.9.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
30.1.9.6. Samples
Chapter 31. Feature Flag Service
31.1. Feature Flag Service
31.1.1. GetFeatureFlags
GET /v1/featureflags
31.1.1.1. Description
31.1.1.2. Parameters
31.1.1.3. Return Type
31.1.1.4. Content Type
- application/json
31.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
31.1.1.6. Samples
Chapter 32. Group Service
32.1. Group Service
32.1.1. BatchUpdate
POST /v1/groupsbatch
32.1.1.1. Description
32.1.1.2. Parameters
32.1.1.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
32.1.1.3. Return Type
Object
32.1.1.4. Content Type
- application/json
32.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
32.1.1.6. Samples
32.1.2. CreateGroup
POST /v1/groups
32.1.2.1. Description
32.1.2.2. Parameters
32.1.2.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | Group is a GroupProperties : Role mapping. StorageGroup | X |
32.1.2.3. Return Type
Object
32.1.2.4. Content Type
- application/json
32.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
32.1.2.6. Samples
32.1.3. DeleteGroup
DELETE /v1/groups
32.1.3.1. Description
32.1.3.2. Parameters
32.1.3.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| authProviderId | We copy over parameters from storage.GroupProperties for seamless HTTP API migration. | - | null | |
| key | - | null | ||
| value | - | null | ||
| id | - | null | ||
| force | - | null |
32.1.3.3. Return Type
Object
32.1.3.4. Content Type
- application/json
32.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
32.1.3.6. Samples
32.1.4. GetGroup
GET /v1/group
32.1.4.1. Description
32.1.4.2. Parameters
32.1.4.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | Unique identifier for group properties and respectively the group. | - | null | |
| traits.mutabilityMode | - | ALLOW_MUTATE | ||
| traits.visibility | - | VISIBLE | ||
| traits.origin | - | IMPERATIVE | ||
| authProviderId | - | null | ||
| key | - | null | ||
| value | - | null |
32.1.4.3. Return Type
32.1.4.4. Content Type
- application/json
32.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
32.1.4.6. Samples
32.1.5. GetGroups
GET /v1/groups
32.1.5.1. Description
32.1.5.2. Parameters
32.1.5.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| authProviderId | - | null | ||
| key | - | null | ||
| value | - | null | ||
| id | - | null |
32.1.5.3. Return Type
32.1.5.4. Content Type
- application/json
32.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
32.1.5.6. Samples
32.1.6. UpdateGroup
PUT /v1/groups
32.1.6.1. Description
32.1.6.2. Parameters
32.1.6.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| group | X |
32.1.6.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| force | - | null |
32.1.6.3. Return Type
Object
32.1.6.4. Content Type
- application/json
32.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
32.1.6.6. Samples
Chapter 33. GRPCPreferences Service
33.1. G R P C Preferences Service
33.1.1. Get
GET /v1/grpc-preferences
33.1.1.1. Description
33.1.1.2. Parameters
33.1.1.3. Return Type
33.1.1.4. Content Type
- application/json
33.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
33.1.1.6. Samples
Chapter 34. Image CVEService
34.1. Image C V E Service
34.1.1. SuppressCVEs
PATCH /v1/imagecves/suppress
SuppressCVE suppresses image cves.
34.1.1.1. Description
34.1.1.2. Parameters
34.1.1.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
34.1.1.3. Return Type
Object
34.1.1.4. Content Type
- application/json
34.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
34.1.1.6. Samples
34.1.2. UnsuppressCVEs
PATCH /v1/imagecves/unsuppress
UnsuppressCVE unsuppresses image cves.
34.1.2.1. Description
34.1.2.2. Parameters
34.1.2.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
34.1.2.3. Return Type
Object
34.1.2.4. Content Type
- application/json
34.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
34.1.2.6. Samples
Chapter 35. Image Integration Service
35.1. Image Integration Service
35.1.1. DeleteImageIntegration
DELETE /v1/imageintegrations/{id}
DeleteImageIntegration removes a image integration given its ID.
35.1.1.1. Description
35.1.1.2. Parameters
35.1.1.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
35.1.1.3. Return Type
Object
35.1.1.4. Content Type
- application/json
35.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
35.1.1.6. Samples
35.1.2. GetImageIntegration
GET /v1/imageintegrations/{id}
GetImageIntegration returns the image integration given its ID.
35.1.2.1. Description
35.1.2.2. Parameters
35.1.2.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
35.1.2.3. Return Type
35.1.2.4. Content Type
- application/json
35.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
35.1.2.6. Samples
35.1.3. GetImageIntegrations
GET /v1/imageintegrations
GetImageIntegrations returns all image integrations that match the request filters.
35.1.3.1. Description
35.1.3.2. Parameters
35.1.3.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| name | - | null | ||
| cluster | - | null |
35.1.3.3. Return Type
35.1.3.4. Content Type
- application/json
35.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
35.1.3.6. Samples
35.1.4. PostImageIntegration
POST /v1/imageintegrations
PostImageIntegration creates a image integration.
35.1.4.1. Description
35.1.4.2. Parameters
35.1.4.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
35.1.4.3. Return Type
35.1.4.4. Content Type
- application/json
35.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
35.1.4.6. Samples
35.1.5. PutImageIntegration
PUT /v1/imageintegrations/{id}
PutImageIntegration modifies a given image integration, without using stored credential reconciliation.
35.1.5.1. Description
35.1.5.2. Parameters
35.1.5.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
35.1.5.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
35.1.5.3. Return Type
Object
35.1.5.4. Content Type
- application/json
35.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
35.1.5.6. Samples
35.1.6. TestImageIntegration
POST /v1/imageintegrations/test
TestImageIntegration checks if the given image integration is correctly configured, without using stored credential reconciliation.
35.1.6.1. Description
35.1.6.2. Parameters
35.1.6.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
35.1.6.3. Return Type
Object
35.1.6.4. Content Type
- application/json
35.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
35.1.6.6. Samples
35.1.7. TestUpdatedImageIntegration
POST /v1/imageintegrations/test/updated
TestUpdatedImageIntegration checks if the given image integration is correctly configured, with optional stored credential reconciliation.
35.1.7.1. Description
35.1.7.2. Parameters
35.1.7.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
35.1.7.3. Return Type
Object
35.1.7.4. Content Type
- application/json
35.1.7.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
35.1.7.6. Samples
35.1.8. UpdateImageIntegration
PATCH /v1/imageintegrations/{config.id}
UpdateImageIntegration modifies a given image integration, with optional stored credential reconciliation.
35.1.8.1. Description
35.1.8.2. Parameters
35.1.8.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| config.id | X | null |
35.1.8.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
35.1.8.3. Return Type
Object
35.1.8.4. Content Type
- application/json
35.1.8.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
35.1.8.6. Samples
Chapter 36. Image Service
36.1. Image Service
36.1.1. GenerateSBOM
POST /api/v1/images/sbom
Generate an SPDX 2.3 SBOM from an image scan.
36.1.1.1. Description
36.1.1.2. Parameters
36.1.1.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
36.1.1.3. Return Type
36.1.1.4. Content Type
- application/json
36.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
36.1.1.6. Samples
36.1.2. CountImages
GET /v1/imagescount
CountImages returns a count of images that match the input query.
36.1.2.1. Description
36.1.2.2. Parameters
36.1.2.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
36.1.2.3. Return Type
36.1.2.4. Content Type
- application/json
36.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
36.1.2.6. Samples
36.1.3. DeleteImages
DELETE /v1/images
DeleteImage removes the images based on a query
36.1.3.1. Description
36.1.3.2. Parameters
36.1.3.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query.query | - | null | ||
| query.pagination.limit | - | null | ||
| query.pagination.offset | - | null | ||
| query.pagination.sortOption.field | - | null | ||
| query.pagination.sortOption.reversed | - | null | ||
| query.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| query.pagination.sortOption.aggregateBy.distinct | - | null | ||
| confirm | - | null |
36.1.3.3. Return Type
36.1.3.4. Content Type
- application/json
36.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
36.1.3.6. Samples
36.1.4. ExportImages
GET /v1/export/images
36.1.4.1. Description
36.1.4.2. Parameters
36.1.4.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| timeout | - | null | ||
| query | - | null |
36.1.4.3. Return Type
Stream result of v1ExportImageResponse.
36.1.4.4. Content Type
- application/json
36.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response.(streaming responses) | Stream result of v1ExportImageResponse. |
| 0 | An unexpected error response. |
36.1.4.6. Samples
36.1.5. GetImage
GET /v1/images/{id}
GetImage returns the image given its ID.
36.1.5.1. Description
36.1.5.2. Parameters
36.1.5.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
36.1.5.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| includeSnoozed | - | null | ||
| stripDescription | - | null |
36.1.5.3. Return Type
36.1.5.4. Content Type
- application/json
36.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
36.1.5.6. Samples
36.1.6. GetWatchedImages
GET /v1/watchedimages
GetWatchedImages returns the list of image names that are currently being watched.
36.1.6.1. Description
36.1.6.2. Parameters
36.1.6.3. Return Type
36.1.6.4. Content Type
- application/json
36.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
36.1.6.6. Samples
36.1.7. InvalidateScanAndRegistryCaches
GET /v1/images/cache/invalidate
InvalidateScanAndRegistryCaches removes the image metadata cache.
36.1.7.1. Description
36.1.7.2. Parameters
36.1.7.3. Return Type
Object
36.1.7.4. Content Type
- application/json
36.1.7.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
36.1.7.6. Samples
36.1.8. ListImages
GET /v1/images
ListImages returns all the images that match the input query.
36.1.8.1. Description
36.1.8.2. Parameters
36.1.8.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
36.1.8.3. Return Type
36.1.8.4. Content Type
- application/json
36.1.8.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
36.1.8.6. Samples
36.1.9. ScanImage
POST /v1/images/scan
ScanImage scans a single image and returns the result
36.1.9.1. Description
36.1.9.2. Parameters
36.1.9.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
36.1.9.3. Return Type
36.1.9.4. Content Type
- application/json
36.1.9.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
36.1.9.6. Samples
36.1.10. UnwatchImage
DELETE /v1/watchedimages
UnwatchImage marks an image name to no longer be watched. It returns successfully if the image is no longer being watched after the call, irrespective of whether the image was already being watched.
36.1.10.1. Description
36.1.10.2. Parameters
36.1.10.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| name | The name of the image to unwatch. Should match the name of a previously watched image. | - | null |
36.1.10.3. Return Type
Object
36.1.10.4. Content Type
- application/json
36.1.10.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
36.1.10.6. Samples
36.1.11. WatchImage
POST /v1/watchedimages
WatchImage marks an image name as to be watched.
36.1.11.1. Description
36.1.11.2. Parameters
36.1.11.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
36.1.11.3. Return Type
36.1.11.4. Content Type
- application/json
36.1.11.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
36.1.11.6. Samples
Chapter 37. Integration Health Service
37.1. Integration Health Service
37.1.1. GetBackupPlugins
GET /v1/integrationhealth/externalbackups
37.1.1.1. Description
37.1.1.2. Parameters
37.1.1.3. Return Type
37.1.1.4. Content Type
- application/json
37.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
37.1.1.6. Samples
37.1.2. GetDeclarativeConfigs
GET /v1/integrationhealth/declarativeconfigs
37.1.2.1. Description
37.1.2.2. Parameters
37.1.2.3. Return Type
37.1.2.4. Content Type
- application/json
37.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
37.1.2.6. Samples
37.1.3. GetImageIntegrations
GET /v1/integrationhealth/imageintegrations
37.1.3.1. Description
37.1.3.2. Parameters
37.1.3.3. Return Type
37.1.3.4. Content Type
- application/json
37.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
37.1.3.6. Samples
37.1.4. GetNotifiers
GET /v1/integrationhealth/notifiers
37.1.4.1. Description
37.1.4.2. Parameters
37.1.4.3. Return Type
37.1.4.4. Content Type
- application/json
37.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
37.1.4.6. Samples
37.1.5. GetVulnDefinitionsInfo
GET /v1/integrationhealth/vulndefinitions
37.1.5.1. Description
37.1.5.2. Parameters
37.1.5.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| component | - | SCANNER |
37.1.5.3. Return Type
37.1.5.4. Content Type
- application/json
37.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
37.1.5.6. Samples
Chapter 38. Listening Endpoints Service
38.1. Listening Endpoints Service
38.1.1. GetListeningEndpoints
GET /v1/listening_endpoints/deployment/{deploymentId}
GetListeningEndpoints returns the listening endpoints and the processes that opened them for a given deployment
38.1.1.1. Description
38.1.1.2. Parameters
38.1.1.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| deploymentId | X | null |
38.1.1.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
38.1.1.3. Return Type
38.1.1.4. Content Type
- application/json
38.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
38.1.1.6. Samples
Chapter 39. Metadata Service
39.1. Metadata Service
39.1.1. GetCentralCapabilities
GET /v1/central-capabilities
39.1.1.1. Description
39.1.1.2. Parameters
39.1.1.3. Return Type
39.1.1.4. Content Type
- application/json
39.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
39.1.1.6. Samples
39.1.2. GetDatabaseBackupStatus
GET /v1/backup/status
39.1.2.1. Description
39.1.2.2. Parameters
39.1.2.3. Return Type
39.1.2.4. Content Type
- application/json
39.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
39.1.2.6. Samples
39.1.3. GetDatabaseStatus
GET /v1/database/status
39.1.3.1. Description
39.1.3.2. Parameters
39.1.3.3. Return Type
39.1.3.4. Content Type
- application/json
39.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
39.1.3.6. Samples
39.1.4. GetMetadata
GET /v1/metadata
39.1.4.1. Description
39.1.4.2. Parameters
39.1.4.3. Return Type
39.1.4.4. Content Type
- application/json
39.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
39.1.4.6. Samples
39.1.5. TLSChallenge
GET /v1/tls-challenge
TLSChallenge
39.1.5.1. Description
Returns all trusted CAs, i.e., secret/additional-ca and Central’s cert chain. This is necessary if Central is running behind a load balancer with self-signed certificates. Does not require authentication.
39.1.5.2. Parameters
39.1.5.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| challengeToken | generated challenge token by the service asking for TLS certs | - | null |
39.1.5.3. Return Type
39.1.5.4. Content Type
- application/json
39.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
39.1.5.6. Samples
Chapter 40. Mitre Attack Service
40.1. Mitre Attack Service
40.1.1. GetMitreAttackVector
GET /v1/mitreattackvectors/{id}
GetMitreAttackVector returns the full MITRE ATT&CK vector for a tactic with all its techniques.
40.1.1.1. Description
40.1.1.2. Parameters
40.1.1.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
40.1.1.3. Return Type
40.1.1.4. Content Type
- application/json
40.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
40.1.1.6. Samples
40.1.2. ListMitreAttackVectors
GET /v1/mitreattackvectors
ListMitreAttackVectors returns all MITRE ATT&CK vectors.
40.1.2.1. Description
40.1.2.2. Parameters
40.1.2.3. Return Type
40.1.2.4. Content Type
- application/json
40.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
40.1.2.6. Samples
Chapter 41. Namespace Service
41.1. Namespace Service
41.1.1. GetNamespace
GET /v1/namespaces/{id}
41.1.1.1. Description
41.1.1.2. Parameters
41.1.1.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
41.1.1.3. Return Type
41.1.1.4. Content Type
- application/json
41.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
41.1.1.6. Samples
41.1.2. GetNamespaces
GET /v1/namespaces
41.1.2.1. Description
41.1.2.2. Parameters
41.1.2.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query.query | - | null | ||
| query.pagination.limit | - | null | ||
| query.pagination.offset | - | null | ||
| query.pagination.sortOption.field | - | null | ||
| query.pagination.sortOption.reversed | - | null | ||
| query.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| query.pagination.sortOption.aggregateBy.distinct | - | null |
41.1.2.3. Return Type
41.1.2.4. Content Type
- application/json
41.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
41.1.2.6. Samples
Chapter 42. Network Baseline Service
42.1. Network Baseline Service
42.1.1. GetNetworkBaseline
GET /v1/networkbaseline/{id}
42.1.1.1. Description
42.1.1.2. Parameters
42.1.1.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
42.1.1.3. Return Type
42.1.1.4. Content Type
- application/json
42.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
42.1.1.6. Samples
42.1.2. GetNetworkBaselineStatusForExternalFlows
GET /v1/networkbaseline/{deploymentId}/status/external
42.1.2.1. Description
42.1.2.2. Parameters
42.1.2.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| deploymentId | X | null |
42.1.2.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| since | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
42.1.2.3. Return Type
42.1.2.4. Content Type
- application/json
42.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
42.1.2.6. Samples
42.1.3. GetNetworkBaselineStatusForFlows
POST /v1/networkbaseline/{deploymentId}/status
42.1.3.1. Description
42.1.3.2. Parameters
42.1.3.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| deploymentId | X | null |
42.1.3.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
42.1.3.3. Return Type
42.1.3.4. Content Type
- application/json
42.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
42.1.3.6. Samples
42.1.4. LockNetworkBaseline
PATCH /v1/networkbaseline/{id}/lock
42.1.4.1. Description
42.1.4.2. Parameters
42.1.4.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
42.1.4.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body |
| X |
42.1.4.3. Return Type
Object
42.1.4.4. Content Type
- application/json
42.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
42.1.4.6. Samples
42.1.5. ModifyBaselineStatusForPeers
PATCH /v1/networkbaseline/{deploymentId}/peers
42.1.5.1. Description
42.1.5.2. Parameters
42.1.5.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| deploymentId | X | null |
42.1.5.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
42.1.5.3. Return Type
Object
42.1.5.4. Content Type
- application/json
42.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
42.1.5.6. Samples
42.1.6. UnlockNetworkBaseline
PATCH /v1/networkbaseline/{id}/unlock
42.1.6.1. Description
42.1.6.2. Parameters
42.1.6.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
42.1.6.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body |
| X |
42.1.6.3. Return Type
Object
42.1.6.4. Content Type
- application/json
42.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
42.1.6.6. Samples
Chapter 43. Network Graph Service
43.1. Network Graph Service
43.1.1. CreateExternalNetworkEntity
POST /v1/networkgraph/cluster/{clusterId}/externalentities
43.1.1.1. Description
43.1.1.2. Parameters
43.1.1.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| clusterId | X | null |
43.1.1.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
43.1.1.3. Return Type
43.1.1.4. Content Type
- application/json
43.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
43.1.1.6. Samples
43.1.2. DeleteExternalNetworkEntity
DELETE /v1/networkgraph/externalentities/{id}
43.1.2.1. Description
43.1.2.2. Parameters
43.1.2.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
43.1.2.3. Return Type
Object
43.1.2.4. Content Type
- application/json
43.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
43.1.2.6. Samples
43.1.3. GetExternalNetworkEntities
GET /v1/networkgraph/cluster/{clusterId}/externalentities
43.1.3.1. Description
43.1.3.2. Parameters
43.1.3.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| clusterId | X | null |
43.1.3.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null |
43.1.3.3. Return Type
43.1.3.4. Content Type
- application/json
43.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
43.1.3.6. Samples
43.1.4. GetExternalNetworkFlows
GET /v1/networkgraph/cluster/{clusterId}/externalentities/{entityId}/flows
43.1.4.1. Description
43.1.4.2. Parameters
43.1.4.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| clusterId | X | null | ||
| entityId | X | null |
43.1.4.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| since | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
43.1.4.3. Return Type
43.1.4.4. Content Type
- application/json
43.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
43.1.4.6. Samples
43.1.5. GetExternalNetworkFlowsMetadata
GET /v1/networkgraph/cluster/{clusterId}/externalentities/metadata
43.1.5.1. Description
43.1.5.2. Parameters
43.1.5.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| clusterId | X | null |
43.1.5.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| since | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
43.1.5.3. Return Type
43.1.5.4. Content Type
- application/json
43.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
43.1.5.6. Samples
43.1.6. GetNetworkGraph
GET /v1/networkgraph/cluster/{clusterId}
43.1.6.1. Description
43.1.6.2. Parameters
43.1.6.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| clusterId | X | null |
43.1.6.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| since | - | null | ||
| includePorts | - | null | ||
| scope.query | - | null | ||
| includePolicies | - | null |
43.1.6.3. Return Type
43.1.6.4. Content Type
- application/json
43.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
43.1.6.6. Samples
43.1.7. GetNetworkGraphConfig
GET /v1/networkgraph/config
43.1.7.1. Description
43.1.7.2. Parameters
43.1.7.3. Return Type
43.1.7.4. Content Type
- application/json
43.1.7.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
43.1.7.6. Samples
43.1.8. PatchExternalNetworkEntity
PATCH /v1/networkgraph/externalentities/{id}
43.1.8.1. Description
43.1.8.2. Parameters
43.1.8.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
43.1.8.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
43.1.8.3. Return Type
43.1.8.4. Content Type
- application/json
43.1.8.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
43.1.8.6. Samples
43.1.9. PutNetworkGraphConfig
PUT /v1/networkgraph/config
43.1.9.1. Description
43.1.9.2. Parameters
43.1.9.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
43.1.9.3. Return Type
43.1.9.4. Content Type
- application/json
43.1.9.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
43.1.9.6. Samples
Chapter 44. Network Policy Service
44.1. Network Policy Service
44.1.1. ApplyNetworkPolicy
POST /v1/networkpolicies/apply/{clusterId}
44.1.1.1. Description
44.1.1.2. Parameters
44.1.1.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| clusterId | X | null |
44.1.1.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| modification | X |
44.1.1.3. Return Type
Object
44.1.1.4. Content Type
- application/json
44.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
44.1.1.6. Samples
44.1.2. ApplyNetworkPolicyYamlForDeployment
POST /v1/networkpolicies/apply/deployment/{deploymentId}
44.1.2.1. Description
44.1.2.2. Parameters
44.1.2.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| deploymentId | X | null |
44.1.2.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
44.1.2.3. Return Type
Object
44.1.2.4. Content Type
- application/json
44.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
44.1.2.6. Samples
44.1.3. GenerateNetworkPolicies
GET /v1/networkpolicies/generate/{clusterId}
44.1.3.1. Description
44.1.3.2. Parameters
44.1.3.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| clusterId | X | null |
44.1.3.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| deleteExisting | - NONE: Do not delete any existing network policies. - GENERATED_ONLY: Delete any existing auto-generated network policies. - ALL: Delete all existing network policies in the respective namespace. | - | UNKNOWN | |
| networkDataSince | - | null | ||
| includePorts | - | null |
44.1.3.3. Return Type
44.1.3.4. Content Type
- application/json
44.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
44.1.3.6. Samples
44.1.4. GetAllowedPeersFromCurrentPolicyForDeployment
GET /v1/networkpolicies/allowedpeers/{id}
44.1.4.1. Description
44.1.4.2. Parameters
44.1.4.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
44.1.4.3. Return Type
44.1.4.4. Content Type
- application/json
44.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
44.1.4.6. Samples
44.1.5. GetBaselineGeneratedNetworkPolicyForDeployment
POST /v1/networkpolicies/generate/baseline/{deploymentId}
44.1.5.1. Description
44.1.5.2. Parameters
44.1.5.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| deploymentId | X | null |
44.1.5.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | NetworkPolicyServiceGetBaselineGeneratedNetworkPolicyForDeploymentBody | X |
44.1.5.3. Return Type
44.1.5.4. Content Type
- application/json
44.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
44.1.5.6. Samples
44.1.6. GetDiffFlowsBetweenPolicyAndBaselineForDeployment
GET /v1/networkpolicies/baselinecomparison/{id}
44.1.6.1. Description
44.1.6.2. Parameters
44.1.6.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
44.1.6.3. Return Type
44.1.6.4. Content Type
- application/json
44.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
44.1.6.6. Samples
44.1.7. GetDiffFlowsFromUndoModificationForDeployment
GET /v1/networkpolicies/undobaselinecomparison/{id}
44.1.7.1. Description
44.1.7.2. Parameters
44.1.7.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
44.1.7.3. Return Type
44.1.7.4. Content Type
- application/json
44.1.7.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
44.1.7.6. Samples
44.1.8. GetNetworkGraph
GET /v1/networkpolicies/cluster/{clusterId}
44.1.8.1. Description
44.1.8.2. Parameters
44.1.8.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| clusterId | X | null |
44.1.8.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| includePorts | If set to true, include port-level information in the network policy graph. | - | null | |
| scope.query | - | null |
44.1.8.3. Return Type
44.1.8.4. Content Type
- application/json
44.1.8.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
44.1.8.6. Samples
44.1.9. GetNetworkGraphEpoch
GET /v1/networkpolicies/graph/epoch
44.1.9.1. Description
44.1.9.2. Parameters
44.1.9.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| clusterId | - | null |
44.1.9.3. Return Type
44.1.9.4. Content Type
- application/json
44.1.9.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
44.1.9.6. Samples
44.1.10. GetNetworkPolicies
GET /v1/networkpolicies
44.1.10.1. Description
44.1.10.2. Parameters
44.1.10.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| clusterId | - | null | ||
| deploymentQuery | - | null | ||
| namespace | - | null |
44.1.10.3. Return Type
44.1.10.4. Content Type
- application/json
44.1.10.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
44.1.10.6. Samples
44.1.11. GetNetworkPolicy
GET /v1/networkpolicies/{id}
44.1.11.1. Description
44.1.11.2. Parameters
44.1.11.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
44.1.11.3. Return Type
44.1.11.4. Content Type
- application/json
44.1.11.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
44.1.11.6. Samples
44.1.12. GetUndoModification
GET /v1/networkpolicies/undo/{clusterId}
44.1.12.1. Description
44.1.12.2. Parameters
44.1.12.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| clusterId | X | null |
44.1.12.3. Return Type
44.1.12.4. Content Type
- application/json
44.1.12.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
44.1.12.6. Samples
44.1.13. GetUndoModificationForDeployment
GET /v1/networkpolicies/undo/deployment/{id}
44.1.13.1. Description
44.1.13.2. Parameters
44.1.13.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
44.1.13.3. Return Type
44.1.13.4. Content Type
- application/json
44.1.13.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
44.1.13.6. Samples
44.1.14. SendNetworkPolicyYAML
POST /v1/networkpolicies/simulate/{clusterId}/notify
44.1.14.1. Description
44.1.14.2. Parameters
44.1.14.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| clusterId | X | null |
44.1.14.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| modification | X |
44.1.14.2.3. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| notifierIds |
| - | null |
44.1.14.3. Return Type
Object
44.1.14.4. Content Type
- application/json
44.1.14.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
44.1.14.6. Samples
44.1.15. SimulateNetworkGraph
POST /v1/networkpolicies/simulate/{clusterId}
44.1.15.1. Description
44.1.15.2. Parameters
44.1.15.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| clusterId | X | null |
44.1.15.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| modification | X |
44.1.15.2.3. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| includePorts | If set to true, include port-level information in the network policy graph. | - | null | |
| includeNodeDiff | - | null | ||
| scope.query | - | null |
44.1.15.3. Return Type
44.1.15.4. Content Type
- application/json
44.1.15.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
44.1.15.6. Samples
Chapter 45. Node CVEService
45.1. Node C V E Service
45.1.1. SuppressCVEs
PATCH /v1/nodecves/suppress
SuppressCVE suppresses node cves.
45.1.1.1. Description
45.1.1.2. Parameters
45.1.1.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
45.1.1.3. Return Type
Object
45.1.1.4. Content Type
- application/json
45.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
45.1.1.6. Samples
45.1.2. UnsuppressCVEs
PATCH /v1/nodecves/unsuppress
UnsuppressCVE unsuppresses node cves.
45.1.2.1. Description
45.1.2.2. Parameters
45.1.2.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
45.1.2.3. Return Type
Object
45.1.2.4. Content Type
- application/json
45.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
45.1.2.6. Samples
Chapter 46. Node Service
46.1. Node Service
46.1.1. ExportNodes
GET /v1/export/nodes
46.1.1.1. Description
46.1.1.2. Parameters
46.1.1.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| timeout | - | null | ||
| query | - | null |
46.1.1.3. Return Type
Stream result of v1ExportNodeResponse.
46.1.1.4. Content Type
- application/json
46.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response.(streaming responses) | Stream result of v1ExportNodeResponse. |
| 0 | An unexpected error response. |
46.1.1.6. Samples
46.1.2. GetNode
GET /v1/nodes/{clusterId}/{nodeId}
46.1.2.1. Description
46.1.2.2. Parameters
46.1.2.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| clusterId | X | null | ||
| nodeId | X | null |
46.1.2.3. Return Type
46.1.2.4. Content Type
- application/json
46.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
46.1.2.6. Samples
46.1.3. ListNodes
GET /v1/nodes/{clusterId}
46.1.3.1. Description
46.1.3.2. Parameters
46.1.3.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| clusterId | X | null |
46.1.3.3. Return Type
46.1.3.4. Content Type
- application/json
46.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
46.1.3.6. Samples
Chapter 47. Notifier Service
47.1. Notifier Service
47.1.1. DeleteNotifier
DELETE /v1/notifiers/{id}
DeleteNotifier removes a notifier configuration given its ID.
47.1.1.1. Description
47.1.1.2. Parameters
47.1.1.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
47.1.1.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| force | - | null |
47.1.1.3. Return Type
Object
47.1.1.4. Content Type
- application/json
47.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
47.1.1.6. Samples
47.1.2. GetNotifier
GET /v1/notifiers/{id}
GetNotifier returns the notifier configuration given its ID.
47.1.2.1. Description
47.1.2.2. Parameters
47.1.2.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
47.1.2.3. Return Type
47.1.2.4. Content Type
- application/json
47.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
47.1.2.6. Samples
47.1.3. GetNotifiers
GET /v1/notifiers
GetNotifiers returns all notifier configurations.
47.1.3.1. Description
47.1.3.2. Parameters
47.1.3.3. Return Type
47.1.3.4. Content Type
- application/json
47.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
47.1.3.6. Samples
47.1.4. PostNotifier
POST /v1/notifiers
PostNotifier creates a notifier configuration.
47.1.4.1. Description
47.1.4.2. Parameters
47.1.4.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
47.1.4.3. Return Type
47.1.4.4. Content Type
- application/json
47.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
47.1.4.6. Samples
47.1.5. PutNotifier
PUT /v1/notifiers/{id}
PutNotifier modifies a given notifier, without using stored credential reconciliation.
47.1.5.1. Description
47.1.5.2. Parameters
47.1.5.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
47.1.5.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
47.1.5.3. Return Type
Object
47.1.5.4. Content Type
- application/json
47.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
47.1.5.6. Samples
47.1.6. TestNotifier
POST /v1/notifiers/test
TestNotifier checks if a notifier is correctly configured.
47.1.6.1. Description
47.1.6.2. Parameters
47.1.6.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
47.1.6.3. Return Type
Object
47.1.6.4. Content Type
- application/json
47.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
47.1.6.6. Samples
47.1.7. TestUpdatedNotifier
POST /v1/notifiers/test/updated
TestUpdatedNotifier checks if the given notifier is correctly configured, with optional stored credential reconciliation.
47.1.7.1. Description
47.1.7.2. Parameters
47.1.7.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
47.1.7.3. Return Type
Object
47.1.7.4. Content Type
- application/json
47.1.7.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
47.1.7.6. Samples
47.1.8. UpdateNotifier
PATCH /v1/notifiers/{notifier.id}
UpdateNotifier modifies a given notifier, with optional stored credential reconciliation.
47.1.8.1. Description
47.1.8.2. Parameters
47.1.8.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| notifier.id | X | null |
47.1.8.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
47.1.8.3. Return Type
Object
47.1.8.4. Content Type
- application/json
47.1.8.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
47.1.8.6. Samples
Chapter 48. Ping Service
48.1. Ping Service
48.1.1. Ping
GET /v1/ping
48.1.1.1. Description
48.1.1.2. Parameters
48.1.1.3. Return Type
48.1.1.4. Content Type
- application/json
48.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
48.1.1.6. Samples
Chapter 49. Pod Service
49.1. Pod Service
49.1.1. ExportPods
GET /v1/export/pods
49.1.1.1. Description
49.1.1.2. Parameters
49.1.1.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| timeout | - | null | ||
| query | - | null |
49.1.1.3. Return Type
Stream result of v1ExportPodResponse.
49.1.1.4. Content Type
- application/json
49.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response.(streaming responses) | Stream result of v1ExportPodResponse. |
| 0 | An unexpected error response. |
49.1.1.6. Samples
49.1.2. GetPods
GET /v1/pods
GetPods returns the pods.
49.1.2.1. Description
49.1.2.2. Parameters
49.1.2.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
49.1.2.3. Return Type
49.1.2.4. Content Type
- application/json
49.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
49.1.2.6. Samples
Chapter 50. Policy Category Service
50.1. Policy Category Service
50.1.1. DeletePolicyCategory
DELETE /v1/policycategories/{id}
DeletePolicyCategory removes the given policy category.
50.1.1.1. Description
50.1.1.2. Parameters
50.1.1.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
50.1.1.3. Return Type
Object
50.1.1.4. Content Type
- application/json
50.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
50.1.1.6. Samples
50.1.2. GetPolicyCategories
GET /v1/policycategories
GetPolicyCategories returns the list of policy categories
50.1.2.1. Description
50.1.2.2. Parameters
50.1.2.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
50.1.2.3. Return Type
50.1.2.4. Content Type
- application/json
50.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
50.1.2.6. Samples
50.1.3. GetPolicyCategory
GET /v1/policycategories/{id}
GetPolicyCategory returns the requested policy category by ID.
50.1.3.1. Description
50.1.3.2. Parameters
50.1.3.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
50.1.3.3. Return Type
50.1.3.4. Content Type
- application/json
50.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
50.1.3.6. Samples
50.1.4. PostPolicyCategory
POST /v1/policycategories
PostPolicyCategory creates a new policy category
50.1.4.1. Description
50.1.4.2. Parameters
50.1.4.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| policyCategory | X |
50.1.4.3. Return Type
50.1.4.4. Content Type
- application/json
50.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
50.1.4.6. Samples
50.1.5. RenamePolicyCategory
PUT /v1/policycategories
RenamePolicyCategory renames the given policy category.
50.1.5.1. Description
50.1.5.2. Parameters
50.1.5.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
50.1.5.3. Return Type
50.1.5.4. Content Type
- application/json
50.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
50.1.5.6. Samples
Chapter 51. Policy Service
51.1. Policy Service
51.1.1. CancelDryRunJob
DELETE /v1/policies/dryrunjob/{jobId}
51.1.1.1. Description
51.1.1.2. Parameters
51.1.1.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| jobId | X | null |
51.1.1.3. Return Type
Object
51.1.1.4. Content Type
- application/json
51.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
51.1.1.6. Samples
51.1.2. DeletePolicy
DELETE /v1/policies/{id}
DeletePolicy removes a policy by ID.
51.1.2.1. Description
51.1.2.2. Parameters
51.1.2.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
51.1.2.3. Return Type
Object
51.1.2.4. Content Type
- application/json
51.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
51.1.2.6. Samples
51.1.3. DryRunPolicy
POST /v1/policies/dryrun
DryRunPolicy evaluates the given policy and returns any alerts without creating the policy.
51.1.3.1. Description
51.1.3.2. Parameters
51.1.3.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
51.1.3.3. Return Type
51.1.3.4. Content Type
- application/json
51.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
51.1.3.6. Samples
51.1.4. EnableDisablePolicyNotification
PATCH /v1/policies/{policyId}/notifiers
EnableDisablePolicyNotification enables or disables notifications for a policy by ID.
51.1.4.1. Description
51.1.4.2. Parameters
51.1.4.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| policyId | X | null |
51.1.4.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
51.1.4.3. Return Type
Object
51.1.4.4. Content Type
- application/json
51.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
51.1.4.6. Samples
51.1.5. ExportPolicies
POST /v1/policies/export
ExportPolicies takes a list of policy IDs and returns either the entire list of policies or an error message
51.1.5.1. Description
51.1.5.2. Parameters
51.1.5.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
51.1.5.3. Return Type
51.1.5.4. Content Type
- application/json
51.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
51.1.5.6. Samples
51.1.6. GetPolicy
GET /v1/policies/{id}
GetPolicy returns the requested policy by ID.
51.1.6.1. Description
51.1.6.2. Parameters
51.1.6.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
51.1.6.3. Return Type
51.1.6.4. Content Type
- application/json
51.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
51.1.6.6. Samples
51.1.7. GetPolicyCategories
GET /v1/policyCategories
GetPolicyCategories returns the policy categories.
51.1.7.1. Description
51.1.7.2. Parameters
51.1.7.3. Return Type
51.1.7.4. Content Type
- application/json
51.1.7.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
51.1.7.6. Samples
51.1.8. GetPolicyMitreVectors
GET /v1/policies/{id}/mitrevectors
GetMitreVectorsForPolicy returns the requested policy by ID.
51.1.8.1. Description
51.1.8.2. Parameters
51.1.8.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
51.1.8.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| options.excludePolicy | If set to true, policy is excluded from the response. | - | null |
51.1.8.3. Return Type
51.1.8.4. Content Type
- application/json
51.1.8.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
51.1.8.6. Samples
51.1.9. ImportPolicies
POST /v1/policies/import
ImportPolicies accepts a list of Policies and returns a list of the policies which could not be imported
51.1.9.1. Description
51.1.9.2. Parameters
51.1.9.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
51.1.9.3. Return Type
51.1.9.4. Content Type
- application/json
51.1.9.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
51.1.9.6. Samples
51.1.10. ListPolicies
GET /v1/policies
ListPolicies returns the list of policies.
51.1.10.1. Description
51.1.10.2. Parameters
51.1.10.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
51.1.10.3. Return Type
51.1.10.4. Content Type
- application/json
51.1.10.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
51.1.10.6. Samples
51.1.11. PatchPolicy
PATCH /v1/policies/{id}
PatchPolicy edits an existing policy.
51.1.11.1. Description
51.1.11.2. Parameters
51.1.11.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
51.1.11.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
51.1.11.3. Return Type
Object
51.1.11.4. Content Type
- application/json
51.1.11.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
51.1.11.6. Samples
51.1.12. PolicyFromSearch
POST /v1/policies/from-search
51.1.12.1. Description
51.1.12.2. Parameters
51.1.12.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
51.1.12.3. Return Type
51.1.12.4. Content Type
- application/json
51.1.12.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
51.1.12.6. Samples
51.1.13. PostPolicy
POST /v1/policies
PostPolicy creates a new policy.
51.1.13.1. Description
51.1.13.2. Parameters
51.1.13.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| policy | X |
51.1.13.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| enableStrictValidation | - | null |
51.1.13.3. Return Type
51.1.13.4. Content Type
- application/json
51.1.13.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
51.1.13.6. Samples
51.1.14. PutPolicy
PUT /v1/policies/{id}
PutPolicy modifies an existing policy.
51.1.14.1. Description
51.1.14.2. Parameters
51.1.14.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
51.1.14.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
51.1.14.3. Return Type
Object
51.1.14.4. Content Type
- application/json
51.1.14.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
51.1.14.6. Samples
51.1.15. QueryDryRunJobStatus
GET /v1/policies/dryrunjob/{jobId}
51.1.15.1. Description
51.1.15.2. Parameters
51.1.15.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| jobId | X | null |
51.1.15.3. Return Type
51.1.15.4. Content Type
- application/json
51.1.15.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
51.1.15.6. Samples
51.1.16. ReassessPolicies
POST /v1/policies/reassess
ReassessPolicies reevaluates all the policies.
51.1.16.1. Description
51.1.16.2. Parameters
51.1.16.3. Return Type
Object
51.1.16.4. Content Type
- application/json
51.1.16.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
51.1.16.6. Samples
51.1.17. SubmitDryRunPolicyJob
POST /v1/policies/dryrunjob
51.1.17.1. Description
51.1.17.2. Parameters
51.1.17.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
51.1.17.3. Return Type
51.1.17.4. Content Type
- application/json
51.1.17.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
51.1.17.6. Samples
Chapter 52. Probe Upload Service
52.1. Probe Upload Service
52.1.1. GetExistingProbes
POST /v1/probeupload/getexisting
52.1.1.1. Description
52.1.1.2. Parameters
52.1.1.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| filesToCheck |
| - | null |
52.1.1.3. Return Type
52.1.1.4. Content Type
- application/json
52.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
52.1.1.6. Samples
Chapter 53. Process Baseline Service
53.1. Process Baseline Service
53.1.1. BulkLockProcessBaselines
PUT /v1/processbaselines/bulk/lock
BulkLockProcessBaselines locks process baselines given a cluster and an optional set of namespaces. It returns success or an error.
53.1.1.1. Description
53.1.1.2. Parameters
53.1.1.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
53.1.1.3. Return Type
53.1.1.4. Content Type
- application/json
53.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
53.1.1.6. Samples
53.1.2. BulkUnlockProcessBaselines
PUT /v1/processbaselines/bulk/unlock
BulkUnockProcessBaselines unlocks process baselines given a cluster and an optional set of namespaces. It returns success or an error.
53.1.2.1. Description
53.1.2.2. Parameters
53.1.2.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
53.1.2.3. Return Type
53.1.2.4. Content Type
- application/json
53.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
53.1.2.6. Samples
53.1.3. DeleteProcessBaselines
DELETE /v1/processbaselines
DeleteProcessBaselines deletes baselines.
53.1.3.1. Description
53.1.3.2. Parameters
53.1.3.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| confirm | - | null |
53.1.3.3. Return Type
53.1.3.4. Content Type
- application/json
53.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
53.1.3.6. Samples
53.1.4. GetProcessBaseline
GET /v1/processbaselines/key
GetProcessBaselineById returns the single process baseline referenced by the given ID.
53.1.4.1. Description
53.1.4.2. Parameters
53.1.4.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| key.deploymentId | The idea is for the keys to be flexible. Only certain combinations of these will be supported. | - | null | |
| key.containerName | - | null | ||
| key.clusterId | - | null | ||
| key.namespace | - | null |
53.1.4.3. Return Type
53.1.4.4. Content Type
- application/json
53.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
53.1.4.6. Samples
53.1.5. LockProcessBaselines
PUT /v1/processbaselines/lock
LockProcessBaselines accepts a list of baseline IDs, locks those baselines, and returns the updated baseline objects.
53.1.5.1. Description
53.1.5.2. Parameters
53.1.5.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
53.1.5.3. Return Type
53.1.5.4. Content Type
- application/json
53.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
53.1.5.6. Samples
53.1.6. UpdateProcessBaselines
PUT /v1/processbaselines
AddToProcessBaselines adds a list of process names to each of a list of process baselines.
53.1.6.1. Description
53.1.6.2. Parameters
53.1.6.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
53.1.6.3. Return Type
53.1.6.4. Content Type
- application/json
53.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
53.1.6.6. Samples
Chapter 54. Process Service
54.1. Process Service
54.1.1. CountProcesses
GET /v1/processcount
CountProcesses returns the count of processes.
54.1.1.1. Description
54.1.1.2. Parameters
54.1.1.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
54.1.1.3. Return Type
54.1.1.4. Content Type
- application/json
54.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
54.1.1.6. Samples
54.1.2. GetGroupedProcessByDeployment
GET /v1/processes/deployment/{deploymentId}/grouped
GetGroupedProcessByDeployment returns all the processes executed grouped by deployment.
54.1.2.1. Description
54.1.2.2. Parameters
54.1.2.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| deploymentId | X | null |
54.1.2.3. Return Type
54.1.2.4. Content Type
- application/json
54.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
54.1.2.6. Samples
54.1.3. GetGroupedProcessByDeploymentAndContainer
GET /v1/processes/deployment/{deploymentId}/grouped/container
GetGroupedProcessByDeploymentAndContainer returns all the processes executed grouped by deployment and container.
54.1.3.1. Description
54.1.3.2. Parameters
54.1.3.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| deploymentId | X | null |
54.1.3.3. Return Type
54.1.3.4. Content Type
- application/json
54.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
54.1.3.6. Samples
54.1.4. GetProcessesByDeployment
GET /v1/processes/deployment/{deploymentId}
GetProcessesByDeployment returns the processes executed in the given deployment.
54.1.4.1. Description
54.1.4.2. Parameters
54.1.4.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| deploymentId | X | null |
54.1.4.3. Return Type
54.1.4.4. Content Type
- application/json
54.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
54.1.4.6. Samples
Chapter 55. Rbac Service
55.1. Rbac Service
55.1.1. GetRole
GET /v1/rbac/roles/{id}
55.1.1.1. Description
55.1.1.2. Parameters
55.1.1.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
55.1.1.3. Return Type
55.1.1.4. Content Type
- application/json
55.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
55.1.1.6. Samples
55.1.2. GetRoleBinding
GET /v1/rbac/bindings/{id}
55.1.2.1. Description
55.1.2.2. Parameters
55.1.2.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
55.1.2.3. Return Type
55.1.2.4. Content Type
- application/json
55.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
55.1.2.6. Samples
55.1.3. GetSubject
GET /v1/rbac/subject/{id}
Subjects served from this API are Groups and Users only. Id in this case is the Name field, since for users and groups, that is unique, and subjects do not have IDs.
55.1.3.1. Description
55.1.3.2. Parameters
55.1.3.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
55.1.3.3. Return Type
55.1.3.4. Content Type
- application/json
55.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
55.1.3.6. Samples
55.1.4. ListRoleBindings
GET /v1/rbac/bindings
55.1.4.1. Description
55.1.4.2. Parameters
55.1.4.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
55.1.4.3. Return Type
55.1.4.4. Content Type
- application/json
55.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
55.1.4.6. Samples
55.1.5. ListRoles
GET /v1/rbac/roles
55.1.5.1. Description
55.1.5.2. Parameters
55.1.5.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
55.1.5.3. Return Type
55.1.5.4. Content Type
- application/json
55.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
55.1.5.6. Samples
55.1.6. ListSubjects
GET /v1/rbac/subjects
55.1.6.1. Description
55.1.6.2. Parameters
55.1.6.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
55.1.6.3. Return Type
55.1.6.4. Content Type
- application/json
55.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
55.1.6.6. Samples
Chapter 56. Report Configuration Service
56.1. Report Configuration Service
56.1.1. CountReportConfigurations
GET /v1/report-configurations-count
CountReportConfigurations returns the number of report configurations.
56.1.1.1. Description
56.1.1.2. Parameters
56.1.1.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
56.1.1.3. Return Type
56.1.1.4. Content Type
- application/json
56.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
56.1.1.6. Samples
56.1.2. DeleteReportConfiguration
DELETE /v1/report/configurations/{id}
DeleteReportConfiguration removes a report configuration given its id
56.1.2.1. Description
56.1.2.2. Parameters
56.1.2.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
56.1.2.3. Return Type
Object
56.1.2.4. Content Type
- application/json
56.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
56.1.2.6. Samples
56.1.3. GetReportConfiguration
GET /v1/report/configurations/{id}
56.1.3.1. Description
56.1.3.2. Parameters
56.1.3.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
56.1.3.3. Return Type
56.1.3.4. Content Type
- application/json
56.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
56.1.3.6. Samples
56.1.4. GetReportConfigurations
GET /v1/report/configurations
56.1.4.1. Description
56.1.4.2. Parameters
56.1.4.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
56.1.4.3. Return Type
56.1.4.4. Content Type
- application/json
56.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
56.1.4.6. Samples
56.1.5. PostReportConfiguration
POST /v1/report/configurations
PostReportConfiguration creates a report configuration
56.1.5.1. Description
56.1.5.2. Parameters
56.1.5.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
56.1.5.3. Return Type
56.1.5.4. Content Type
- application/json
56.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
56.1.5.6. Samples
56.1.6. UpdateReportConfiguration
PUT /v1/report/configurations/{id}
UpdateReportConfiguration updates a report configuration
56.1.6.1. Description
56.1.6.2. Parameters
56.1.6.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
56.1.6.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
56.1.6.3. Return Type
Object
56.1.6.4. Content Type
- application/json
56.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
56.1.6.6. Samples
Chapter 57. Report Service
57.1. Report Service
57.1.1. CancelReport
DELETE /v2/reports/jobs/{id}/cancel
Cancels a queued report job for the given report id. If the job is not active, it is a noop. If a report is already being prepared, it won’t be cancelled.
57.1.1.1. Description
57.1.1.2. Parameters
57.1.1.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
57.1.1.3. Return Type
Object
57.1.1.4. Content Type
- application/json
57.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
57.1.1.6. Samples
57.1.2. CountReportConfigurations
GET /v2/reports/configuration-count
CountReportConfigurations returns the number of report configurations.
57.1.2.1. Description
57.1.2.2. Parameters
57.1.2.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
57.1.2.3. Return Type
57.1.2.4. Content Type
- application/json
57.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
57.1.2.6. Samples
57.1.3. DeleteReport
DELETE /v2/reports/jobs/{id}/delete
Deletes a generated report for the given report id
57.1.3.1. Description
57.1.3.2. Parameters
57.1.3.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
57.1.3.3. Return Type
Object
57.1.3.4. Content Type
- application/json
57.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
57.1.3.6. Samples
57.1.4. DeleteReportConfiguration
DELETE /v2/reports/configurations/{id}
DeleteReportConfiguration removes the report configuration with given ID
57.1.4.1. Description
57.1.4.2. Parameters
57.1.4.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
57.1.4.3. Return Type
Object
57.1.4.4. Content Type
- application/json
57.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
57.1.4.6. Samples
57.1.5. GetMyReportHistory
GET /v2/reports/configurations/{id}/my-history
GetMyReportHistory returns the requester’s report job history for a report configuration with the specified ID.
57.1.5.1. Description
57.1.5.2. Parameters
57.1.5.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
57.1.5.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| reportParamQuery.query | - | null | ||
| reportParamQuery.pagination.limit | - | null | ||
| reportParamQuery.pagination.offset | - | null | ||
| reportParamQuery.pagination.sortOption.field | - | null | ||
| reportParamQuery.pagination.sortOption.reversed | - | null | ||
| reportParamQuery.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| reportParamQuery.pagination.sortOption.aggregateBy.distinct | - | null |
57.1.5.3. Return Type
57.1.5.4. Content Type
- application/json
57.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
57.1.5.6. Samples
57.1.6. GetReportConfiguration
GET /v2/reports/configurations/{id}
GetReportConfiguration returns the report configuration with given ID
57.1.6.1. Description
57.1.6.2. Parameters
57.1.6.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
57.1.6.3. Return Type
57.1.6.4. Content Type
- application/json
57.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
57.1.6.6. Samples
57.1.7. GetReportHistory
GET /v2/reports/configurations/{id}/history
GetReportHistory returns the full report job history for a report configuration with the specified ID.
57.1.7.1. Description
57.1.7.2. Parameters
57.1.7.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
57.1.7.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| reportParamQuery.query | - | null | ||
| reportParamQuery.pagination.limit | - | null | ||
| reportParamQuery.pagination.offset | - | null | ||
| reportParamQuery.pagination.sortOption.field | - | null | ||
| reportParamQuery.pagination.sortOption.reversed | - | null | ||
| reportParamQuery.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| reportParamQuery.pagination.sortOption.aggregateBy.distinct | - | null |
57.1.7.3. Return Type
57.1.7.4. Content Type
- application/json
57.1.7.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
57.1.7.6. Samples
57.1.8. GetReportStatus
GET /v2/reports/jobs/{id}/status
GetReportStatus returns report status for the given report id
57.1.8.1. Description
57.1.8.2. Parameters
57.1.8.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
57.1.8.3. Return Type
57.1.8.4. Content Type
- application/json
57.1.8.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
57.1.8.6. Samples
57.1.9. GetViewBasedMyReportHistory
GET /v2/reports/view-based/my-history
57.1.9.1. Description
57.1.9.2. Parameters
57.1.9.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| reportParamQuery.query | - | null | ||
| reportParamQuery.pagination.limit | - | null | ||
| reportParamQuery.pagination.offset | - | null | ||
| reportParamQuery.pagination.sortOption.field | - | null | ||
| reportParamQuery.pagination.sortOption.reversed | - | null | ||
| reportParamQuery.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| reportParamQuery.pagination.sortOption.aggregateBy.distinct | - | null |
57.1.9.3. Return Type
57.1.9.4. Content Type
- application/json
57.1.9.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
57.1.9.6. Samples
57.1.10. GetViewBasedReportHistory
GET /v2/reports/view-based/history
57.1.10.1. Description
57.1.10.2. Parameters
57.1.10.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| reportParamQuery.query | - | null | ||
| reportParamQuery.pagination.limit | - | null | ||
| reportParamQuery.pagination.offset | - | null | ||
| reportParamQuery.pagination.sortOption.field | - | null | ||
| reportParamQuery.pagination.sortOption.reversed | - | null | ||
| reportParamQuery.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| reportParamQuery.pagination.sortOption.aggregateBy.distinct | - | null |
57.1.10.3. Return Type
57.1.10.4. Content Type
- application/json
57.1.10.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
57.1.10.6. Samples
57.1.11. ListReportConfigurations
GET /v2/reports/configurations
ListReportConfigurations returns report configurations matching given query
57.1.11.1. Description
57.1.11.2. Parameters
57.1.11.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
57.1.11.3. Return Type
57.1.11.4. Content Type
- application/json
57.1.11.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
57.1.11.6. Samples
57.1.12. PostReportConfiguration
POST /v2/reports/configurations
PostReportConfiguration creates a report configuration
57.1.12.1. Description
57.1.12.2. Parameters
57.1.12.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
57.1.12.3. Return Type
57.1.12.4. Content Type
- application/json
57.1.12.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
57.1.12.6. Samples
57.1.13. PostViewBasedReport
POST /v2/reports/view-based/run
57.1.13.1. Description
57.1.13.2. Parameters
57.1.13.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
57.1.13.3. Return Type
57.1.13.4. Content Type
- application/json
57.1.13.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
57.1.13.6. Samples
57.1.14. RunReport
POST /v2/reports/run
Submits a new report generation request if the user requesting this report does not have another waiting or preparing report for the same report configuration.
57.1.14.1. Description
57.1.14.2. Parameters
57.1.14.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
57.1.14.3. Return Type
57.1.14.4. Content Type
- application/json
57.1.14.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
57.1.14.6. Samples
57.1.15. UpdateReportConfiguration
PUT /v2/reports/configurations/{id}
UpdateReportConfiguration updates a report configuration
57.1.15.1. Description
57.1.15.2. Parameters
57.1.15.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
57.1.15.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
57.1.15.3. Return Type
Object
57.1.15.4. Content Type
- application/json
57.1.15.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
57.1.15.6. Samples
Chapter 58. Role Service
58.1. Role Service
58.1.1. ComputeEffectiveAccessScope
POST /v1/computeeffectiveaccessscope
ComputeEffectiveAccessScope
58.1.1.1. Description
Returns effective access scope based on the rules in the request. Does not persist anything; not idempotent due to possible changes to clusters and namespaces. POST is chosen due to potentially large payload. There are advantages in both keeping the response slim and detailed. If only IDs of selected clusters and namespaces are included, response latency and processing time are lower but the caller shall overlay the response with its view of the world which is susceptible to consistency issues. Listing all clusters and namespaces with related metadata is convenient for the caller but bloat the message with secondary data. We let the caller decide what level of detail they would like to have: - Minimal, when only roots of included subtrees are listed by their IDs. Clusters can be either INCLUDED (its namespaces are included but are not listed) or PARTIAL (at least one namespace is explicitly included). Namespaces can only be INCLUDED. - Standard [default], when all known clusters and namespaces are listed with their IDs and names. Clusters can be INCLUDED (all its namespaces are explicitly listed as INCLUDED), PARTIAL (all its namespaces are explicitly listed, some as INCLUDED and some as EXCLUDED), and EXCLUDED (all its namespaces are explicitly listed as EXCLUDED). Namespaces can be either INCLUDED or EXCLUDED. - High, when every cluster and namespace is augmented with metadata.
58.1.1.2. Parameters
58.1.1.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| accessScope | X |
58.1.1.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| detail | - | STANDARD |
58.1.1.3. Return Type
58.1.1.4. Content Type
- application/json
58.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
58.1.1.6. Samples
58.1.2. CreateRole
POST /v1/roles/{name}
58.1.2.1. Description
58.1.2.2. Parameters
58.1.2.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| name | X | null |
58.1.2.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| role | X |
58.1.2.3. Return Type
Object
58.1.2.4. Content Type
- application/json
58.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
58.1.2.6. Samples
58.1.3. DeletePermissionSet
DELETE /v1/permissionsets/{id}
58.1.3.1. Description
58.1.3.2. Parameters
58.1.3.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
58.1.3.3. Return Type
Object
58.1.3.4. Content Type
- application/json
58.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
58.1.3.6. Samples
58.1.4. DeleteRole
DELETE /v1/roles/{id}
58.1.4.1. Description
58.1.4.2. Parameters
58.1.4.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
58.1.4.3. Return Type
Object
58.1.4.4. Content Type
- application/json
58.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
58.1.4.6. Samples
58.1.5. DeleteSimpleAccessScope
DELETE /v1/simpleaccessscopes/{id}
58.1.5.1. Description
58.1.5.2. Parameters
58.1.5.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
58.1.5.3. Return Type
Object
58.1.5.4. Content Type
- application/json
58.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
58.1.5.6. Samples
58.1.6. GetClustersForPermissions
GET /v1/sac/clusters
GetClustersForPermissions
58.1.6.1. Description
Returns the list of cluster ID and cluster name pairs that have at least read allowed by the scope of the requesting user for the list of requested permissions. Effective access scopes are only considered for input permissions that have cluster scope or narrower (i.e. global permissions from the input are ignored). If the input only contains permissions at global level, the output will be an empty list. If no permission is given in input, all clusters allowed by the requester scope for any permission with cluster scope or narrower will be part of the response.
58.1.6.2. Parameters
58.1.6.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null | ||
| permissions |
| - | null |
58.1.6.3. Return Type
58.1.6.4. Content Type
- application/json
58.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
58.1.6.6. Samples
58.1.7. GetMyPermissions
GET /v1/mypermissions
58.1.7.1. Description
58.1.7.2. Parameters
58.1.7.3. Return Type
58.1.7.4. Content Type
- application/json
58.1.7.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
58.1.7.6. Samples
58.1.8. GetNamespacesForClusterAndPermissions
GET /v1/sac/clusters/{clusterId}/namespaces
GetNamespacesForClusterAndPermissions
58.1.8.1. Description
Returns the list of namespace ID and namespace name pairs that belong to the requested cluster and for which the user has at least read access granted for the list of requested permissions that have namespace scope or narrower (i.e. global and cluster permissions from the input are ignored). If the input only contains permissions at global or cluster level, the output will be an empty list. If no permission is given in input, all namespaces allowed by the requester scope for any permission with namespace scope or narrower will be part of the response.
58.1.8.2. Parameters
58.1.8.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| clusterId | X | null |
58.1.8.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| permissions |
| - | null |
58.1.8.3. Return Type
58.1.8.4. Content Type
- application/json
58.1.8.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
58.1.8.6. Samples
58.1.9. GetPermissionSet
GET /v1/permissionsets/{id}
58.1.9.1. Description
58.1.9.2. Parameters
58.1.9.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
58.1.9.3. Return Type
58.1.9.4. Content Type
- application/json
58.1.9.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
58.1.9.6. Samples
58.1.10. GetResources
GET /v1/resources
58.1.10.1. Description
58.1.10.2. Parameters
58.1.10.3. Return Type
58.1.10.4. Content Type
- application/json
58.1.10.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
58.1.10.6. Samples
58.1.11. GetRole
GET /v1/roles/{id}
58.1.11.1. Description
58.1.11.2. Parameters
58.1.11.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
58.1.11.3. Return Type
58.1.11.4. Content Type
- application/json
58.1.11.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
58.1.11.6. Samples
58.1.12. GetRoles
GET /v1/roles
58.1.12.1. Description
58.1.12.2. Parameters
58.1.12.3. Return Type
58.1.12.4. Content Type
- application/json
58.1.12.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
58.1.12.6. Samples
58.1.13. GetSimpleAccessScope
GET /v1/simpleaccessscopes/{id}
58.1.13.1. Description
58.1.13.2. Parameters
58.1.13.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
58.1.13.3. Return Type
58.1.13.4. Content Type
- application/json
58.1.13.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
58.1.13.6. Samples
58.1.14. ListPermissionSets
GET /v1/permissionsets
58.1.14.1. Description
58.1.14.2. Parameters
58.1.14.3. Return Type
58.1.14.4. Content Type
- application/json
58.1.14.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
58.1.14.6. Samples
58.1.15. ListSimpleAccessScopes
GET /v1/simpleaccessscopes
58.1.15.1. Description
58.1.15.2. Parameters
58.1.15.3. Return Type
58.1.15.4. Content Type
- application/json
58.1.15.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
58.1.15.6. Samples
58.1.16. PostPermissionSet
POST /v1/permissionsets
PostPermissionSet
58.1.16.1. Description
PermissionSet.id is disallowed in request and set in response.
58.1.16.2. Parameters
58.1.16.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | This encodes a set of permissions for StackRox resources. StoragePermissionSet | X |
58.1.16.3. Return Type
58.1.16.4. Content Type
- application/json
58.1.16.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
58.1.16.6. Samples
58.1.17. PostSimpleAccessScope
POST /v1/simpleaccessscopes
PostSimpleAccessScope
58.1.17.1. Description
SimpleAccessScope.id is disallowed in request and set in response.
58.1.17.2. Parameters
58.1.17.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | Simple access scope is a (simple) selection criteria for scoped resources. It does not allow multi-component AND-rules nor set operations on names. StorageSimpleAccessScope | X |
58.1.17.3. Return Type
58.1.17.4. Content Type
- application/json
58.1.17.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
58.1.17.6. Samples
58.1.18. PutPermissionSet
PUT /v1/permissionsets/{id}
58.1.18.1. Description
58.1.18.2. Parameters
58.1.18.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | id is generated and cannot be changed. | X | null |
58.1.18.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
58.1.18.3. Return Type
Object
58.1.18.4. Content Type
- application/json
58.1.18.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
58.1.18.6. Samples
58.1.19. PutSimpleAccessScope
PUT /v1/simpleaccessscopes/{id}
58.1.19.1. Description
58.1.19.2. Parameters
58.1.19.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id |
| X | null |
58.1.19.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
58.1.19.3. Return Type
Object
58.1.19.4. Content Type
- application/json
58.1.19.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
58.1.19.6. Samples
58.1.20. UpdateRole
PUT /v1/roles/{name}
58.1.20.1. Description
58.1.20.2. Parameters
58.1.20.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| name |
| X | null |
58.1.20.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
58.1.20.3. Return Type
Object
58.1.20.4. Content Type
- application/json
58.1.20.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
58.1.20.6. Samples
Chapter 59. Search Service
59.1. Search Service
59.1.1. Autocomplete
GET /v1/search/autocomplete
59.1.1.1. Description
59.1.1.2. Parameters
59.1.1.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| categories |
| - | null |
59.1.1.3. Return Type
59.1.1.4. Content Type
- application/json
59.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
59.1.1.6. Samples
59.1.2. Options
GET /v1/search/metadata/options
59.1.2.1. Description
59.1.2.2. Parameters
59.1.2.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| categories |
| - | null |
59.1.2.3. Return Type
59.1.2.4. Content Type
- application/json
59.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
59.1.2.6. Samples
59.1.3. Search
GET /v1/search
59.1.3.1. Description
59.1.3.2. Parameters
59.1.3.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| categories |
| - | null |
59.1.3.3. Return Type
59.1.3.4. Content Type
- application/json
59.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
59.1.3.6. Samples
Chapter 60. Secret Service
60.1. Secret Service
60.1.1. CountSecrets
GET /v1/secretscount
CountSecrets returns the number of secrets.
60.1.1.1. Description
60.1.1.2. Parameters
60.1.1.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
60.1.1.3. Return Type
60.1.1.4. Content Type
- application/json
60.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
60.1.1.6. Samples
60.1.2. GetSecret
GET /v1/secrets/{id}
GetSecret returns a secret given its ID.
60.1.2.1. Description
60.1.2.2. Parameters
60.1.2.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
60.1.2.3. Return Type
60.1.2.4. Content Type
- application/json
60.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
60.1.2.6. Samples
60.1.3. ListSecrets
GET /v1/secrets
ListSecrets returns the list of secrets.
60.1.3.1. Description
60.1.3.2. Parameters
60.1.3.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
60.1.3.3. Return Type
60.1.3.4. Content Type
- application/json
60.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
60.1.3.6. Samples
Chapter 61. Sensor Upgrade Service
61.1. Sensor Upgrade Service
61.1.1. GetSensorUpgradeConfig
GET /v1/sensorupgrades/config
61.1.1.1. Description
61.1.1.2. Parameters
61.1.1.3. Return Type
61.1.1.4. Content Type
- application/json
61.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
61.1.1.6. Samples
61.1.2. TriggerSensorCertRotation
POST /v1/sensorupgrades/rotateclustercerts/{id}
61.1.2.1. Description
61.1.2.2. Parameters
61.1.2.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
61.1.2.3. Return Type
Object
61.1.2.4. Content Type
- application/json
61.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
61.1.2.6. Samples
61.1.3. TriggerSensorUpgrade
POST /v1/sensorupgrades/cluster/{id}
61.1.3.1. Description
61.1.3.2. Parameters
61.1.3.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
61.1.3.3. Return Type
Object
61.1.3.4. Content Type
- application/json
61.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
61.1.3.6. Samples
61.1.4. UpdateSensorUpgradeConfig
POST /v1/sensorupgrades/config
61.1.4.1. Description
61.1.4.2. Parameters
61.1.4.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
61.1.4.3. Return Type
Object
61.1.4.4. Content Type
- application/json
61.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
61.1.4.6. Samples
Chapter 62. Service Account Service
62.1. Service Account Service
62.1.1. GetServiceAccount
GET /v1/serviceaccounts/{id}
62.1.1.1. Description
62.1.1.2. Parameters
62.1.1.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
62.1.1.3. Return Type
62.1.1.4. Content Type
- application/json
62.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
62.1.1.6. Samples
62.1.2. ListServiceAccounts
GET /v1/serviceaccounts
62.1.2.1. Description
62.1.2.2. Parameters
62.1.2.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
62.1.2.3. Return Type
62.1.2.4. Content Type
- application/json
62.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
62.1.2.6. Samples
Chapter 63. Service Identity Service
63.1. Service Identity Service
63.1.1. CreateServiceIdentity
POST /v1/serviceIdentities
CreateServiceIdentity creates a new key pair and certificate. The key and certificate are not retained and can never be retrieved again.
63.1.1.1. Description
63.1.1.2. Parameters
63.1.1.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
63.1.1.3. Return Type
63.1.1.4. Content Type
- application/json
63.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
63.1.1.6. Samples
63.1.2. GetAuthorities
GET /v1/authorities
GetAuthorities returns the authorities currently in use.
63.1.2.1. Description
63.1.2.2. Parameters
63.1.2.3. Return Type
63.1.2.4. Content Type
- application/json
63.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
63.1.2.6. Samples
63.1.3. GetServiceIdentities
GET /v1/serviceIdentities
63.1.3.1. Description
63.1.3.2. Parameters
63.1.3.3. Return Type
63.1.3.4. Content Type
- application/json
63.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
63.1.3.6. Samples
Chapter 64. Signature Integration Service
64.1. Signature Integration Service
64.1.1. DeleteSignatureIntegration
DELETE /v1/signatureintegrations/{id}
64.1.1.1. Description
64.1.1.2. Parameters
64.1.1.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
64.1.1.3. Return Type
Object
64.1.1.4. Content Type
- application/json
64.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
64.1.1.6. Samples
64.1.2. GetSignatureIntegration
GET /v1/signatureintegrations/{id}
64.1.2.1. Description
64.1.2.2. Parameters
64.1.2.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
64.1.2.3. Return Type
64.1.2.4. Content Type
- application/json
64.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
64.1.2.6. Samples
64.1.3. ListSignatureIntegrations
GET /v1/signatureintegrations
64.1.3.1. Description
64.1.3.2. Parameters
64.1.3.3. Return Type
64.1.3.4. Content Type
- application/json
64.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
64.1.3.6. Samples
64.1.4. PostSignatureIntegration
POST /v1/signatureintegrations
Integration id should not be set. Returns signature integration with id filled.
64.1.4.1. Description
64.1.4.2. Parameters
64.1.4.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
64.1.4.3. Return Type
64.1.4.4. Content Type
- application/json
64.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
64.1.4.6. Samples
64.1.5. PutSignatureIntegration
PUT /v1/signatureintegrations/{id}
64.1.5.1. Description
64.1.5.2. Parameters
64.1.5.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
64.1.5.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
64.1.5.3. Return Type
Object
64.1.5.4. Content Type
- application/json
64.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
64.1.5.6. Samples
Chapter 65. Telemetry Service
65.1. Telemetry Service
65.1.1. ConfigureTelemetry
PUT /v1/telemetry/configure
65.1.1.1. Description
65.1.1.2. Parameters
65.1.1.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
65.1.1.3. Return Type
65.1.1.4. Content Type
- application/json
65.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
65.1.1.6. Samples
65.1.2. GetConfig
GET /v1/telemetry/config
65.1.2.1. Description
65.1.2.2. Parameters
65.1.2.3. Return Type
65.1.2.4. Content Type
- application/json
65.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
65.1.2.6. Samples
65.1.3. GetTelemetryConfiguration
GET /v1/telemetry/configure
65.1.3.1. Description
65.1.3.2. Parameters
65.1.3.3. Return Type
65.1.3.4. Content Type
- application/json
65.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
65.1.3.6. Samples
65.1.4. PostConfigReload
POST /v1/telemetry/config/reload
65.1.4.1. Description
65.1.4.2. Parameters
65.1.4.3. Return Type
Object
65.1.4.4. Content Type
- application/json
65.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
65.1.4.6. Samples
Chapter 66. User Service
66.1. User Service
66.1.1. GetUser
GET /v1/users/{id}
66.1.1.1. Description
66.1.1.2. Parameters
66.1.1.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
66.1.1.3. Return Type
66.1.1.4. Content Type
- application/json
66.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
66.1.1.6. Samples
66.1.2. GetUsers
GET /v1/users
66.1.2.1. Description
66.1.2.2. Parameters
66.1.2.3. Return Type
66.1.2.4. Content Type
- application/json
66.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
66.1.2.6. Samples
66.1.3. GetUsersAttributes
GET /v1/usersattributes
66.1.3.1. Description
66.1.3.2. Parameters
66.1.3.3. Return Type
66.1.3.4. Content Type
- application/json
66.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
66.1.3.6. Samples
Chapter 67. Virtual Machine Service
67.1. Virtual Machine Service
67.1.1. GetVirtualMachine
GET /v2/virtualmachines/{id}
67.1.1.1. Description
67.1.1.2. Parameters
67.1.1.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
67.1.1.2.2. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| stripDescription | - | null |
67.1.1.3. Return Type
67.1.1.4. Content Type
- application/json
67.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
67.1.1.6. Samples
67.1.2. ListVirtualMachines
GET /v2/virtualmachines
67.1.2.1. Description
67.1.2.2. Parameters
67.1.2.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query.query | - | null | ||
| query.pagination.limit | - | null | ||
| query.pagination.offset | - | null | ||
| query.pagination.sortOption.field | - | null | ||
| query.pagination.sortOption.reversed | - | null | ||
| query.pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| query.pagination.sortOption.aggregateBy.distinct | - | null |
67.1.2.3. Return Type
67.1.2.4. Content Type
- application/json
67.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
67.1.2.6. Samples
Chapter 68. Vulnerability Exception Service
68.1. Vulnerability Exception Service
68.1.1. ApproveVulnerabilityException
POST /v2/vulnerability-exceptions/{id}/approve
ApproveVulnerabilityException approves a vulnerability exception. Once approved, the exception is enforced. The associated vulnerabilities are excluded from policy evaluation and risk evaluation, and the vulnerabilities may not appear in certain APIs responses by default.
68.1.1.1. Description
68.1.1.2. Parameters
68.1.1.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | REQUIRED. The ID of vulnerability exception to be approved. | X | null |
68.1.1.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | VulnerabilityExceptionServiceApproveVulnerabilityExceptionBody | X |
68.1.1.3. Return Type
68.1.1.4. Content Type
- application/json
68.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
68.1.1.6. Samples
68.1.2. CancelVulnerabilityException
POST /v2/vulnerability-exceptions/{id}/cancel
CancelVulnerabilityException cancels a vulnerability exception. Once cancelled, an approved exception is no longer enforced. Cancelled exceptions are garbage collected as per the retention configuration .expiredVulnReqRetentionDurationDays (GET /v1/config/).
68.1.2.1. Description
68.1.2.2. Parameters
68.1.2.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
68.1.2.3. Return Type
68.1.2.4. Content Type
- application/json
68.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
68.1.2.6. Samples
68.1.3. CreateDeferVulnerabilityException
POST /v2/vulnerability-exceptions/deferral
CreateDeferVulnerabilityException creates an exception request to defer specified vulnerabilities. Once an exception is created, it remains in the PENDING state until the approval. The exception is enforced only after it is approved. Once the exception expires, it is garbage collected as per the retention configuration .expiredVulnReqRetentionDurationDays (GET`/v1/config/`)
68.1.3.1. Description
68.1.3.2. Parameters
68.1.3.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
68.1.3.3. Return Type
68.1.3.4. Content Type
- application/json
68.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
68.1.3.6. Samples
68.1.4. CreateFalsePositiveVulnerabilityException
POST /v2/vulnerability-exceptions/false-positive
CreateFalsePositiveVulnerabilityException creates an exception request to mark specified vulnerabilities as false positive. Once an exception is created, it remains in the PENDING state until the approval. The exception is enforced only after it is approved.
68.1.4.1. Description
68.1.4.2. Parameters
68.1.4.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
68.1.4.3. Return Type
68.1.4.4. Content Type
- application/json
68.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
68.1.4.6. Samples
68.1.5. DeleteVulnerabilityException
DELETE /v2/vulnerability-exceptions/{id}
DeleteVulnerabilityException deletes a vulnerability exception. Only pending exceptions and pending updates to an enforced exception can be deleted. To revert an exception use cancel API. All exceptions are retained in the system according to the retention configuration.
68.1.5.1. Description
68.1.5.2. Parameters
68.1.5.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
68.1.5.3. Return Type
Object
68.1.5.4. Content Type
- application/json
68.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
68.1.5.6. Samples
68.1.6. DenyVulnerabilityException
POST /v2/vulnerability-exceptions/{id}/deny
DenyVulnerabilityException denies a vulnerability exception. Denied exceptions are inactive and are garbage collected as per the retention configuration .expiredVulnReqRetentionDurationDays (GET`/v1/config/`)
68.1.6.1. Description
68.1.6.2. Parameters
68.1.6.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | REQUIRED. The ID of vulnerability exception to be denied. | X | null |
68.1.6.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
68.1.6.3. Return Type
68.1.6.4. Content Type
- application/json
68.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
68.1.6.6. Samples
68.1.7. GetVulnerabilityException
GET /v2/vulnerability-exceptions/{id}
GetVulnerabilityException returns the vulnerability exception with specified ID.
68.1.7.1. Description
68.1.7.2. Parameters
68.1.7.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
68.1.7.3. Return Type
68.1.7.4. Content Type
- application/json
68.1.7.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
68.1.7.6. Samples
68.1.8. ListVulnerabilityExceptions
GET /v2/vulnerability-exceptions
ListVulnerabilityExceptions returns a list of vulnerability exceptions.
68.1.8.1. Description
68.1.8.2. Parameters
68.1.8.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
68.1.8.3. Return Type
68.1.8.4. Content Type
- application/json
68.1.8.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
68.1.8.6. Samples
68.1.9. UpdateVulnerabilityException
PATCH /v2/vulnerability-exceptions/{id}
UpdateVulnerabilityException updates an existing vulnerability exception. The update is enforced only once it is approved. Currently only the following can be updated: - CVEs and expiry of the deferral exceptions - CVEs of the false positive exception
68.1.9.1. Description
68.1.9.2. Parameters
68.1.9.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | REQUIRED. The ID of vulnerability exception to be updated. | X | null |
68.1.9.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | VulnerabilityExceptionServiceUpdateVulnerabilityExceptionBody | X |
68.1.9.3. Return Type
68.1.9.4. Content Type
- application/json
68.1.9.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
68.1.9.6. Samples
Chapter 69. Vulnerability Request Service
69.1. Vulnerability Request Service
69.1.1. ApproveVulnerabilityRequest
POST /v1/cve/requests/{id}/approve
ApproveVulnRequest approve a vulnerability request. If it is an unwatch vulnerability request then the associated vulnerabilities are not watched in workflows such as policy detection, risk, etc.
69.1.1.1. Description
69.1.1.2. Parameters
69.1.1.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
69.1.1.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
69.1.1.3. Return Type
69.1.1.4. Content Type
- application/json
69.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
69.1.1.6. Samples
69.1.2. DeferVulnerability
POST /v1/cve/requests/defer
DeferVulnerability starts the deferral process for the specified vulnerability.
69.1.2.1. Description
69.1.2.2. Parameters
69.1.2.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
69.1.2.3. Return Type
69.1.2.4. Content Type
- application/json
69.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
69.1.2.6. Samples
69.1.3. DeleteVulnerabilityRequest
DELETE /v1/cve/requests/{id}
DeleteVulnerabilityRequest deletes a vulnerability request.
69.1.3.1. Description
69.1.3.2. Parameters
69.1.3.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
69.1.3.3. Return Type
Object
69.1.3.4. Content Type
- application/json
69.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
69.1.3.6. Samples
69.1.4. DenyVulnerabilityRequest
POST /v1/cve/requests/{id}/deny
DenyVulnRequest denies a vulnerability request.
69.1.4.1. Description
69.1.4.2. Parameters
69.1.4.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
69.1.4.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
69.1.4.3. Return Type
69.1.4.4. Content Type
- application/json
69.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
69.1.4.6. Samples
69.1.5. FalsePositiveVulnerability
POST /v1/cve/requests/false-positive
FalsePositiveVulnerability starts the process to mark the specified vulnerability as false-positive.
69.1.5.1. Description
69.1.5.2. Parameters
69.1.5.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
69.1.5.3. Return Type
69.1.5.4. Content Type
- application/json
69.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
69.1.5.6. Samples
69.1.6. GetVulnerabilityRequest
GET /v1/cve/requests/{id}
GetVulnerabilityRequest returns the requested vulnerability request by ID.
69.1.6.1. Description
69.1.6.2. Parameters
69.1.6.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
69.1.6.3. Return Type
69.1.6.4. Content Type
- application/json
69.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
69.1.6.6. Samples
69.1.7. ListVulnerabilityRequests
GET /v1/cve/requests
ListVulnerabilityRequests returns the list of vulnerability requests.
69.1.7.1. Description
69.1.7.2. Parameters
69.1.7.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
69.1.7.3. Return Type
69.1.7.4. Content Type
- application/json
69.1.7.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
69.1.7.6. Samples
69.1.8. UndoVulnerabilityRequest
POST /v1/cve/requests/{id}/undo
UndoVulnerabilityRequest undoes a vulnerability request.
69.1.8.1. Description
69.1.8.2. Parameters
69.1.8.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
69.1.8.3. Return Type
69.1.8.4. Content Type
- application/json
69.1.8.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
69.1.8.6. Samples
69.1.9. UpdateVulnerabilityRequest
POST /v1/cve/requests/{id}/update
UpdateVulnerabilityRequest updates an existing vulnerability request. Currently only deferral expiration time can be updated.
69.1.9.1. Description
69.1.9.2. Parameters
69.1.9.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
69.1.9.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
69.1.9.3. Return Type
69.1.9.4. Content Type
- application/json
69.1.9.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
69.1.9.6. Samples
Chapter 70. Vuln Mgmt Service
70.1. Vuln Mgmt Service
70.1.1. VulnMgmtExportWorkloads
GET /v1/export/vuln-mgmt/workloads
Streams vulnerability data upon request. Each entry consists of a deployment and the associated container images.
70.1.1.1. Description
The response is structured as: {"result": {"deployment": {…}, "images": […]}} … {"result": {"deployment": {…}, "images": […]}}
70.1.1.2. Parameters
70.1.1.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| timeout | Request timeout in seconds. | - | null | |
| query |
Query to constrain the deployments for which vulnerability data is returned. The queries contain pairs of | - | null |
70.1.1.3. Return Type
Stream result of v1VulnMgmtExportWorkloadsResponse.
70.1.1.4. Content Type
- application/json
70.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response.(streaming responses) | Stream result of v1VulnMgmtExportWorkloadsResponse. |
| 0 | An unexpected error response. |
70.1.1.6. Samples
Chapter 71. Common Object Reference
71.1. Common Object Reference
71.1.1. Common object reference
71.1.2. Models
71.1.2.1. AlertDeploymentContainer
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| image | |||||
| name | String |
71.1.2.2. AlertEnforcement
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| action | UNSET_ENFORCEMENT, SCALE_TO_ZERO_ENFORCEMENT, UNSATISFIABLE_NODE_CONSTRAINT_ENFORCEMENT, KILL_POD_ENFORCEMENT, FAIL_BUILD_ENFORCEMENT, FAIL_KUBE_REQUEST_ENFORCEMENT, FAIL_DEPLOYMENT_CREATE_ENFORCEMENT, FAIL_DEPLOYMENT_UPDATE_ENFORCEMENT, | ||||
| message | String |
71.1.2.3. AlertEntityType
| Enum Values |
|---|
| UNSET |
| DEPLOYMENT |
| CONTAINER_IMAGE |
| RESOURCE |
71.1.2.4. AlertGroupAlertCounts
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| severity | UNSET_SEVERITY, LOW_SEVERITY, MEDIUM_SEVERITY, HIGH_SEVERITY, CRITICAL_SEVERITY, | ||||
| count | String | int64 |
71.1.2.5. AlertProcessViolation
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| message | String | ||||
| processes | List of StorageProcessIndicator |
71.1.2.6. AlertResourceResourceType
| Enum Values |
|---|
| UNKNOWN |
| SECRETS |
| CONFIGMAPS |
| CLUSTER_ROLES |
| CLUSTER_ROLE_BINDINGS |
| NETWORK_POLICIES |
| SECURITY_CONTEXT_CONSTRAINTS |
| EGRESS_FIREWALLS |
71.1.2.7. AlertServiceResolveAlertBody
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| whitelist | Boolean | ||||
| addToBaseline | Boolean |
71.1.2.8. AlertViolation
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| message | String | ||||
| keyValueAttrs | |||||
| networkFlowInfo | |||||
| type | GENERIC, K8S_EVENT, NETWORK_FLOW, NETWORK_POLICY, | ||||
| time | Date | Indicates violation time. This field differs from top-level field 'time' which represents last time the alert occurred in case of multiple occurrences of the policy alert. As of 55.0, this field is set only for kubernetes event violations, but may not be limited to it in future. | date-time |
71.1.2.9. AlertViolationType
| Enum Values |
|---|
| GENERIC |
| K8S_EVENT |
| NETWORK_FLOW |
| NETWORK_POLICY |
71.1.2.10. AuthMachineToMachineConfigMapping
Mappings map an identity token’s claim values to a specific role within Central.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| key | String | A key within the identity token’s claim value to use. | |||
| valueExpression | String | A regular expression that will be evaluated against values of the identity token claim identified by the specified key. This regular expressions is in RE2 format, see more here: https://github.com/google/re2/wiki/Syntax. | |||
| role | String | The role which should be issued when the key and value match for a particular identity token. |
71.1.2.11. AuthProviderRequiredAttribute
RequiredAttribute allows to specify a set of attributes which ALL are required to be returned by the auth provider. If any attribute is missing within the external claims of the token issued by Central, the authentication request to this IdP is considered failed.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| attributeKey | String | ||||
| attributeValue | String |
71.1.2.12. AuthProviderServicePutAuthProviderBody
Next Tag: 15.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| type | String | ||||
| uiEndpoint | String | ||||
| enabled | Boolean | ||||
| config |
Map of | Config holds auth provider specific configuration. Each configuration options are different based on the given auth provider type. OIDC: - "issuer": the OIDC issuer according to https://openid.net/specs/openid-connect-core-1_0.html#IssuerIdentifier. - "client_id": the client ID according to https://www.rfc-editor.org/rfc/rfc6749.html#section-2.2. - "client_secret": the client secret according to https://www.rfc-editor.org/rfc/rfc6749.html#section-2.3.1. - "do_not_use_client_secret": set to "true" if you want to create a configuration with only a client ID and no client secret. - "mode": the OIDC callback mode, choosing from "fragment", "post", or "query". - "disable_offline_access_scope": set to "true" if no offline tokens shall be issued. - "extra_scopes": a space-delimited string of additional scopes to request in addition to "openid profile email" according to https://www.rfc-editor.org/rfc/rfc6749.html#section-3.3. OpenShift Auth: supports no extra configuration options. User PKI: - "keys": the trusted certificates PEM encoded. SAML: - "sp_issuer": the service provider issuer according to https://datatracker.ietf.org/doc/html/rfc7522#section-3. - "idp_metadata_url": the metadata URL according to https://docs.oasis-open.org/security/saml/v2.0/saml-metadata-2.0-os.pdf. - "idp_issuer": the IdP issuer. - "idp_cert_pem": the cert PEM encoded for the IdP endpoint. - "idp_sso_url": the IdP SSO URL. - "idp_nameid_format": the IdP name ID format. IAP: - "audience": the audience to use. | |||
| loginUrl | String | The login URL will be provided by the backend, and may not be specified in a request. | |||
| validated | Boolean | ||||
| extraUiEndpoints |
List of |
UI endpoints which to allow in addition to | |||
| active | Boolean | ||||
| requiredAttributes | List of AuthProviderRequiredAttribute | ||||
| traits | |||||
| claimMappings |
Map of | Specifies claims from IdP token that will be copied to Rox token attributes. Each key in this map contains a path in IdP token we want to map. Path is separated by "." symbol. For example, if IdP token payload looks like: { "a": { "b" : "c", "d": true, "e": [ "val1", "val2", "val3" ], "f": [ true, false, false ], "g": 123.0, "h": [ 1, 2, 3] } } then "a.b" would be a valid key and "a.z" is not. We support the following types of claims: * string(path "a.b") * bool(path "a.d") * string array(path "a.e") * bool array (path "a.f.") We do NOT support the following types of claims: * complex claims(path "a") * float/integer claims(path "a.g") * float/integer array claims(path "a.h") Each value in this map contains a Rox token attribute name we want to add claim to. If, for example, value is "groups", claim would be found in "external_user.Attributes.groups" in token. Note: we only support this feature for OIDC auth provider. | |||
| lastUpdated | Date | Last updated indicates the last time the auth provider has been updated. In case there have been tokens issued by an auth provider before this timestamp, they will be considered invalid. Subsequently, all clients will have to re-issue their tokens (either by refreshing or by an additional login attempt). | date-time |
71.1.2.13. AuthProviderServiceUpdateAuthProviderBody
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| enabled | Boolean |
71.1.2.14. AuthServiceUpdateAuthMachineToMachineConfigBody
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| config |
71.1.2.15. AuthServiceUpdateAuthMachineToMachineConfigBodyConfig
AuthMachineToMachineConfig determines rules for exchanging an identity token from a third party with a Central access token. The M2M stands for machine to machine, as this is the intended use-case for the config.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| type | GENERIC, GITHUB_ACTIONS, KUBE_SERVICE_ACCOUNT, | ||||
| tokenExpirationDuration | String | Sets the expiration of the token returned from the ExchangeAuthMachineToMachineToken API call. Possible valid time units are: s, m, h. The maximum allowed expiration duration is 24h. As an example: 2h45m. For additional information on the validation of the duration, see: https://pkg.go.dev/time#ParseDuration. | |||
| mappings | At least one mapping is required to resolve to a valid role for the access token to be successfully generated. | ||||
| issuer | String | The issuer of the related OIDC provider issuing the ID tokens to exchange. Must be non-empty string containing URL when type is GENERIC. In case of GitHub actions, this must be empty or set to https://token.actions.githubusercontent.com. Issuer is a unique key, therefore there may be at most one GITHUB_ACTIONS config, and each GENERIC config must have a distinct issuer. | |||
| traits |
71.1.2.16. AuthorizationTraceResponseResponseStatus
| Enum Values |
|---|
| UNKNOWN_STATUS |
| SUCCESS |
| FAILURE |
71.1.2.17. AuthorizationTraceResponseTrace
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| scopeCheckerType | String | ||||
| builtIn |
71.1.2.18. AuthorizationTraceResponseUserRole
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| permissions | Map of StorageAccess | ||||
| accessScopeName | String | ||||
| accessScope |
71.1.2.19. AvailableProviderTypesResponseAuthProviderType
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| type | String | ||||
| suggestedAttributes |
List of |
71.1.2.20. BannerConfigSize
| Enum Values |
|---|
| UNSET |
| SMALL |
| MEDIUM |
| LARGE |
71.1.2.21. CRSRevokeResponseCRSRevocationError
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| error | String |
71.1.2.22. CVSSV2AccessComplexity
| Enum Values |
|---|
| ACCESS_HIGH |
| ACCESS_MEDIUM |
| ACCESS_LOW |
71.1.2.23. CVSSV2Authentication
| Enum Values |
|---|
| AUTH_MULTIPLE |
| AUTH_SINGLE |
| AUTH_NONE |
71.1.2.24. CVSSV3AttackVector
| Enum Values |
|---|
| ATTACK_LOCAL |
| ATTACK_ADJACENT |
| ATTACK_NETWORK |
| ATTACK_PHYSICAL |
71.1.2.25. CVSSV3Complexity
| Enum Values |
|---|
| COMPLEXITY_LOW |
| COMPLEXITY_HIGH |
71.1.2.26. CVSSV3Impact
| Enum Values |
|---|
| IMPACT_NONE |
| IMPACT_LOW |
| IMPACT_HIGH |
71.1.2.27. CVSSV3Privileges
| Enum Values |
|---|
| PRIVILEGE_NONE |
| PRIVILEGE_LOW |
| PRIVILEGE_HIGH |
71.1.2.28. CVSSV3Severity
| Enum Values |
|---|
| UNKNOWN |
| NONE |
| LOW |
| MEDIUM |
| HIGH |
| CRITICAL |
71.1.2.29. CVSSV3UserInteraction
| Enum Values |
|---|
| UI_NONE |
| UI_REQUIRED |
71.1.2.30. CentralServicesCapabilitiesCapabilityStatus
- CapabilityAvailable: CapabilityAvailable means that UI and APIs should be available for users to use. This does not automatically mean that the functionality is 100% available and any calls to APIs will result in successful execution. Rather it means that users should be allowed to leverage the functionality as opposed to CapabilityDisabled when functionality should be blocked.
- CapabilityDisabled: CapabilityDisabled means the corresponding UI should be disabled and attempts to use related APIs should lead to errors.
| Enum Values |
|---|
| CapabilityAvailable |
| CapabilityDisabled |
71.1.2.31. CentralTelemetryConfig
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| userId | String | ||||
| endpoint | String | ||||
| storageKeyV1 | String |
71.1.2.32. CloudSourcesServiceUpdateCloudSourceBody
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| cloudSource | |||||
| updateCredentials | Boolean | If true, cloud_source must include valid credentials. If false, the resource must already exist and credentials in cloud_source are ignored. |
71.1.2.33. CloudSourcesServiceUpdateCloudSourceBodyCloudSource
CloudSource is an integration which provides a source for discovered clusters.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| type | TYPE_UNSPECIFIED, TYPE_PALADIN_CLOUD, TYPE_OCM, | ||||
| credentials | |||||
| skipTestIntegration | Boolean | ||||
| paladinCloud | |||||
| ocm |
71.1.2.34. ClusterAlertsAlertEvents
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| severity | UNSET_SEVERITY, LOW_SEVERITY, MEDIUM_SEVERITY, HIGH_SEVERITY, CRITICAL_SEVERITY, | ||||
| events | List of V1AlertEvent |
71.1.2.35. ClusterHealthStatusHealthStatusLabel
- UNAVAILABLE: Only collector can have unavailable status
| Enum Values |
|---|
| UNINITIALIZED |
| UNAVAILABLE |
| UNHEALTHY |
| DEGRADED |
| HEALTHY |
71.1.2.36. ClusterScanStatusSuiteStatus
Additional scan status gathered from ComplianceSuite
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| phase | String | ||||
| result | String | ||||
| errorMessage | String | ||||
| lastTransitionTime | Date | date-time |
71.1.2.37. ClusterUpgradeStatusUpgradability
- SENSOR_VERSION_HIGHER: SENSOR_VERSION_HIGHER occurs when we detect that the sensor is running a newer version than this Central. This is unexpected, but can occur depending on the patches a customer does. In this case, we will NOT automatically "upgrade" the sensor, since that would be a downgrade, even if the autoupgrade setting is on. The user will be allowed to manually trigger the upgrade, but they are strongly discouraged from doing so without upgrading Central first, since this is an unsupported configuration.
| Enum Values |
|---|
| UNSET |
| UP_TO_DATE |
| MANUAL_UPGRADE_REQUIRED |
| AUTO_UPGRADE_POSSIBLE |
| SENSOR_VERSION_HIGHER |
71.1.2.38. ClusterUpgradeStatusUpgradeProcessStatus
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| active | Boolean | ||||
| id | String | ||||
| targetVersion | String | ||||
| upgraderImage | String | ||||
| initiatedAt | Date | date-time | |||
| progress | |||||
| type | UPGRADE, CERT_ROTATION, |
71.1.2.39. ClustersServicePutClusterBody
Next tag: 33
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| type | GENERIC_CLUSTER, KUBERNETES_CLUSTER, OPENSHIFT_CLUSTER, OPENSHIFT4_CLUSTER, | ||||
| labels |
Map of | ||||
| mainImage | String | ||||
| collectorImage | String | ||||
| centralApiEndpoint | String | ||||
| runtimeSupport | Boolean | ||||
| collectionMethod | UNSET_COLLECTION, NO_COLLECTION, KERNEL_MODULE, EBPF, CORE_BPF, | ||||
| admissionController | Boolean | ||||
| admissionControllerUpdates | Boolean | ||||
| admissionControllerEvents | Boolean | ||||
| status | |||||
| dynamicConfig | |||||
| tolerationsConfig | |||||
| priority | String | int64 | |||
| healthStatus | |||||
| slimCollector | Boolean | ||||
| helmConfig | |||||
| mostRecentSensorId | |||||
| auditLogState | Map of StorageAuditLogFileState | For internal use only. | |||
| initBundleId | String | ||||
| managedBy | MANAGER_TYPE_UNKNOWN, MANAGER_TYPE_MANUAL, MANAGER_TYPE_HELM_CHART, MANAGER_TYPE_KUBERNETES_OPERATOR, | ||||
| sensorCapabilities |
List of | ||||
| admissionControllerFailOnError | Boolean |
71.1.2.40. CollectionServiceUpdateCollectionBody
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| description | String | ||||
| resourceSelectors | List of StorageResourceSelector | ||||
| embeddedCollectionIds |
List of |
71.1.2.41. ComplianceAggregationAggregationKey
Next available tag: 3
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| scope | UNKNOWN, STANDARD, CLUSTER, CATEGORY, CONTROL, NAMESPACE, NODE, DEPLOYMENT, CHECK, | ||||
| id | String |
71.1.2.42. ComplianceResultValueEvidence
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| state | COMPLIANCE_STATE_UNKNOWN, COMPLIANCE_STATE_SKIP, COMPLIANCE_STATE_NOTE, COMPLIANCE_STATE_SUCCESS, COMPLIANCE_STATE_FAILURE, COMPLIANCE_STATE_ERROR, | ||||
| message | String | ||||
| messageId | Integer | int32 |
71.1.2.43. ComplianceRuleFix
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| platform | String | ||||
| disruption | String |
71.1.2.44. ComplianceRunResultsEntityResults
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| controlResults | Map of StorageComplianceResultValue |
71.1.2.45. ComplianceScanConfigurationServiceUpdateComplianceScanConfigurationBody
Next available tag: 5
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| scanName | String | ||||
| scanConfig | |||||
| clusters |
List of |
71.1.2.46. ComplianceServiceUpdateComplianceStandardConfigBody
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| hideScanResults | Boolean |
71.1.2.47. ComputeEffectiveAccessScopeRequestDetail
| Enum Values |
|---|
| STANDARD |
| MINIMAL |
| HIGH |
71.1.2.48. ComputeEffectiveAccessScopeRequestPayload
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| simpleRules |
71.1.2.49. ContainerConfigEnvironmentConfig
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| key | String | ||||
| value | String | ||||
| envVarSource | UNSET, RAW, SECRET_KEY, CONFIG_MAP_KEY, FIELD, RESOURCE_FIELD, UNKNOWN, |
71.1.2.50. ContainerNameAndBaselineStatusBaselineStatus
- NOT_GENERATED: In current implementation, this is a temporary condition.
| Enum Values |
|---|
| INVALID |
| NOT_GENERATED |
| UNLOCKED |
| LOCKED |
71.1.2.51. CosignPublicKeyVerificationPublicKey
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| publicKeyPemEnc | String |
71.1.2.52. DBExportManifestEncodingType
The encoding of the file data in the restore body, usually for compression purposes.
| Enum Values |
|---|
| UNKNOWN |
| UNCOMPREESSED |
| DEFLATED |
71.1.2.53. DBRestoreProcessStatusResumeInfo
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| pos | String | int64 |
71.1.2.54. DBRestoreRequestHeaderLocalFileInfo
LocalFileInfo provides information about the file on the local machine of the user initiating the restore process, in order to provide information to other users about ongoing restore processes.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| path | String | The full path of the file. | |||
| bytesSize | String | The size of the file, in bytes. 0 if unknown. | int64 |
71.1.2.55. DatabaseStatusDatabaseType
| Enum Values |
|---|
| Hidden |
| RocksDB |
| PostgresDB |
71.1.2.56. DelegatedRegistryConfigDelegatedRegistry
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| path | String | ||||
| clusterId | String |
71.1.2.57. DelegatedRegistryConfigEnabledFor
-
NONE: Scan all images via central services except for images from the OCP integrated registry - ALL: Scan all images via the secured clusters - SPECIFIC: Scan images that match
registriesor are from the OCP integrated registry via the secured clusters otherwise scan via central services
| Enum Values |
|---|
| NONE |
| ALL |
| SPECIFIC |
71.1.2.58. DeployDetectionResponseRun
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| type | String | ||||
| alerts | List of StorageAlert |
71.1.2.59. DeploymentLabelsResponseLabelValues
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| values |
List of |
71.1.2.60. DeploymentListenPort
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| port | Long | int64 | |||
| l4protocol | L4_PROTOCOL_UNKNOWN, L4_PROTOCOL_TCP, L4_PROTOCOL_UDP, L4_PROTOCOL_ICMP, L4_PROTOCOL_RAW, L4_PROTOCOL_SCTP, L4_PROTOCOL_ANY, |
71.1.2.61. DiscoveredClusterMetadataType
| Enum Values |
|---|
| UNSPECIFIED |
| AKS |
| ARO |
| EKS |
| GKE |
| OCP |
| OSD |
| ROSA |
71.1.2.62. ECRConfigAuthorizationData
An authorization data represents the IAM authentication credentials and can be used to access any Amazon ECR registry that the IAM principal has access to.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| username | String | ||||
| password | String | ||||
| expiresAt | Date | date-time |
71.1.2.63. EmailAuthMethod
| Enum Values |
|---|
| DISABLED |
| PLAIN |
| LOGIN |
71.1.2.64. EmbeddedVulnerabilityVulnerabilityType
| Enum Values |
|---|
| UNKNOWN_VULNERABILITY |
| IMAGE_VULNERABILITY |
| K8S_VULNERABILITY |
| ISTIO_VULNERABILITY |
| NODE_VULNERABILITY |
| OPENSHIFT_VULNERABILITY |
71.1.2.65. EnvironmentConfigEnvVarSource
For any update to EnvVarSource, please also update 'ui/src/messages/common.js'
| Enum Values |
|---|
| UNSET |
| RAW |
| SECRET_KEY |
| CONFIG_MAP_KEY |
| FIELD |
| RESOURCE_FIELD |
| UNKNOWN |
71.1.2.66. EnvironmentList
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| environments | List of V4Environment |
71.1.2.67. ExceptionExpiryExpiryType
| Enum Values |
|---|
| TIME |
| ALL_CVE_FIXABLE |
| ANY_CVE_FIXABLE |
71.1.2.68. ExternalBackupServicePutExternalBackupBody
Next available tag: 10
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| type | String | ||||
| schedule | |||||
| backupsToKeep | Integer | int32 | |||
| s3 | |||||
| gcs | |||||
| s3compatible | |||||
| includeCertificates | Boolean |
71.1.2.69. ExternalBackupServiceUpdateExternalBackupBody
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| externalBackup | |||||
| updatePassword | Boolean | When false, use the stored credentials of an existing external backup configuration given its ID. |
71.1.2.70. GenerateNetworkPoliciesRequestDeleteExistingPoliciesMode
- NONE: Do not delete any existing network policies.
- GENERATED_ONLY: Delete any existing auto-generated network policies.
- ALL: Delete all existing network policies in the respective namespace.
| Enum Values |
|---|
| UNKNOWN |
| NONE |
| GENERATED_ONLY |
| ALL |
71.1.2.71. GetAlertTimeseriesResponseClusterAlerts
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| cluster | String | ||||
| severities | List of ClusterAlertsAlertEvents |
71.1.2.72. GetAlertsCountsRequestRequestGroup
| Enum Values |
|---|
| UNSET |
| CATEGORY |
| CLUSTER |
71.1.2.73. GetAlertsCountsResponseAlertGroup
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| group | String | ||||
| counts | List of AlertGroupAlertCounts |
71.1.2.74. GetLoginAuthProvidersResponseLoginAuthProvider
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| type | String | ||||
| loginUrl | String |
71.1.2.75. GetSensorUpgradeConfigResponseSensorAutoUpgradeFeatureStatus
| Enum Values |
|---|
| NOT_SUPPORTED |
| SUPPORTED |
71.1.2.76. GetSensorUpgradeConfigResponseUpgradeConfig
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| enableAutoUpgrade | Boolean | ||||
| autoUpgradeFeature | GetSensorUpgradeConfigResponseSensorAutoUpgradeFeatureStatus | NOT_SUPPORTED, SUPPORTED, |
71.1.2.77. GooglerpcStatus
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| code | Integer | int32 | |||
| message | String | ||||
| details | List of ProtobufAny |
71.1.2.78. GroupLabels
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| labels |
List of |
71.1.2.79. ImageIntegrationServicePutImageIntegrationBody
Next Tag: 25
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| type | String | ||||
| categories | List of StorageImageIntegrationCategory | ||||
| clairify | |||||
| scannerV4 | |||||
| docker | |||||
| quay | |||||
| ecr | |||||
| | |||||
| clair | |||||
| clairV4 | |||||
| ibm | |||||
| azure | |||||
| autogenerated | Boolean | ||||
| clusterId | String | ||||
| skipTestIntegration | Boolean | ||||
| source |
71.1.2.80. ImageIntegrationServiceUpdateImageIntegrationBody
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| config | |||||
| updatePassword | Boolean | When false, use the stored credentials of an existing image integration given its ID. |
71.1.2.81. ImagePullSecretRegistry
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| username | String |
71.1.2.82. ImageSBOMRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| imageName | X | String | Image name and reference. (e.g. nginx:latest or nginx@sha256:…) | ||
| force | Boolean | Bypass Central’s cache for the image and force a new pull from the Scanner |
71.1.2.83. InitBundleMetaImpactedCluster
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| id | String |
71.1.2.84. InitBundleRevokeResponseInitBundleRevocationError
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| error | String | ||||
| impactedClusters | List of InitBundleMetaImpactedCluster |
71.1.2.85. JiraPriorityMapping
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| severity | UNSET_SEVERITY, LOW_SEVERITY, MEDIUM_SEVERITY, HIGH_SEVERITY, CRITICAL_SEVERITY, | ||||
| priorityName | String |
71.1.2.86. KeyValueAttrsKeyValueAttr
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| key | String | ||||
| value | String |
71.1.2.87. ListAlertCommonEntityInfo
Fields common to all entities that an alert might belong to.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| clusterName | String | ||||
| namespace | String | ||||
| clusterId | String | ||||
| namespaceId | String | ||||
| resourceType | DEPLOYMENT, SECRETS, CONFIGMAPS, CLUSTER_ROLES, CLUSTER_ROLE_BINDINGS, NETWORK_POLICIES, SECURITY_CONTEXT_CONSTRAINTS, EGRESS_FIREWALLS, |
71.1.2.88. ListAlertPolicyDevFields
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| SORTName | String |
71.1.2.89. ListAlertResourceEntity
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String |
71.1.2.90. ListDeploymentsWithProcessInfoResponseDeploymentWithProcessInfo
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| deployment | |||||
| baselineStatuses |
71.1.2.91. MetadataLicenseStatus
| Enum Values |
|---|
| NONE |
| INVALID |
| EXPIRED |
| RESTARTING |
| VALID |
71.1.2.92. MetadataProviderType
| Enum Values |
|---|
| PROVIDER_TYPE_UNSPECIFIED |
| PROVIDER_TYPE_AWS |
| PROVIDER_TYPE_GCP |
| PROVIDER_TYPE_AZURE |
71.1.2.93. MicrosoftSentinelClientCertAuthConfig
client certificate which is used for authentication
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| clientCert | String | PEM encoded ASN.1 DER format. | |||
| privateKey | String | PEM encoded PKCS #8, ASN.1 DER format. |
71.1.2.94. MicrosoftSentinelDataCollectionRuleConfig
DataCollectionRuleConfig contains information about the data collection rule which is a config per notifier type.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| streamName | String | ||||
| dataCollectionRuleId | String | ||||
| enabled | Boolean |
71.1.2.95. NetworkBaselineServiceGetNetworkBaselineStatusForFlowsBody
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| peers | List of V1NetworkBaselineStatusPeer |
71.1.2.96. NetworkBaselineServiceModifyBaselineStatusForPeersBody
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| peers | List of V1NetworkBaselinePeerStatus |
71.1.2.97. NetworkEntityInfoExternalSource
Update normalizeDupNameExtSrcs(…) in central/networkgraph/aggregator/aggregator.go whenever this message is updated.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| cidr | String | ||||
| default | Boolean |
| |||
| discovered | Boolean |
|
71.1.2.98. NetworkFlowInfoEntity
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| entityType | UNKNOWN_TYPE, DEPLOYMENT, INTERNET, LISTEN_ENDPOINT, EXTERNAL_SOURCE, INTERNAL_ENTITIES, | ||||
| deploymentNamespace | String | ||||
| deploymentType | String | ||||
| port | Integer | int32 |
71.1.2.99. NetworkGraphServiceCreateExternalNetworkEntityBody
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| entity |
71.1.2.100. NetworkGraphServicePatchExternalNetworkEntityBody
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String |
71.1.2.101. NetworkPolicyServiceApplyNetworkPolicyYamlForDeploymentBody
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| modification |
71.1.2.102. NetworkPolicyServiceGetBaselineGeneratedNetworkPolicyForDeploymentBody
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| deleteExisting | UNKNOWN, NONE, GENERATED_ONLY, ALL, | ||||
| includePorts | Boolean |
71.1.2.103. NextAvailableTag10
Next available tag: 10
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| type | String | ||||
| schedule | |||||
| backupsToKeep | Integer | int32 | |||
| s3 | |||||
| gcs | |||||
| s3compatible | |||||
| includeCertificates | Boolean |
71.1.2.104. NextTag21
Next Tag: 21
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| type | String | ||||
| uiEndpoint | String | ||||
| labelKey | String | ||||
| labelDefault | String | ||||
| jira | |||||
| | |||||
| cscc | |||||
| splunk | |||||
| pagerduty | |||||
| generic | |||||
| sumologic | |||||
| awsSecurityHub | |||||
| syslog | |||||
| microsoftSentinel | |||||
| notifierSecret | String | ||||
| traits |
71.1.2.105. NextTag25
Next Tag: 25
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| type | String | ||||
| categories | List of StorageImageIntegrationCategory | ||||
| clairify | |||||
| scannerV4 | |||||
| docker | |||||
| quay | |||||
| ecr | |||||
| | |||||
| clair | |||||
| clairV4 | |||||
| ibm | |||||
| azure | |||||
| autogenerated | Boolean | ||||
| clusterId | String | ||||
| skipTestIntegration | Boolean | ||||
| source |
71.1.2.106. NodeScanScanner
| Enum Values |
|---|
| SCANNER |
| SCANNER_V4 |
71.1.2.107. NotifierServicePutNotifierBody
Next Tag: 21
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| type | String | ||||
| uiEndpoint | String | ||||
| labelKey | String | ||||
| labelDefault | String | ||||
| jira | |||||
| | |||||
| cscc | |||||
| splunk | |||||
| pagerduty | |||||
| generic | |||||
| sumologic | |||||
| awsSecurityHub | |||||
| syslog | |||||
| microsoftSentinel | |||||
| notifierSecret | String | ||||
| traits |
71.1.2.108. NotifierServiceUpdateNotifierBody
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| notifier | |||||
| updatePassword | Boolean | When false, use the stored credentials of an existing notifier configuration given its ID. |
71.1.2.109. PlatformComponentConfigRule
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| namespaceRule |
71.1.2.110. PodContainerInstanceList
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| instances | List of StorageContainerInstance |
71.1.2.111. PolicyMitreAttackVectors
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| tactic | String | ||||
| techniques |
List of |
71.1.2.112. PolicyServiceEnableDisablePolicyNotificationBody
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| notifierIds |
List of | ||||
| disable | Boolean |
71.1.2.113. PolicyServicePatchPolicyBody
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| disabled | Boolean |
71.1.2.114. PolicyServicePutPolicyBody
Next tag: 28
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | Name of the policy. Must be unique. | |||
| description | String | Free-form text description of this policy. | |||
| rationale | String | ||||
| remediation | String | Describes how to remediate a violation of this policy. | |||
| disabled | Boolean | Toggles whether or not this policy will be executing and actively firing alerts. | |||
| categories |
List of | List of categories that this policy falls under. Category names must already exist in Central. | |||
| lifecycleStages | List of StorageLifecycleStage | Describes which policy lifecylce stages this policy applies to. Choices are DEPLOY, BUILD, and RUNTIME. | |||
| eventSource | NOT_APPLICABLE, DEPLOYMENT_EVENT, AUDIT_LOG_EVENT, | ||||
| exclusions | List of StorageExclusion | Define deployments or images that should be excluded from this policy. | |||
| scope | List of StorageScope | Defines clusters, namespaces, and deployments that should be included in this policy. No scopes defined includes everything. | |||
| severity | UNSET_SEVERITY, LOW_SEVERITY, MEDIUM_SEVERITY, HIGH_SEVERITY, CRITICAL_SEVERITY, | ||||
| enforcementActions | List of StorageEnforcementAction | FAIL_DEPLOYMENT_CREATE_ENFORCEMENT takes effect only if admission control webhook is configured to enforce on object creates/updates. FAIL_KUBE_REQUEST_ENFORCEMENT takes effect only if admission control webhook is enabled to listen on exec and port-forward events. FAIL_DEPLOYMENT_UPDATE_ENFORCEMENT takes effect only if admission control webhook is configured to enforce on object updates. Lists the enforcement actions to take when a violation from this policy is identified. Possible value are UNSET_ENFORCEMENT, SCALE_TO_ZERO_ENFORCEMENT, UNSATISFIABLE_NODE_CONSTRAINT_ENFORCEMENT, KILL_POD_ENFORCEMENT, FAIL_BUILD_ENFORCEMENT, FAIL_KUBE_REQUEST_ENFORCEMENT, FAIL_DEPLOYMENT_CREATE_ENFORCEMENT, and. FAIL_DEPLOYMENT_UPDATE_ENFORCEMENT. | |||
| notifiers |
List of | List of IDs of the notifiers that should be triggered when a violation from this policy is identified. IDs should be in the form of a UUID and are found through the Central API. | |||
| lastUpdated | Date | date-time | |||
| SORTName | String | For internal use only. | |||
| SORTLifecycleStage | String | For internal use only. | |||
| SORTEnforcement | Boolean | For internal use only. | |||
| policyVersion | String | ||||
| policySections | List of StoragePolicySection | PolicySections define the violation criteria for this policy. | |||
| mitreAttackVectors | List of PolicyMitreAttackVectors | ||||
| criteriaLocked | Boolean | Read-only field. If true, the policy’s criteria fields are rendered read-only. | |||
| mitreVectorsLocked | Boolean | Read-only field. If true, the policy’s MITRE ATT&CK fields are rendered read-only. | |||
| isDefault | Boolean | Read-only field. Indicates the policy is a default policy if true and a custom policy if false. | |||
| source | IMPERATIVE, DECLARATIVE, |
71.1.2.115. PortConfigExposureInfo
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| level | UNSET, EXTERNAL, NODE, INTERNAL, HOST, ROUTE, | ||||
| serviceName | String | ||||
| serviceId | String | ||||
| serviceClusterIp | String | ||||
| servicePort | Integer | int32 | |||
| nodePort | Integer | int32 | |||
| externalIps |
List of | ||||
| externalHostnames |
List of |
71.1.2.116. PortConfigExposureLevel
| Enum Values |
|---|
| UNSET |
| EXTERNAL |
| NODE |
| INTERNAL |
| HOST |
| ROUTE |
71.1.2.117. ProcessListeningOnPortEndpoint
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| port | Long | int64 | |||
| protocol | L4_PROTOCOL_UNKNOWN, L4_PROTOCOL_TCP, L4_PROTOCOL_UDP, L4_PROTOCOL_ICMP, L4_PROTOCOL_RAW, L4_PROTOCOL_SCTP, L4_PROTOCOL_ANY, |
71.1.2.118. ProcessSignalLineageInfo
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| parentUid | Long | int64 | |||
| parentExecFilePath | String |
71.1.2.119. ProtobufAny
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| @type | String |
71.1.2.120. QuayConfigRobotAccount
Robot account is Quay’s named tokens that can be granted permissions on multiple repositories under an organization. It’s Quay’s recommended authentication model when possible (i.e. registry integration)
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| username | String | ||||
| password | String | The server will mask the value of this password in responses and logs. |
71.1.2.121. ReportConfigurationReportType
| Enum Values |
|---|
| VULNERABILITY |
71.1.2.122. ReportConfigurationServiceUpdateReportConfigurationBody
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| reportConfig |
71.1.2.123. ReportLastRunStatusRunStatus
| Enum Values |
|---|
| SUCCESS |
| FAILURE |
71.1.2.124. ReportServiceUpdateReportConfigurationBody
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| description | String | ||||
| type | VULNERABILITY, | ||||
| vulnReportFilters | |||||
| schedule | |||||
| resourceScope | |||||
| notifiers | List of V2NotifierConfiguration |
71.1.2.125. RequestExpiryExpiryType
| Enum Values |
|---|
| TIME |
| ALL_CVE_FIXABLE |
| ANY_CVE_FIXABLE |
71.1.2.126. ResourceCollectionEmbeddedResourceCollection
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String |
71.1.2.127. ResultFactor
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| message | String | ||||
| url | String |
71.1.2.128. RoleServicePutPermissionSetBody
This encodes a set of permissions for StackRox resources.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String |
| |||
| description | String | ||||
| resourceToAccess | Map of StorageAccess | ||||
| traits |
71.1.2.129. RoleServicePutSimpleAccessScopeBody
Simple access scope is a (simple) selection criteria for scoped resources. It does not allow multi-component AND-rules nor set operations on names.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String |
| |||
| description | String | ||||
| rules | |||||
| traits |
71.1.2.130. RoleServiceUpdateRoleBody
A role specifies which actions are allowed for which subset of cluster objects. Permissions be can either specified directly via setting resource_to_access together with global_access or by referencing a permission set by its id in permission_set_name.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| description | String | ||||
| permissionSetId | String | The associated PermissionSet and AccessScope for this Role. | |||
| accessScopeId | String | ||||
| globalAccess | NO_ACCESS, READ_ACCESS, READ_WRITE_ACCESS, | ||||
| resourceToAccess | Map of StorageAccess |
Deprecated 2021-04-20 in favor of | |||
| traits |
71.1.2.131. RpcStatus
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| code | Integer | int32 | |||
| message | String | ||||
| details | List of ProtobufAny |
71.1.2.132. RuleNamespaceRule
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| regex | String |
71.1.2.133. SBOMSPDX23Document
SPDX 2.3 document, refer to https://spdx.github.io/spdx-spec/v2.3/ for more details.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| spdxVersion | String | ||||
| dataLicense | String | ||||
| SPDXID | String | ||||
| name | String | ||||
| documentNamespace | String | ||||
| creationInfo | |||||
| packages | List of SBOM_SPDX23_Document_packages | ||||
| relationships |
71.1.2.134. SBOMSPDX23DocumentCreationInfo
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| created | String | ||||
| creators |
List of |
71.1.2.135. SBOMSPDX23DocumentPackagesInner
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| SPDXID | Object | ||||
| name | String | ||||
| versionInfo | String | ||||
| packageFileName | String | ||||
| downloadLocation | String | ||||
| filesAnalyzed | Boolean | ||||
| primaryPackagePurpose | String |
71.1.2.136. SBOMSPDX23DocumentRelationshipsInner
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| spdxElementId | String | ||||
| relatedSpdxElement | String | ||||
| relationshipType | String |
71.1.2.137. ScannerV1Components
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| namespace | String | ||||
| osComponents | List of ScannerV1OSComponent | ||||
| rhelComponents | List of ScannerV1RHELComponent | ||||
| languageComponents | List of ScannerV1LanguageComponent | ||||
| rhelContentSets |
List of |
71.1.2.138. ScannerV1Executable
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| path | String | ||||
| requiredFeatures | List of ScannerV1FeatureNameVersion |
71.1.2.139. ScannerV1FeatureNameVersion
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| version | String |
71.1.2.140. ScannerV1JavaComponent
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| implementationVersion | String | ||||
| mavenVersion | String | ||||
| origins |
List of | ||||
| specificationVersion | String | ||||
| bundleName | String |
71.1.2.141. ScannerV1LanguageComponent
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| type | UNSET_SOURCE_TYPE, JAVA, PYTHON, NPM, GEM, DOTNETCORERUNTIME, | ||||
| name | String | ||||
| version | String | ||||
| location | String | ||||
| java | |||||
| python | |||||
| addedBy | String |
71.1.2.142. ScannerV1Note
| Enum Values |
|---|
| OS_CVES_UNAVAILABLE |
| OS_CVES_STALE |
| LANGUAGE_CVES_UNAVAILABLE |
| CERTIFIED_RHEL_SCAN_UNAVAILABLE |
71.1.2.143. ScannerV1OSComponent
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| namespace | String | ||||
| version | String | ||||
| addedBy | String | ||||
| executables | List of ScannerV1Executable |
71.1.2.144. ScannerV1PythonComponent
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| homepage | String | ||||
| authorEmail | String | ||||
| downloadUrl | String | ||||
| summary | String | ||||
| description | String |
71.1.2.145. ScannerV1RHELComponent
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | int64 | |||
| name | String | ||||
| namespace | String | ||||
| version | String | ||||
| arch | String | ||||
| module | String | ||||
| cpes |
List of | ||||
| addedBy | String | ||||
| executables | List of ScannerV1Executable |
71.1.2.146. ScannerV1SourceType
| Enum Values |
|---|
| UNSET_SOURCE_TYPE |
| JAVA |
| PYTHON |
| NPM |
| GEM |
| DOTNETCORERUNTIME |
71.1.2.147. ScheduleDaysOfMonth
1 for 1st, 2 for 2nd …. 31 for 31st
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| days |
List of | int32 |
71.1.2.148. ScheduleDaysOfWeek
Sunday = 0, Monday = 1, …. Saturday = 6
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| days |
List of | int32 |
71.1.2.149. ScheduleIntervalType
| Enum Values |
|---|
| UNSET |
| DAILY |
| WEEKLY |
| MONTHLY |
71.1.2.150. ScheduleWeeklyInterval
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| day | Integer | int32 |
71.1.2.151. ScopeImage
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| registry | String | ||||
| remote | String | ||||
| tag | String |
71.1.2.152. SearchResponseCount
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| category | SEARCH_UNSET, ALERTS, IMAGES, IMAGE_COMPONENTS, IMAGE_VULN_EDGE, IMAGE_COMPONENT_EDGE, POLICIES, DEPLOYMENTS, ACTIVE_COMPONENT, PODS, SECRETS, PROCESS_INDICATORS, COMPLIANCE, CLUSTERS, NAMESPACES, NODES, NODE_COMPONENTS, NODE_VULN_EDGE, NODE_COMPONENT_EDGE, NODE_COMPONENT_CVE_EDGE, COMPLIANCE_STANDARD, COMPLIANCE_CONTROL_GROUP, COMPLIANCE_CONTROL, SERVICE_ACCOUNTS, ROLES, ROLEBINDINGS, REPORT_CONFIGURATIONS, PROCESS_BASELINES, SUBJECTS, RISKS, VULNERABILITIES, CLUSTER_VULNERABILITIES, IMAGE_VULNERABILITIES, NODE_VULNERABILITIES, COMPONENT_VULN_EDGE, CLUSTER_VULN_EDGE, NETWORK_ENTITY, VULN_REQUEST, NETWORK_BASELINE, NETWORK_POLICIES, PROCESS_BASELINE_RESULTS, COMPLIANCE_METADATA, COMPLIANCE_RESULTS, COMPLIANCE_DOMAIN, CLUSTER_HEALTH, POLICY_CATEGORIES, IMAGE_INTEGRATIONS, COLLECTIONS, POLICY_CATEGORY_EDGE, PROCESS_LISTENING_ON_PORT, API_TOKEN, REPORT_METADATA, REPORT_SNAPSHOT, COMPLIANCE_INTEGRATIONS, COMPLIANCE_SCAN_CONFIG, COMPLIANCE_SCAN, COMPLIANCE_CHECK_RESULTS, BLOB, ADMINISTRATION_EVENTS, COMPLIANCE_SCAN_CONFIG_STATUS, ADMINISTRATION_USAGE, COMPLIANCE_PROFILES, COMPLIANCE_RULES, COMPLIANCE_SCAN_SETTING_BINDINGS, COMPLIANCE_SUITES, CLOUD_SOURCES, DISCOVERED_CLUSTERS, COMPLIANCE_REMEDIATIONS, COMPLIANCE_BENCHMARKS, AUTH_PROVIDERS, COMPLIANCE_REPORT_SNAPSHOT, IMAGE_COMPONENTS_V2, IMAGE_VULNERABILITIES_V2, IMAGES_V2, VIRTUAL_MACHINES, | ||||
| count | String | int64 |
71.1.2.153. SearchResultMatches
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| values |
List of |
71.1.2.154. SeccompProfileProfileType
| Enum Values |
|---|
| UNCONFINED |
| RUNTIME_DEFAULT |
| LOCALHOST |
71.1.2.155. SecurityContextSELinux
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| user | String | ||||
| role | String | ||||
| type | String | ||||
| level | String |
71.1.2.156. SecurityContextSeccompProfile
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| type | UNCONFINED, RUNTIME_DEFAULT, LOCALHOST, | ||||
| localhostProfile | String |
71.1.2.157. SignatureIntegrationServicePutSignatureIntegrationBody
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| cosign | |||||
| cosignCertificates | |||||
| transparencyLog | |||||
| traits |
71.1.2.158. SimpleAccessScopeRules
Each element of any repeated field is an individual rule. Rules are joined by logical OR: if there exists a rule allowing resource x, x is in the access scope.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| includedClusters |
List of | ||||
| includedNamespaces | List of SimpleAccessScopeRulesNamespace | ||||
| clusterLabelSelectors | List of StorageSetBasedLabelSelector | ||||
| namespaceLabelSelectors | List of StorageSetBasedLabelSelector |
71.1.2.159. SimpleAccessScopeRulesNamespace
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| clusterName | String | Both fields must be set. | |||
| namespaceName | String |
71.1.2.160. StorageAWSProviderMetadata
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| accountId | String |
71.1.2.161. StorageAWSSecurityHub
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| region | String | ||||
| credentials | |||||
| accountId | String |
71.1.2.162. StorageAWSSecurityHubCredentials
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| accessKeyId | String | ||||
| secretAccessKey | String | ||||
| stsEnabled | Boolean |
71.1.2.163. StorageAccess
| Enum Values |
|---|
| NO_ACCESS |
| READ_ACCESS |
| READ_WRITE_ACCESS |
71.1.2.164. StorageAdministrationEventsConfig
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| retentionDurationDays | Long | int64 |
71.1.2.165. StorageAdmissionControlHealthInfo
AdmissionControlHealthInfo carries data about admission control deployment but does not include admission control health status derived from this data. Aggregated admission control health status is not included because it is derived in central and not in the component that first reports AdmissionControlHealthInfo (sensor).
The following fields are made optional/nullable because there can be errors when trying to obtain them and the default value of 0 might be confusing with the actual value 0. In case an error happens when trying to obtain a certain field, it will be absent (instead of having the default value).
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| totalDesiredPods | Integer | int32 | |||
| totalReadyPods | Integer | int32 | |||
| statusErrors |
List of | Collection of errors that occurred while trying to obtain admission control health info. |
71.1.2.166. StorageAdmissionControllerConfig
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| enabled | Boolean | ||||
| timeoutSeconds | Integer | int32 | |||
| scanInline | Boolean | ||||
| disableBypass | Boolean | ||||
| enforceOnUpdates | Boolean |
71.1.2.167. StorageAdvisory
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| link | String |
71.1.2.168. StorageAlert
Next available tag: 24
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| policy | |||||
| lifecycleStage | DEPLOY, BUILD, RUNTIME, | ||||
| clusterId | String | ||||
| clusterName | String | ||||
| namespace | String | ||||
| namespaceId | String | ||||
| deployment | |||||
| image | |||||
| resource | |||||
| violations | List of AlertViolation | For run-time phase alert, a maximum of 40 violations are retained. | |||
| processViolation | |||||
| enforcement | |||||
| time | Date | date-time | |||
| firstOccurred | Date | date-time | |||
| resolvedAt | Date | The time at which the alert was resolved. Only set if ViolationState is RESOLVED. | date-time | ||
| state | ACTIVE, RESOLVED, ATTEMPTED, | ||||
| platformComponent | Boolean | ||||
| entityType | UNSET, DEPLOYMENT, CONTAINER_IMAGE, RESOURCE, |
71.1.2.169. StorageAlertDeployment
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| type | String | ||||
| namespace | String | This field has to be duplicated in Alert for scope management and search. | |||
| namespaceId | String | This field has to be duplicated in Alert for scope management and search. | |||
| labels |
Map of | ||||
| clusterId | String | This field has to be duplicated in Alert for scope management and search. | |||
| clusterName | String | This field has to be duplicated in Alert for scope management and search. | |||
| containers | List of AlertDeploymentContainer | ||||
| annotations |
Map of | ||||
| inactive | Boolean |
71.1.2.170. StorageAlertResource
Represents an alert on a kubernetes resource other than a deployment (configmaps, secrets, etc.)
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| resourceType | UNKNOWN, SECRETS, CONFIGMAPS, CLUSTER_ROLES, CLUSTER_ROLE_BINDINGS, NETWORK_POLICIES, SECURITY_CONTEXT_CONSTRAINTS, EGRESS_FIREWALLS, | ||||
| name | String | ||||
| clusterId | String | This field has to be duplicated in Alert for scope management and search. | |||
| clusterName | String | This field has to be duplicated in Alert for scope management and search. | |||
| namespace | String | This field has to be duplicated in Alert for scope management and search. | |||
| namespaceId | String | This field has to be duplicated in Alert for scope management and search. |
71.1.2.171. StorageAlertRetentionConfig
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| resolvedDeployRetentionDurationDays | Integer | int32 | |||
| deletedRuntimeRetentionDurationDays | Integer |
This runtime alert retention configuration takes precedence after | int32 | ||
| allRuntimeRetentionDurationDays | Integer | This runtime alert retention configuration has highest precedence. All runtime alerts, including attempted alerts and deleted deployment alerts, are deleted even if respective retention is longer. | int32 | ||
| attemptedDeployRetentionDurationDays | Integer | int32 | |||
| attemptedRuntimeRetentionDurationDays | Integer | This runtime alert retention configuration has lowest precedence. | int32 |
71.1.2.172. StorageApprover
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String |
71.1.2.173. StorageAuditLogFileState
AuditLogFileState tracks the last audit log event timestamp and ID that was collected by Compliance For internal use only
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| collectLogsSince | Date | date-time | |||
| lastAuditId | String |
71.1.2.174. StorageAuthProvider
Next Tag: 15.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| type | String | ||||
| uiEndpoint | String | ||||
| enabled | Boolean | ||||
| config |
Map of | Config holds auth provider specific configuration. Each configuration options are different based on the given auth provider type. OIDC: - "issuer": the OIDC issuer according to https://openid.net/specs/openid-connect-core-1_0.html#IssuerIdentifier. - "client_id": the client ID according to https://www.rfc-editor.org/rfc/rfc6749.html#section-2.2. - "client_secret": the client secret according to https://www.rfc-editor.org/rfc/rfc6749.html#section-2.3.1. - "do_not_use_client_secret": set to "true" if you want to create a configuration with only a client ID and no client secret. - "mode": the OIDC callback mode, choosing from "fragment", "post", or "query". - "disable_offline_access_scope": set to "true" if no offline tokens shall be issued. - "extra_scopes": a space-delimited string of additional scopes to request in addition to "openid profile email" according to https://www.rfc-editor.org/rfc/rfc6749.html#section-3.3. OpenShift Auth: supports no extra configuration options. User PKI: - "keys": the trusted certificates PEM encoded. SAML: - "sp_issuer": the service provider issuer according to https://datatracker.ietf.org/doc/html/rfc7522#section-3. - "idp_metadata_url": the metadata URL according to https://docs.oasis-open.org/security/saml/v2.0/saml-metadata-2.0-os.pdf. - "idp_issuer": the IdP issuer. - "idp_cert_pem": the cert PEM encoded for the IdP endpoint. - "idp_sso_url": the IdP SSO URL. - "idp_nameid_format": the IdP name ID format. IAP: - "audience": the audience to use. | |||
| loginUrl | String | The login URL will be provided by the backend, and may not be specified in a request. | |||
| validated | Boolean | ||||
| extraUiEndpoints |
List of |
UI endpoints which to allow in addition to | |||
| active | Boolean | ||||
| requiredAttributes | List of AuthProviderRequiredAttribute | ||||
| traits | |||||
| claimMappings |
Map of | Specifies claims from IdP token that will be copied to Rox token attributes. Each key in this map contains a path in IdP token we want to map. Path is separated by "." symbol. For example, if IdP token payload looks like: { "a": { "b" : "c", "d": true, "e": [ "val1", "val2", "val3" ], "f": [ true, false, false ], "g": 123.0, "h": [ 1, 2, 3] } } then "a.b" would be a valid key and "a.z" is not. We support the following types of claims: * string(path "a.b") * bool(path "a.d") * string array(path "a.e") * bool array (path "a.f.") We do NOT support the following types of claims: * complex claims(path "a") * float/integer claims(path "a.g") * float/integer array claims(path "a.h") Each value in this map contains a Rox token attribute name we want to add claim to. If, for example, value is "groups", claim would be found in "external_user.Attributes.groups" in token. Note: we only support this feature for OIDC auth provider. | |||
| lastUpdated | Date | Last updated indicates the last time the auth provider has been updated. In case there have been tokens issued by an auth provider before this timestamp, they will be considered invalid. Subsequently, all clients will have to re-issue their tokens (either by refreshing or by an additional login attempt). | date-time |
71.1.2.175. StorageAutoLockProcessBaselinesConfig
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| enabled | Boolean |
71.1.2.176. StorageAzureConfig
Azure container registry configuration. Used by integrations of type "azure".
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| endpoint | String | ||||
| username | String | ||||
| password | String | The password for the integration. The server will mask the value of this credential in responses and logs. | |||
| wifEnabled | Boolean | Enables authentication with short-lived tokens using Azure managed identities or Azure workload identities. |
71.1.2.177. StorageAzureProviderMetadata
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| subscriptionId | String |
71.1.2.178. StorageBackupInfo
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| backupLastRunAt | Date | date-time | |||
| status | FAIL, PASS, | ||||
| requestor |
71.1.2.179. StorageBannerConfig
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| enabled | Boolean | ||||
| text | String | ||||
| size | UNSET, SMALL, MEDIUM, LARGE, | ||||
| color | String | ||||
| backgroundColor | String |
71.1.2.180. StorageBaselineElement
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| element | |||||
| auto | Boolean |
71.1.2.181. StorageBaselineItem
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| processName | String |
71.1.2.182. StorageBooleanOperator
| Enum Values |
|---|
| OR |
| AND |
71.1.2.183. StorageCSCC
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| serviceAccount | String | The service account for the integration. The server will mask the value of this credential in responses and logs. | |||
| sourceId | String | ||||
| wifEnabled | Boolean |
71.1.2.184. StorageCVEInfo
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| cve | String | ||||
| summary | String | ||||
| link | String | ||||
| publishedOn | Date | This indicates the timestamp when the cve was first published in the cve feeds. | date-time | ||
| createdAt | Date | Time when the CVE was first seen in the system. | date-time | ||
| lastModified | Date | date-time | |||
| scoreVersion | V2, V3, UNKNOWN, | ||||
| cvssV2 | |||||
| cvssV3 | |||||
| references | List of StorageCVEInfoReference | ||||
| cvssMetrics | List of StorageCVSSScore | ||||
| epss |
71.1.2.185. StorageCVEInfoReference
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| URI | String | ||||
| tags |
List of |
71.1.2.186. StorageCVEInfoScoreVersion
ScoreVersion can be deprecated ROX-26066
- V2: No unset for automatic backwards compatibility
| Enum Values |
|---|
| V2 |
| V3 |
| UNKNOWN |
71.1.2.187. StorageCVSSScore
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| source | SOURCE_UNKNOWN, SOURCE_RED_HAT, SOURCE_OSV, SOURCE_NVD, | ||||
| url | String | ||||
| cvssv2 | |||||
| cvssv3 |
71.1.2.188. StorageCVSSV2
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| vector | String | ||||
| attackVector | ATTACK_LOCAL, ATTACK_ADJACENT, ATTACK_NETWORK, | ||||
| accessComplexity | ACCESS_HIGH, ACCESS_MEDIUM, ACCESS_LOW, | ||||
| authentication | AUTH_MULTIPLE, AUTH_SINGLE, AUTH_NONE, | ||||
| confidentiality | IMPACT_NONE, IMPACT_PARTIAL, IMPACT_COMPLETE, | ||||
| integrity | IMPACT_NONE, IMPACT_PARTIAL, IMPACT_COMPLETE, | ||||
| availability | IMPACT_NONE, IMPACT_PARTIAL, IMPACT_COMPLETE, | ||||
| exploitabilityScore | Float | float | |||
| impactScore | Float | float | |||
| score | Float | float | |||
| severity | UNKNOWN, LOW, MEDIUM, HIGH, |
71.1.2.189. StorageCVSSV2AttackVector
| Enum Values |
|---|
| ATTACK_LOCAL |
| ATTACK_ADJACENT |
| ATTACK_NETWORK |
71.1.2.190. StorageCVSSV2Impact
| Enum Values |
|---|
| IMPACT_NONE |
| IMPACT_PARTIAL |
| IMPACT_COMPLETE |
71.1.2.191. StorageCVSSV2Severity
| Enum Values |
|---|
| UNKNOWN |
| LOW |
| MEDIUM |
| HIGH |
71.1.2.192. StorageCVSSV3
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| vector | String | ||||
| exploitabilityScore | Float | float | |||
| impactScore | Float | float | |||
| attackVector | ATTACK_LOCAL, ATTACK_ADJACENT, ATTACK_NETWORK, ATTACK_PHYSICAL, | ||||
| attackComplexity | COMPLEXITY_LOW, COMPLEXITY_HIGH, | ||||
| privilegesRequired | PRIVILEGE_NONE, PRIVILEGE_LOW, PRIVILEGE_HIGH, | ||||
| userInteraction | UI_NONE, UI_REQUIRED, | ||||
| scope | UNCHANGED, CHANGED, | ||||
| confidentiality | IMPACT_NONE, IMPACT_LOW, IMPACT_HIGH, | ||||
| integrity | IMPACT_NONE, IMPACT_LOW, IMPACT_HIGH, | ||||
| availability | IMPACT_NONE, IMPACT_LOW, IMPACT_HIGH, | ||||
| score | Float | float | |||
| severity | UNKNOWN, NONE, LOW, MEDIUM, HIGH, CRITICAL, |
71.1.2.193. StorageCVSSV3AttackVector
| Enum Values |
|---|
| ATTACK_LOCAL |
| ATTACK_ADJACENT |
| ATTACK_NETWORK |
| ATTACK_PHYSICAL |
71.1.2.194. StorageCVSSV3Impact
| Enum Values |
|---|
| IMPACT_NONE |
| IMPACT_LOW |
| IMPACT_HIGH |
71.1.2.195. StorageCVSSV3Scope
| Enum Values |
|---|
| UNCHANGED |
| CHANGED |
71.1.2.196. StorageCVSSV3Severity
| Enum Values |
|---|
| UNKNOWN |
| NONE |
| LOW |
| MEDIUM |
| HIGH |
| CRITICAL |
71.1.2.197. StorageCert
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| subject | |||||
| issuer | |||||
| sans |
List of | ||||
| startDate | Date | date-time | |||
| endDate | Date | date-time | |||
| algorithm | String |
71.1.2.198. StorageCertName
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| commonName | String | ||||
| country | String | ||||
| organization | String | ||||
| organizationUnit | String | ||||
| locality | String | ||||
| province | String | ||||
| streetAddress | String | ||||
| postalCode | String | ||||
| names |
List of |
71.1.2.199. StorageCertificateTransparencyLogVerification
Validate that the signature certificate contains a signed certificate timestamp as proof of inclusion into the certificate transparency log.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| enabled | Boolean | Validate the inclusion of certificates into a certificate transparency log. Disables validation if not enabled. | |||
| publicKeyPemEnc | String | PEM encoded public key used to validate the proof of inclusion into the certificate transparency log. Defaults to the key of the public Sigstore instance if left empty. |
71.1.2.200. StorageClairConfig
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| endpoint | String | ||||
| insecure | Boolean |
71.1.2.201. StorageClairV4Config
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| endpoint | String | ||||
| insecure | Boolean |
71.1.2.202. StorageClairifyConfig
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| endpoint | String | ||||
| grpcEndpoint | String | ||||
| numConcurrentScans | Integer | int32 |
71.1.2.203. StorageCluster
Next tag: 33
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| type | GENERIC_CLUSTER, KUBERNETES_CLUSTER, OPENSHIFT_CLUSTER, OPENSHIFT4_CLUSTER, | ||||
| labels |
Map of | ||||
| mainImage | String | ||||
| collectorImage | String | ||||
| centralApiEndpoint | String | ||||
| runtimeSupport | Boolean | ||||
| collectionMethod | UNSET_COLLECTION, NO_COLLECTION, KERNEL_MODULE, EBPF, CORE_BPF, | ||||
| admissionController | Boolean | ||||
| admissionControllerUpdates | Boolean | ||||
| admissionControllerEvents | Boolean | ||||
| status | |||||
| dynamicConfig | |||||
| tolerationsConfig | |||||
| priority | String | int64 | |||
| healthStatus | |||||
| slimCollector | Boolean | ||||
| helmConfig | |||||
| mostRecentSensorId | |||||
| auditLogState | Map of StorageAuditLogFileState | For internal use only. | |||
| initBundleId | String | ||||
| managedBy | MANAGER_TYPE_UNKNOWN, MANAGER_TYPE_MANUAL, MANAGER_TYPE_HELM_CHART, MANAGER_TYPE_KUBERNETES_OPERATOR, | ||||
| sensorCapabilities |
List of | ||||
| admissionControllerFailOnError | Boolean |
71.1.2.204. StorageClusterCertExpiryStatus
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| sensorCertExpiry | Date | date-time | |||
| sensorCertNotBefore | Date | date-time |
71.1.2.205. StorageClusterHealthStatus
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| collectorHealthInfo | |||||
| admissionControlHealthInfo | |||||
| scannerHealthInfo | |||||
| sensorHealthStatus | UNINITIALIZED, UNAVAILABLE, UNHEALTHY, DEGRADED, HEALTHY, | ||||
| collectorHealthStatus | UNINITIALIZED, UNAVAILABLE, UNHEALTHY, DEGRADED, HEALTHY, | ||||
| overallHealthStatus | UNINITIALIZED, UNAVAILABLE, UNHEALTHY, DEGRADED, HEALTHY, | ||||
| admissionControlHealthStatus | UNINITIALIZED, UNAVAILABLE, UNHEALTHY, DEGRADED, HEALTHY, | ||||
| scannerHealthStatus | UNINITIALIZED, UNAVAILABLE, UNHEALTHY, DEGRADED, HEALTHY, | ||||
| lastContact | Date | For sensors not having health capability, this will be filled with gRPC connection poll. Otherwise, this timestamp will be updated by central pipeline when message is processed. Note: we use this setting to guard against a specific attack vector during CRS-based cluster registration. Assuming that a CRS was used to register a cluster A and the CRS is leaked, an attacker shall not be able to re-run the CRS-flow which would then equip the attacker with a certificate & key issued to the cluster A. As countermeasure we only allow re-running the CRS-flow only as long as the last_contact field is empty, indicating that the legit cluster A’s sensor has not yet connected with the CRS-issued service certificates. | date-time | ||
| healthInfoComplete | Boolean |
71.1.2.206. StorageClusterMetadata
ClusterMetadata contains metadata information about the cluster infrastructure.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| type | UNSPECIFIED, AKS, ARO, EKS, GKE, OCP, OSD, ROSA, | ||||
| name | String | Name represents the name under which the cluster is registered with the cloud provider. In case of self managed OpenShift it is the name chosen by the OpenShift installer. | |||
| id | String |
Id represents a unique ID under which the cluster is registered with the cloud provider. Not all cluster types have an id. For all OpenShift clusters, this is the Red Hat |
71.1.2.207. StorageClusterMetadataType
| Enum Values |
|---|
| UNSPECIFIED |
| AKS |
| ARO |
| EKS |
| GKE |
| OCP |
| OSD |
| ROSA |
71.1.2.208. StorageClusterStatus
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| sensorVersion | String | ||||
| DEPRECATEDLastContact | Date | This field has been deprecated starting release 49.0. Use healthStatus.lastContact instead. | date-time | ||
| providerMetadata | |||||
| orchestratorMetadata | |||||
| upgradeStatus | |||||
| certExpiryStatus |
71.1.2.209. StorageClusterType
| Enum Values |
|---|
| GENERIC_CLUSTER |
| KUBERNETES_CLUSTER |
| OPENSHIFT_CLUSTER |
| OPENSHIFT4_CLUSTER |
71.1.2.210. StorageClusterUpgradeStatus
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| upgradability | UNSET, UP_TO_DATE, MANUAL_UPGRADE_REQUIRED, AUTO_UPGRADE_POSSIBLE, SENSOR_VERSION_HIGHER, | ||||
| upgradabilityStatusReason | String | ||||
| mostRecentProcess |
71.1.2.211. StorageCollectionMethod
| Enum Values |
|---|
| UNSET_COLLECTION |
| NO_COLLECTION |
| KERNEL_MODULE |
| EBPF |
| CORE_BPF |
71.1.2.212. StorageCollectorHealthInfo
CollectorHealthInfo carries data about collector deployment but does not include collector health status derived from this data. Aggregated collector health status is not included because it is derived in central and not in the component that first reports CollectorHealthInfo (sensor).
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| version | String | ||||
| totalDesiredPods | Integer | int32 | |||
| totalReadyPods | Integer | int32 | |||
| totalRegisteredNodes | Integer | int32 | |||
| statusErrors |
List of | Collection of errors that occurred while trying to obtain collector health info. |
71.1.2.213. StorageCompleteClusterConfig
Encodes a complete cluster configuration minus ID/Name identifiers including static and dynamic settings.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| dynamicConfig | |||||
| staticConfig | |||||
| configFingerprint | String | ||||
| clusterLabels |
Map of |
71.1.2.214. StorageComplianceAggregationResponse
Next available tag: 3
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| results | |||||
| sources | |||||
| errorMessage | String |
71.1.2.215. StorageComplianceAggregationResult
Next available tag: 5
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| aggregationKeys | |||||
| unit | UNKNOWN, STANDARD, CLUSTER, CATEGORY, CONTROL, NAMESPACE, NODE, DEPLOYMENT, CHECK, | ||||
| numPassing | Integer | int32 | |||
| numFailing | Integer | int32 | |||
| numSkipped | Integer | int32 |
71.1.2.216. StorageComplianceAggregationScope
| Enum Values |
|---|
| UNKNOWN |
| STANDARD |
| CLUSTER |
| CATEGORY |
| CONTROL |
| NAMESPACE |
| NODE |
| DEPLOYMENT |
| CHECK |
71.1.2.217. StorageComplianceAggregationSource
Next available tag: 5
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| clusterId | String | ||||
| standardId | String | ||||
| successfulRun | |||||
| failedRuns | List of StorageComplianceRunMetadata |
71.1.2.218. StorageComplianceDomain
Next available tag: 5
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| cluster | |||||
| nodes | Map of StorageComplianceDomainNode | ||||
| deployments |
71.1.2.219. StorageComplianceDomainCluster
These must mirror the tags exactly in cluster.proto for backwards compatibility
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String |
71.1.2.220. StorageComplianceDomainDeployment
This must mirror the tags exactly in deployment.proto for backwards compatibility
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| type | String | ||||
| namespace | String | ||||
| namespaceId | String | ||||
| clusterId | String | ||||
| clusterName | String |
71.1.2.221. StorageComplianceDomainNode
These must mirror the tags exactly in node.proto for backwards compatibility
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| clusterId | String | ||||
| clusterName | String |
71.1.2.222. StorageComplianceResultValue
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| evidence | List of ComplianceResultValueEvidence | ||||
| overallState | COMPLIANCE_STATE_UNKNOWN, COMPLIANCE_STATE_SKIP, COMPLIANCE_STATE_NOTE, COMPLIANCE_STATE_SUCCESS, COMPLIANCE_STATE_FAILURE, COMPLIANCE_STATE_ERROR, |
71.1.2.223. StorageComplianceRunMetadata
Next available tag: 5
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| runId | String | ||||
| standardId | String | ||||
| clusterId | String | ||||
| startTimestamp | Date | date-time | |||
| finishTimestamp | Date | date-time | |||
| success | Boolean | ||||
| errorMessage | String | ||||
| domainId | String |
71.1.2.224. StorageComplianceRunResults
Next available tag: 6
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| domain | |||||
| runMetadata | |||||
| clusterResults | |||||
| nodeResults | |||||
| deploymentResults | |||||
| machineConfigResults |
71.1.2.225. StorageComplianceState
| Enum Values |
|---|
| COMPLIANCE_STATE_UNKNOWN |
| COMPLIANCE_STATE_SKIP |
| COMPLIANCE_STATE_NOTE |
| COMPLIANCE_STATE_SUCCESS |
| COMPLIANCE_STATE_FAILURE |
| COMPLIANCE_STATE_ERROR |
71.1.2.226. StorageConfig
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| publicConfig | |||||
| privateConfig | |||||
| platformComponentConfig |
71.1.2.227. StorageContainer
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| config | |||||
| image | |||||
| securityContext | |||||
| volumes | List of StorageVolume | ||||
| ports | List of StoragePortConfig | ||||
| secrets | List of StorageEmbeddedSecret | ||||
| resources | |||||
| name | String | ||||
| livenessProbe | |||||
| readinessProbe |
71.1.2.228. StorageContainerConfig
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| env | List of ContainerConfigEnvironmentConfig | ||||
| command |
List of | ||||
| args |
List of | ||||
| directory | String | ||||
| user | String | ||||
| uid | String | int64 | |||
| appArmorProfile | String |
71.1.2.229. StorageContainerImage
Next tag: 13
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | |||||
| notPullable | Boolean | ||||
| isClusterLocal | Boolean | ||||
| idV2 | String |
71.1.2.230. StorageContainerInstance
ContainerInstanceID allows to uniquely identify a container within a cluster.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| instanceId | |||||
| containingPodId | String | The pod containing this container instance (kubernetes only). | |||
| containerName | String | Container name. | |||
| containerIps |
List of | The IP addresses of this container. | |||
| started | Date | date-time | |||
| imageDigest | String | ||||
| finished | Date | The finish time of the container, if it finished. | date-time | ||
| exitCode | Integer | The exit code of the container. Only valid when finished is populated. | int32 | ||
| terminationReason | String | The reason for the container’s termination, if it finished. |
71.1.2.231. StorageContainerInstanceID
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| containerRuntime | UNKNOWN_CONTAINER_RUNTIME, DOCKER_CONTAINER_RUNTIME, CRIO_CONTAINER_RUNTIME, | ||||
| id | String | The ID of the container, specific to the given runtime. | |||
| node | String | The node on which this container runs. |
71.1.2.232. StorageContainerNameAndBaselineStatus
ContainerNameAndBaselineStatus represents a cached result of process evaluation on a specific container name.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| containerName | String | ||||
| baselineStatus | INVALID, NOT_GENERATED, UNLOCKED, LOCKED, | ||||
| anomalousProcessesExecuted | Boolean |
71.1.2.233. StorageContainerRuntime
| Enum Values |
|---|
| UNKNOWN_CONTAINER_RUNTIME |
| DOCKER_CONTAINER_RUNTIME |
| CRIO_CONTAINER_RUNTIME |
71.1.2.234. StorageContainerRuntimeInfo
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| type | UNKNOWN_CONTAINER_RUNTIME, DOCKER_CONTAINER_RUNTIME, CRIO_CONTAINER_RUNTIME, | ||||
| version | String |
71.1.2.235. StorageCosignCertificateVerification
Holds all verification data for verifying certificates attached to cosign signatures. If only the certificate is given, the Fulcio trusted root chain will be assumed and verified against. If only the chain is given, this will be used over the Fulcio trusted root chain for verification. If no certificate or chain is given, the Fulcio trusted root chain will be assumed and verified against.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| certificatePemEnc | String | PEM encoded certificate to use for verification. Leave empty when using short-lived certificates as issued by Fulcio. | |||
| certificateChainPemEnc | String | PEM encoded certificate chain to use for verification. Defaults to the root certificate authority of the public Sigstore instance if left empty. | |||
| certificateOidcIssuer | String | Certificate OIDC issuer to verify against. This supports regular expressions following the RE2 syntax: https://github.com/google/re2/wiki/Syntax. In case the certificate does not specify an OIDC issuer, you may use '.*' as the OIDC issuer. However, it is recommended to use Fulcio compatible certificates according to the specification: https://github.com/sigstore/fulcio/blob/main/docs/certificate-specification.md. | |||
| certificateIdentity | String | Certificate identity to verify against. This supports regular expressions following the RE2 syntax: https://github.com/google/re2/wiki/Syntax. In case the certificate does not specify an identity, you may use '.*' as the identity. However, it is recommended to use Fulcio compatible certificates according to the specification: https://github.com/sigstore/fulcio/blob/main/docs/certificate-specification.md. | |||
| certificateTransparencyLog |
71.1.2.236. StorageCosignPublicKeyVerification
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| publicKeys |
71.1.2.237. StorageCosignSignature
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| rawSignature | byte[] | byte | |||
| signaturePayload | byte[] | byte | |||
| certPem | byte[] | byte | |||
| certChainPem | byte[] | byte | |||
| rekorBundle | byte[] | byte |
71.1.2.238. StorageDataSource
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| mirror | String |
71.1.2.239. StorageDayOption
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| numDays | Long | int64 | |||
| enabled | Boolean |
71.1.2.240. StorageDeclarativeConfigHealth
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| status | UNHEALTHY, HEALTHY, | ||||
| errorMessage | String | ||||
| resourceName | String | ||||
| resourceType | CONFIG_MAP, ACCESS_SCOPE, PERMISSION_SET, ROLE, AUTH_PROVIDER, GROUP, NOTIFIER, AUTH_MACHINE_TO_MACHINE_CONFIG, | ||||
| lastTimestamp | Date | Timestamp when the current status was set. | date-time |
71.1.2.241. StorageDeclarativeConfigHealthResourceType
| Enum Values |
|---|
| CONFIG_MAP |
| ACCESS_SCOPE |
| PERMISSION_SET |
| ROLE |
| AUTH_PROVIDER |
| GROUP |
| NOTIFIER |
| AUTH_MACHINE_TO_MACHINE_CONFIG |
71.1.2.242. StorageDeclarativeConfigHealthStatus
| Enum Values |
|---|
| UNHEALTHY |
| HEALTHY |
71.1.2.243. StorageDecommissionedClusterRetentionConfig
next available tag: 5
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| retentionDurationDays | Integer | int32 | |||
| ignoreClusterLabels |
Map of | ||||
| lastUpdated | Date | date-time | |||
| createdAt | Date | date-time |
71.1.2.244. StorageDeferralRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| expiry |
71.1.2.245. StorageDeferralUpdate
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| CVEs |
List of | ||||
| expiry |
71.1.2.246. StorageDeployment
Next available tag: 36
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| hash | String | uint64 | |||
| type | String | ||||
| namespace | String | ||||
| namespaceId | String | ||||
| orchestratorComponent | Boolean | ||||
| replicas | String | int64 | |||
| labels |
Map of | ||||
| podLabels |
Map of | ||||
| labelSelector | |||||
| created | Date | date-time | |||
| clusterId | String | ||||
| clusterName | String | ||||
| containers | List of StorageContainer | ||||
| annotations |
Map of | ||||
| priority | String | int64 | |||
| inactive | Boolean | ||||
| imagePullSecrets |
List of | ||||
| serviceAccount | String | ||||
| serviceAccountPermissionLevel | UNSET, NONE, DEFAULT, ELEVATED_IN_NAMESPACE, ELEVATED_CLUSTER_WIDE, CLUSTER_ADMIN, | ||||
| automountServiceAccountToken | Boolean | ||||
| hostNetwork | Boolean | ||||
| hostPid | Boolean | ||||
| hostIpc | Boolean | ||||
| runtimeClass | String | ||||
| tolerations | List of StorageToleration | ||||
| ports | List of StoragePortConfig | ||||
| stateTimestamp | String | int64 | |||
| riskScore | Float | float | |||
| platformComponent | Boolean |
71.1.2.247. StorageDockerConfig
Docker registry configuration. Used by integrations of type "docker" and other docker compliant registries without dedicated configuration type.
Use of type "azure" with DockerConfig has been deprecated in 4.7. Use AzureConfig instead.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| endpoint | String | ||||
| username | String | ||||
| password | String | The password for the integration. The server will mask the value of this credential in responses and logs. | |||
| insecure | Boolean |
71.1.2.248. StorageDynamicClusterConfig
The difference between Static and Dynamic cluster config is that Dynamic values are sent over the Central to Sensor gRPC connection. This has the benefit of allowing for "hot reloading" of values without restarting Secured cluster components.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| admissionControllerConfig | |||||
| registryOverride | String | ||||
| disableAuditLogs | Boolean | ||||
| autoLockProcessBaselinesConfig |
71.1.2.249. StorageECRConfig
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| registryId | String | ||||
| accessKeyId | String | The access key ID for the integration. The server will mask the value of this credential in responses and logs. | |||
| secretAccessKey | String | The secret access key for the integration. The server will mask the value of this credential in responses and logs. | |||
| region | String | ||||
| useIam | Boolean | ||||
| endpoint | String | ||||
| useAssumeRole | Boolean | ||||
| assumeRoleId | String | ||||
| assumeRoleExternalId | String | ||||
| authorizationData |
71.1.2.250. StorageEPSS
EPSS Score stores two epss metrics returned by scanner - epss probability and epss percentile
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| epssProbability | Float | float | |||
| epssPercentile | Float | float |
71.1.2.251. StorageEffectiveAccessScope
EffectiveAccessScope describes which clusters and namespaces are "in scope" given current state. Basically, if AccessScope is applied to the currently known clusters and namespaces, the result is EffectiveAccessScope.
EffectiveAccessScope represents a tree with nodes marked as included and excluded. If a node is included, all its child nodes are included.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| clusters |
71.1.2.252. StorageEffectiveAccessScopeCluster
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| state | UNKNOWN, INCLUDED, EXCLUDED, PARTIAL, | ||||
| labels |
Map of | ||||
| namespaces |
71.1.2.253. StorageEffectiveAccessScopeNamespace
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| state | UNKNOWN, INCLUDED, EXCLUDED, PARTIAL, | ||||
| labels |
Map of |
71.1.2.254. StorageEffectiveAccessScopeState
| Enum Values |
|---|
| UNKNOWN |
| INCLUDED |
| EXCLUDED |
| PARTIAL |
71.1.2.255. StorageEmail
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| server | String | ||||
| sender | String | ||||
| username | String | ||||
| password | String | The password for the integration. The server will mask the value of this credential in responses and logs. | |||
| disableTLS | Boolean | ||||
| DEPRECATEDUseStartTLS | Boolean | ||||
| from | String | ||||
| startTLSAuthMethod | DISABLED, PLAIN, LOGIN, | ||||
| allowUnauthenticatedSmtp | Boolean | ||||
| skipTLSVerify | Boolean | ||||
| hostnameHeloEhlo | String |
71.1.2.256. StorageEmailNotifierConfiguration
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| notifierId | String | ||||
| mailingLists |
List of | ||||
| customSubject | String | ||||
| customBody | String |
71.1.2.257. StorageEmbeddedImageScanComponent
Next Tag: 14
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| version | String | ||||
| license | |||||
| vulns | List of StorageEmbeddedVulnerability | ||||
| layerIndex | Integer | int32 | |||
| priority | String | int64 | |||
| source | OS, PYTHON, JAVA, RUBY, NODEJS, GO, DOTNETCORERUNTIME, INFRASTRUCTURE, | ||||
| location | String | ||||
| topCvss | Float | float | |||
| riskScore | Float | float | |||
| fixedBy | String | Component version that fixes all the fixable vulnerabilities in this component. | |||
| executables | |||||
| architecture | String |
71.1.2.258. StorageEmbeddedImageScanComponentExecutable
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| path | String | ||||
| dependencies |
List of |
71.1.2.259. StorageEmbeddedNodeScanComponent
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| version | String | ||||
| vulns | List of StorageEmbeddedVulnerability | ||||
| vulnerabilities | List of StorageNodeVulnerability | ||||
| priority | String | int64 | |||
| topCvss | Float | float | |||
| riskScore | Float | float |
71.1.2.260. StorageEmbeddedSecret
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| path | String |
71.1.2.261. StorageEmbeddedVulnerability
Next Tag: 25
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| cve | String | ||||
| advisory | |||||
| cvss | Float | float | |||
| summary | String | ||||
| link | String | ||||
| fixedBy | String | ||||
| scoreVersion | V2, V3, | ||||
| cvssV2 | |||||
| cvssV3 | |||||
| publishedOn | Date | date-time | |||
| lastModified | Date | date-time | |||
| vulnerabilityType | UNKNOWN_VULNERABILITY, IMAGE_VULNERABILITY, K8S_VULNERABILITY, ISTIO_VULNERABILITY, NODE_VULNERABILITY, OPENSHIFT_VULNERABILITY, | ||||
| vulnerabilityTypes | |||||
| suppressed | Boolean | ||||
| suppressActivation | Date | date-time | |||
| suppressExpiry | Date | date-time | |||
| firstSystemOccurrence | Date | Time when the CVE was first seen, for this specific distro, in the system. | date-time | ||
| firstImageOccurrence | Date | Time when the CVE was first seen in this image. | date-time | ||
| severity | UNKNOWN_VULNERABILITY_SEVERITY, LOW_VULNERABILITY_SEVERITY, MODERATE_VULNERABILITY_SEVERITY, IMPORTANT_VULNERABILITY_SEVERITY, CRITICAL_VULNERABILITY_SEVERITY, | ||||
| state | OBSERVED, DEFERRED, FALSE_POSITIVE, | ||||
| cvssMetrics | List of StorageCVSSScore | ||||
| nvdCvss | Float | float | |||
| epss |
71.1.2.262. StorageEmbeddedVulnerabilityScoreVersion
ScoreVersion can be deprecated ROX-26066
- V2: No unset for automatic backwards compatibility
| Enum Values |
|---|
| V2 |
| V3 |
71.1.2.263. StorageEnforcementAction
- FAIL_KUBE_REQUEST_ENFORCEMENT: FAIL_KUBE_REQUEST_ENFORCEMENT takes effect only if admission control webhook is enabled to listen on exec and port-forward events.
- FAIL_DEPLOYMENT_CREATE_ENFORCEMENT: FAIL_DEPLOYMENT_CREATE_ENFORCEMENT takes effect only if admission control webhook is configured to enforce on object creates.
- FAIL_DEPLOYMENT_UPDATE_ENFORCEMENT: FAIL_DEPLOYMENT_UPDATE_ENFORCEMENT takes effect only if admission control webhook is configured to enforce on object updates.
| Enum Values |
|---|
| UNSET_ENFORCEMENT |
| SCALE_TO_ZERO_ENFORCEMENT |
| UNSATISFIABLE_NODE_CONSTRAINT_ENFORCEMENT |
| KILL_POD_ENFORCEMENT |
| FAIL_BUILD_ENFORCEMENT |
| FAIL_KUBE_REQUEST_ENFORCEMENT |
| FAIL_DEPLOYMENT_CREATE_ENFORCEMENT |
| FAIL_DEPLOYMENT_UPDATE_ENFORCEMENT |
71.1.2.264. StorageEventSource
| Enum Values |
|---|
| NOT_APPLICABLE |
| DEPLOYMENT_EVENT |
| AUDIT_LOG_EVENT |
71.1.2.265. StorageExclusion
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| deployment | |||||
| image | |||||
| expiration | Date | date-time |
71.1.2.266. StorageExclusionDeployment
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| scope |
71.1.2.267. StorageExclusionImage
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String |
71.1.2.268. StorageExportPoliciesResponse
ExportPoliciesResponse is used by the API but it is defined in storage because we expect customers to store them. We do backwards-compatibility checks on objects in the storge folder and those checks should be applied to this object
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| policies | List of StoragePolicy |
71.1.2.269. StorageExternalBackup
Next available tag: 10
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| type | String | ||||
| schedule | |||||
| backupsToKeep | Integer | int32 | |||
| s3 | |||||
| gcs | |||||
| s3compatible | |||||
| includeCertificates | Boolean |
71.1.2.270. StorageFalsePositiveUpdate
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| CVEs |
List of |
71.1.2.271. StorageGCSConfig
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| bucket | String | ||||
| serviceAccount | String | The service account for the storage integration. The server will mask the value of this credential in responses and logs. | |||
| objectPrefix | String | ||||
| useWorkloadId | Boolean |
71.1.2.272. StorageGeneric
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| endpoint | String | ||||
| skipTLSVerify | Boolean | ||||
| caCert | String | ||||
| username | String | ||||
| password | String | The password for the integration. The server will mask the value of this credential in responses and logs. | |||
| headers | List of StorageKeyValuePair | ||||
| extraFields | List of StorageKeyValuePair | ||||
| auditLoggingEnabled | Boolean |
71.1.2.273. StorageGoogleConfig
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| endpoint | String | ||||
| serviceAccount | String | The service account for the integration. The server will mask the value of this credential in responses and logs. | |||
| project | String | ||||
| wifEnabled | Boolean |
71.1.2.274. StorageGoogleProviderMetadata
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| project | String | ||||
| clusterName | String | Deprecated in favor of providerMetadata.cluster.name. |
71.1.2.275. StorageGroup
Group is a GroupProperties : Role mapping.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| props | |||||
| roleName | String | This is the name of the role that will apply to users in this group. |
71.1.2.276. StorageGroupProperties
GroupProperties defines the properties of a group. Groups apply to users when their properties match. For instance: - If GroupProperties has only an auth_provider_id, then that group applies to all users logged in with that auth provider. - If GroupProperties in addition has a claim key, then it applies to all users with that auth provider and the claim key, etc. Note: Changes to GroupProperties may require changes to v1.DeleteGroupRequest.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | Unique identifier for group properties and respectively the group. | |||
| traits | |||||
| authProviderId | String | ||||
| key | String | ||||
| value | String |
71.1.2.277. StorageIBMRegistryConfig
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| endpoint | String | ||||
| apiKey | String | The API key for the integration. The server will mask the value of this credential in responses and logs. |
71.1.2.278. StorageIPBlock
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| cidr | String | ||||
| except |
List of |
71.1.2.279. StorageImage
This proto is deprecated and replaced by ImageV2. Next Tag: 19
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | |||||
| names | List of StorageImageName | This should deprecate the ImageName field long-term, allowing images with the same digest to be associated with different locations. TODO(dhaus): For now, this message will be without search tags due to duplicated search tags otherwise. | |||
| metadata | |||||
| scan | |||||
| signatureVerificationData | |||||
| signature | |||||
| components | Integer | int32 | |||
| cves | Integer | int32 | |||
| fixableCves | Integer | int32 | |||
| lastUpdated | Date | date-time | |||
| notPullable | Boolean | ||||
| isClusterLocal | Boolean | ||||
| priority | String | int64 | |||
| riskScore | Float | float | |||
| topCvss | Float | float | |||
| notes | List of StorageImageNote |
71.1.2.280. StorageImageIntegration
Next Tag: 25
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| type | String | ||||
| categories | List of StorageImageIntegrationCategory | ||||
| clairify | |||||
| scannerV4 | |||||
| docker | |||||
| quay | |||||
| ecr | |||||
| | |||||
| clair | |||||
| clairV4 | |||||
| ibm | |||||
| azure | |||||
| autogenerated | Boolean | ||||
| clusterId | String | ||||
| skipTestIntegration | Boolean | ||||
| source |
71.1.2.281. StorageImageIntegrationCategory
- NODE_SCANNER: Image and Node integrations are currently done on the same form in the UI so the image integration is also currently used for node integrations. This decision was made because we currently only support one node scanner (our scanner).
| Enum Values |
|---|
| REGISTRY |
| SCANNER |
| NODE_SCANNER |
71.1.2.282. StorageImageIntegrationSource
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| clusterId | String | ||||
| namespace | String | ||||
| imagePullSecretName | String |
71.1.2.283. StorageImageLayer
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| instruction | String | ||||
| value | String | ||||
| created | Date | date-time | |||
| author | String | ||||
| empty | Boolean |
71.1.2.284. StorageImageMetadata
If any fields of ImageMetadata are modified including subfields, please check pkg/images/enricher/metadata.go to ensure that those changes will be automatically picked up Next Tag: 6
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| v1 | |||||
| v2 | |||||
| layerShas |
List of | ||||
| dataSource | |||||
| version | String | uint64 |
71.1.2.285. StorageImageName
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| registry | String | ||||
| remote | String | ||||
| tag | String | ||||
| fullName | String |
71.1.2.286. StorageImageNote
| Enum Values |
|---|
| MISSING_METADATA |
| MISSING_SCAN_DATA |
| MISSING_SIGNATURE |
| MISSING_SIGNATURE_VERIFICATION_DATA |
71.1.2.287. StorageImagePullSecret
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| registries | List of ImagePullSecretRegistry |
71.1.2.288. StorageImageScan
Next tag: 8
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| scannerVersion | String | ||||
| scanTime | Date | date-time | |||
| components | |||||
| operatingSystem | String | ||||
| dataSource | |||||
| notes | List of StorageImageScanNote | ||||
| hash | String | uint64 |
71.1.2.289. StorageImageScanNote
| Enum Values |
|---|
| UNSET |
| OS_UNAVAILABLE |
| PARTIAL_SCAN_DATA |
| OS_CVES_UNAVAILABLE |
| OS_CVES_STALE |
| LANGUAGE_CVES_UNAVAILABLE |
| CERTIFIED_RHEL_SCAN_UNAVAILABLE |
71.1.2.290. StorageImageSignature
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| signatures | List of StorageSignature | ||||
| fetched | Date | date-time |
71.1.2.291. StorageImageSignatureVerificationData
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| results |
71.1.2.292. StorageImageSignatureVerificationResult
Next Tag: 6
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| verificationTime | Date | date-time | |||
| verifierId | String | verifier_id correlates to the ID of the signature integration used to verify the signature. | |||
| status | UNSET, VERIFIED, FAILED_VERIFICATION, INVALID_SIGNATURE_ALGO, CORRUPTED_SIGNATURE, GENERIC_ERROR, | ||||
| description | String | description is set in the case of an error with the specific error’s message. Otherwise, this will not be set. | |||
| verifiedImageReferences |
List of | The full image names that are verified by this specific signature integration ID. |
71.1.2.293. StorageImageSignatureVerificationResultStatus
Status represents the status of the result.
- VERIFIED: VERIFIED is set when the signature’s verification was successful.
- FAILED_VERIFICATION: FAILED_VERIFICATION is set when the signature’s verification failed.
- INVALID_SIGNATURE_ALGO: INVALID_SIGNATURE_ALGO is set when the signature’s algorithm is invalid and unsupported.
- CORRUPTED_SIGNATURE: CORRUPTED_SIGNATURE is set when the raw signature is corrupted, i.e. wrong base64 encoding.
- GENERIC_ERROR: GENERIC_ERROR is set when an error occurred during verification that cannot be associated with a specific status.
| Enum Values |
|---|
| UNSET |
| VERIFIED |
| FAILED_VERIFICATION |
| INVALID_SIGNATURE_ALGO |
| CORRUPTED_SIGNATURE |
| GENERIC_ERROR |
71.1.2.294. StorageIntegrationHealth
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| type | UNKNOWN, IMAGE_INTEGRATION, NOTIFIER, BACKUP, DECLARATIVE_CONFIG, | ||||
| status | UNINITIALIZED, UNHEALTHY, HEALTHY, | ||||
| errorMessage | String | ||||
| lastTimestamp | Date | date-time |
71.1.2.295. StorageIntegrationHealthStatus
| Enum Values |
|---|
| UNINITIALIZED |
| UNHEALTHY |
| HEALTHY |
71.1.2.296. StorageIntegrationHealthType
| Enum Values |
|---|
| UNKNOWN |
| IMAGE_INTEGRATION |
| NOTIFIER |
| BACKUP |
| DECLARATIVE_CONFIG |
71.1.2.297. StorageJira
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| url | String | ||||
| username | String | ||||
| password | String | The password for the integration. The server will mask the value of this credential in responses and logs. | |||
| issueType | String | ||||
| priorityMappings | List of JiraPriorityMapping | ||||
| defaultFieldsJson | String | ||||
| disablePriority | Boolean |
71.1.2.298. StorageK8sRole
Properties of an individual k8s Role or ClusterRole. ////////////////////////////////////////
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| namespace | String | ||||
| clusterId | String | ||||
| clusterName | String | ||||
| clusterRole | Boolean | ||||
| labels |
Map of | ||||
| annotations |
Map of | ||||
| createdAt | Date | date-time | |||
| rules | List of StoragePolicyRule |
71.1.2.299. StorageK8sRoleBinding
Properties of an individual k8s RoleBinding or ClusterRoleBinding. ////////////////////////////////////////
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| namespace | String | ||||
| clusterId | String | ||||
| clusterName | String | ||||
| clusterRole | Boolean | ClusterRole specifies whether the binding binds a cluster role. However, it cannot be used to determine whether the binding is a cluster role binding. This can be done in conjunction with the namespace. If the namespace is empty and cluster role is true, the binding is a cluster role binding. | |||
| labels |
Map of | ||||
| annotations |
Map of | ||||
| createdAt | Date | date-time | |||
| subjects | List of StorageSubject | ||||
| roleId | String |
71.1.2.300. StorageKeyValuePair
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| key | String | ||||
| value | String |
71.1.2.301. StorageL4Protocol
| Enum Values |
|---|
| L4_PROTOCOL_UNKNOWN |
| L4_PROTOCOL_TCP |
| L4_PROTOCOL_UDP |
| L4_PROTOCOL_ICMP |
| L4_PROTOCOL_RAW |
| L4_PROTOCOL_SCTP |
| L4_PROTOCOL_ANY |
71.1.2.302. StorageLabelSelector
Label selector components are joined with logical AND, see https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
Next available tag: 3
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| matchLabels |
Map of | This is actually a oneof, but we can’t make it one due to backwards compatibility constraints. | |||
| requirements | List of StorageLabelSelectorRequirement |
71.1.2.303. StorageLabelSelectorOperator
| Enum Values |
|---|
| UNKNOWN |
| IN |
| NOT_IN |
| EXISTS |
| NOT_EXISTS |
71.1.2.304. StorageLabelSelectorRequirement
Next available tag: 4
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| key | String | ||||
| op | UNKNOWN, IN, NOT_IN, EXISTS, NOT_EXISTS, | ||||
| values |
List of |
71.1.2.305. StorageLicense
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| type | String | ||||
| url | String |
71.1.2.306. StorageLifecycleStage
| Enum Values |
|---|
| DEPLOY |
| BUILD |
| RUNTIME |
71.1.2.307. StorageListAlert
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| lifecycleStage | DEPLOY, BUILD, RUNTIME, | ||||
| time | Date | date-time | |||
| policy | |||||
| state | ACTIVE, RESOLVED, ATTEMPTED, | ||||
| enforcementCount | Integer | int32 | |||
| enforcementAction | UNSET_ENFORCEMENT, SCALE_TO_ZERO_ENFORCEMENT, UNSATISFIABLE_NODE_CONSTRAINT_ENFORCEMENT, KILL_POD_ENFORCEMENT, FAIL_BUILD_ENFORCEMENT, FAIL_KUBE_REQUEST_ENFORCEMENT, FAIL_DEPLOYMENT_CREATE_ENFORCEMENT, FAIL_DEPLOYMENT_UPDATE_ENFORCEMENT, | ||||
| commonEntityInfo | |||||
| deployment | |||||
| resource |
71.1.2.308. StorageListAlertDeployment
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| clusterName | String | This field is deprecated and can be found in CommonEntityInfo. It will be removed from here in a future release. This field has moved to CommonEntityInfo | |||
| namespace | String | This field is deprecated and can be found in CommonEntityInfo. It will be removed from here in a future release. This field has moved to CommonEntityInfo | |||
| clusterId | String | This field is deprecated and can be found in CommonEntityInfo. It will be removed from here in a future release. This field has moved to CommonEntityInfo | |||
| inactive | Boolean | ||||
| namespaceId | String | This field is deprecated and can be found in CommonEntityInfo. It will be removed from here in a future release. This field has moved to CommonEntityInfo | |||
| deploymentType | String |
71.1.2.309. StorageListAlertPolicy
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| severity | UNSET_SEVERITY, LOW_SEVERITY, MEDIUM_SEVERITY, HIGH_SEVERITY, CRITICAL_SEVERITY, | ||||
| description | String | ||||
| categories |
List of | ||||
| developerInternalFields |
71.1.2.310. StorageListAlertResourceType
A special ListAlert-only enumeration of all resource types. Unlike Alert.Resource.ResourceType this also includes deployment as a type This must be kept in sync with Alert.Resource.ResourceType (excluding the deployment value)
| Enum Values |
|---|
| DEPLOYMENT |
| SECRETS |
| CONFIGMAPS |
| CLUSTER_ROLES |
| CLUSTER_ROLE_BINDINGS |
| NETWORK_POLICIES |
| SECURITY_CONTEXT_CONSTRAINTS |
| EGRESS_FIREWALLS |
71.1.2.311. StorageListDeployment
Next available tag: 9
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| hash | String | uint64 | |||
| name | String | ||||
| cluster | String | ||||
| clusterId | String | ||||
| namespace | String | ||||
| created | Date | date-time | |||
| priority | String | int64 |
71.1.2.312. StorageListImage
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| components | Integer | int32 | |||
| cves | Integer | int32 | |||
| fixableCves | Integer | int32 | |||
| created | Date | date-time | |||
| lastUpdated | Date | date-time | |||
| priority | String | int64 |
71.1.2.313. StorageListPolicy
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| description | String | ||||
| severity | UNSET_SEVERITY, LOW_SEVERITY, MEDIUM_SEVERITY, HIGH_SEVERITY, CRITICAL_SEVERITY, | ||||
| disabled | Boolean | ||||
| lifecycleStages | List of StorageLifecycleStage | ||||
| notifiers |
List of | ||||
| lastUpdated | Date | date-time | |||
| eventSource | NOT_APPLICABLE, DEPLOYMENT_EVENT, AUDIT_LOG_EVENT, | ||||
| isDefault | Boolean | ||||
| source | IMPERATIVE, DECLARATIVE, |
71.1.2.314. StorageListSecret
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| clusterId | String | ||||
| clusterName | String | ||||
| namespace | String | ||||
| types | List of StorageSecretType | ||||
| createdAt | Date | date-time |
71.1.2.315. StorageLivenessProbe
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| defined | Boolean |
71.1.2.316. StorageLoginNotice
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| enabled | Boolean | ||||
| text | String |
71.1.2.317. StorageManagerType
| Enum Values |
|---|
| MANAGER_TYPE_UNKNOWN |
| MANAGER_TYPE_MANUAL |
| MANAGER_TYPE_HELM_CHART |
| MANAGER_TYPE_KUBERNETES_OPERATOR |
71.1.2.318. StorageMatchType
| Enum Values |
|---|
| EXACT |
| REGEX |
71.1.2.319. StorageMicrosoftSentinel
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| logIngestionEndpoint | String | log_ingestion_endpoint is the log ingestion endpoint. | |||
| directoryTenantId | String | directory_tenant_id contains the ID of the Microsoft Directory ID of the selected tenant. | |||
| applicationClientId | String | application_client_id contains the ID of the application ID of the service principal. | |||
| secret | String | secret contains the client secret. | |||
| alertDcrConfig | |||||
| auditLogDcrConfig | |||||
| clientCertAuthConfig | |||||
| wifEnabled | Boolean | Enables authentication with short-lived tokens using Azure managed identities or Azure workload identities. The toggle exists to make the use of Azure default credentials explicit rather than always using them as a fallback. The explicit behavior is more consistent with other integrations. |
71.1.2.320. StorageMitreAttackVector
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| tactic | |||||
| techniques | List of StorageMitreTechnique |
71.1.2.321. StorageMitreTactic
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| description | String |
71.1.2.322. StorageMitreTechnique
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| description | String |
71.1.2.323. StorageNamespaceMetadata
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| clusterId | String | ||||
| clusterName | String | ||||
| labels |
Map of | ||||
| creationTime | Date | date-time | |||
| priority | String | int64 | |||
| annotations |
Map of |
71.1.2.324. StorageNetworkBaseline
NetworkBaseline represents a network baseline of a deployment. It contains all the baseline peers and their respective connections. next available tag: 8
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| deploymentId | String | This is the ID of the baseline. | |||
| clusterId | String | ||||
| namespace | String | ||||
| peers | List of StorageNetworkBaselinePeer | ||||
| forbiddenPeers | List of StorageNetworkBaselinePeer | A list of peers that will never be added to the baseline. For now, this contains peers that the user has manually removed. This is used to ensure we don’t add it back in the event we see the flow again. | |||
| observationPeriodEnd | Date | date-time | |||
| locked | Boolean | ||||
| deploymentName | String |
71.1.2.325. StorageNetworkBaselineConnectionProperties
NetworkBaselineConnectionProperties represents information about a baseline connection next available tag: 4
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| ingress | Boolean | ||||
| port | Long | int64 | |||
| protocol | L4_PROTOCOL_UNKNOWN, L4_PROTOCOL_TCP, L4_PROTOCOL_UDP, L4_PROTOCOL_ICMP, L4_PROTOCOL_RAW, L4_PROTOCOL_SCTP, L4_PROTOCOL_ANY, |
71.1.2.326. StorageNetworkBaselinePeer
NetworkBaselinePeer represents a baseline peer. next available tag: 3
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| entity | |||||
| properties |
71.1.2.327. StorageNetworkEntity
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| info | |||||
| scope |
71.1.2.328. StorageNetworkEntityInfo
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| type | UNKNOWN_TYPE, DEPLOYMENT, INTERNET, LISTEN_ENDPOINT, EXTERNAL_SOURCE, INTERNAL_ENTITIES, | ||||
| id | String | ||||
| deployment | |||||
| externalSource |
71.1.2.329. StorageNetworkEntityInfoDeployment
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| namespace | String | ||||
| cluster | String | ||||
| listenPorts | List of DeploymentListenPort |
71.1.2.330. StorageNetworkEntityInfoType
- INTERNAL_ENTITIES: INTERNAL_ENTITIES is for grouping all internal entities under a single network graph node
| Enum Values |
|---|
| UNKNOWN_TYPE |
| DEPLOYMENT |
| INTERNET |
| LISTEN_ENDPOINT |
| EXTERNAL_SOURCE |
| INTERNAL_ENTITIES |
71.1.2.331. StorageNetworkEntityScope
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| clusterId | String |
71.1.2.332. StorageNetworkFlow
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| props | |||||
| lastSeenTimestamp | Date | date-time | |||
| clusterId | String | ||||
| updatedAt | Date | date-time |
71.1.2.333. StorageNetworkFlowProperties
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| srcEntity | |||||
| dstEntity | |||||
| dstPort | Long | may be 0 if not applicable (e.g., icmp). | int64 | ||
| l4protocol | L4_PROTOCOL_UNKNOWN, L4_PROTOCOL_TCP, L4_PROTOCOL_UDP, L4_PROTOCOL_ICMP, L4_PROTOCOL_RAW, L4_PROTOCOL_SCTP, L4_PROTOCOL_ANY, |
71.1.2.334. StorageNetworkGraphConfig
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| hideDefaultExternalSrcs | Boolean |
71.1.2.335. StorageNetworkPolicy
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| clusterId | String | ||||
| clusterName | String | ||||
| namespace | String | ||||
| labels |
Map of | ||||
| annotations |
Map of | ||||
| spec | |||||
| yaml | String | ||||
| apiVersion | String | ||||
| created | Date | date-time |
71.1.2.336. StorageNetworkPolicyApplicationUndoRecord
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| clusterId | String | ||||
| user | String | ||||
| applyTimestamp | Date | date-time | |||
| originalModification | |||||
| undoModification |
71.1.2.337. StorageNetworkPolicyEgressRule
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| ports | List of StorageNetworkPolicyPort | ||||
| to | List of StorageNetworkPolicyPeer |
71.1.2.338. StorageNetworkPolicyIngressRule
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| ports | List of StorageNetworkPolicyPort | ||||
| from | List of StorageNetworkPolicyPeer |
71.1.2.339. StorageNetworkPolicyModification
Next available tag: 3
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| applyYaml | String | ||||
| toDelete | List of StorageNetworkPolicyReference |
71.1.2.340. StorageNetworkPolicyPeer
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| podSelector | |||||
| namespaceSelector | |||||
| ipBlock |
71.1.2.341. StorageNetworkPolicyPort
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| protocol | UNSET_PROTOCOL, TCP_PROTOCOL, UDP_PROTOCOL, SCTP_PROTOCOL, | ||||
| port | Integer | int32 | |||
| portName | String |
71.1.2.342. StorageNetworkPolicyReference
Next available tag: 3
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| namespace | String | ||||
| name | String |
71.1.2.343. StorageNetworkPolicySpec
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| podSelector | |||||
| ingress | List of StorageNetworkPolicyIngressRule | ||||
| egress | List of StorageNetworkPolicyEgressRule | ||||
| policyTypes | List of StorageNetworkPolicyType |
71.1.2.344. StorageNetworkPolicyType
| Enum Values |
|---|
| UNSET_NETWORK_POLICY_TYPE |
| INGRESS_NETWORK_POLICY_TYPE |
| EGRESS_NETWORK_POLICY_TYPE |
71.1.2.345. StorageNode
Node represents information about a node in the cluster. next available tag: 28
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | A unique ID identifying this node. | |||
| name | String | The (host)name of the node. Might or might not be the same as ID. | |||
| taints | List of StorageTaint | ||||
| clusterId | String | ||||
| clusterName | String | ||||
| labels |
Map of | ||||
| annotations |
Map of | ||||
| joinedAt | Date | date-time | |||
| internalIpAddresses |
List of | ||||
| externalIpAddresses |
List of | ||||
| containerRuntimeVersion | String | Use container_runtime.version | |||
| containerRuntime | |||||
| kernelVersion | String | ||||
| operatingSystem | String | From NodeInfo. Operating system reported by the node (ex: linux). | |||
| osImage | String | From NodeInfo. OS image reported by the node from /etc/os-release. | |||
| kubeletVersion | String | ||||
| kubeProxyVersion | String | ||||
| lastUpdated | Date | date-time | |||
| k8sUpdated | Date | Time we received an update from Kubernetes. | date-time | ||
| scan | |||||
| components | Integer | int32 | |||
| cves | Integer | int32 | |||
| fixableCves | Integer | int32 | |||
| priority | String | int64 | |||
| riskScore | Float | float | |||
| topCvss | Float | float | |||
| notes | List of StorageNodeNote |
71.1.2.346. StorageNodeNote
| Enum Values |
|---|
| MISSING_SCAN_DATA |
71.1.2.347. StorageNodeScan
Next tag: 5
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| scanTime | Date | date-time | |||
| operatingSystem | String | ||||
| components | List of StorageEmbeddedNodeScanComponent | ||||
| notes | List of StorageNodeScanNote | ||||
| scannerVersion | SCANNER, SCANNER_V4, |
71.1.2.348. StorageNodeScanNote
| Enum Values |
|---|
| UNSET |
| UNSUPPORTED |
| KERNEL_UNSUPPORTED |
| CERTIFIED_RHEL_CVES_UNAVAILABLE |
71.1.2.349. StorageNodeVulnerability
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| cveBaseInfo | |||||
| cvss | Float | float | |||
| severity | UNKNOWN_VULNERABILITY_SEVERITY, LOW_VULNERABILITY_SEVERITY, MODERATE_VULNERABILITY_SEVERITY, IMPORTANT_VULNERABILITY_SEVERITY, CRITICAL_VULNERABILITY_SEVERITY, | ||||
| fixedBy | String | ||||
| snoozed | Boolean | ||||
| snoozeStart | Date | date-time | |||
| snoozeExpiry | Date | date-time |
71.1.2.350. StorageNotifier
Next Tag: 21
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| type | String | ||||
| uiEndpoint | String | ||||
| labelKey | String | ||||
| labelDefault | String | ||||
| jira | |||||
| | |||||
| cscc | |||||
| splunk | |||||
| pagerduty | |||||
| generic | |||||
| sumologic | |||||
| awsSecurityHub | |||||
| syslog | |||||
| microsoftSentinel | |||||
| notifierSecret | String | ||||
| traits |
71.1.2.351. StorageNotifierConfiguration
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| emailConfig | |||||
| id | String |
71.1.2.352. StorageOperationStatus
| Enum Values |
|---|
| FAIL |
| PASS |
71.1.2.353. StorageOrchestratorMetadata
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| version | String | ||||
| openshiftVersion | String | ||||
| buildDate | Date | date-time | |||
| apiVersions |
List of |
71.1.2.354. StoragePagerDuty
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| apiKey | String | The API key for the integration. The server will mask the value of this credential in responses and logs. |
71.1.2.355. StoragePermissionLevel
For any update to PermissionLevel, also update: - pkg/searchbasedpolicies/builders/k8s_rbac.go - ui/src/messages/common.js
| Enum Values |
|---|
| UNSET |
| NONE |
| DEFAULT |
| ELEVATED_IN_NAMESPACE |
| ELEVATED_CLUSTER_WIDE |
| CLUSTER_ADMIN |
71.1.2.356. StoragePermissionSet
This encodes a set of permissions for StackRox resources.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | id is generated and cannot be changed. | |||
| name | String |
| |||
| description | String | ||||
| resourceToAccess | Map of StorageAccess | ||||
| traits |
71.1.2.357. StoragePlatformComponentConfig
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| rules | List of PlatformComponentConfigRule | ||||
| needsReevaluation | Boolean |
71.1.2.358. StoragePod
Pod represents information for a currently running pod or deleted pod in an active deployment.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| deploymentId | String | ||||
| namespace | String | ||||
| clusterId | String | ||||
| liveInstances | List of StorageContainerInstance | ||||
| terminatedInstances | List of PodContainerInstanceList | Must be a list of lists, so we can perform search queries (does not work for maps that aren’t <string, string>) There is one bucket (list) per container name. | |||
| started | Date | Time Kubernetes reports the pod was created. | date-time |
71.1.2.359. StoragePolicy
Next tag: 28
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | Name of the policy. Must be unique. | |||
| description | String | Free-form text description of this policy. | |||
| rationale | String | ||||
| remediation | String | Describes how to remediate a violation of this policy. | |||
| disabled | Boolean | Toggles whether or not this policy will be executing and actively firing alerts. | |||
| categories |
List of | List of categories that this policy falls under. Category names must already exist in Central. | |||
| lifecycleStages | List of StorageLifecycleStage | Describes which policy lifecylce stages this policy applies to. Choices are DEPLOY, BUILD, and RUNTIME. | |||
| eventSource | NOT_APPLICABLE, DEPLOYMENT_EVENT, AUDIT_LOG_EVENT, | ||||
| exclusions | List of StorageExclusion | Define deployments or images that should be excluded from this policy. | |||
| scope | List of StorageScope | Defines clusters, namespaces, and deployments that should be included in this policy. No scopes defined includes everything. | |||
| severity | UNSET_SEVERITY, LOW_SEVERITY, MEDIUM_SEVERITY, HIGH_SEVERITY, CRITICAL_SEVERITY, | ||||
| enforcementActions | List of StorageEnforcementAction | FAIL_DEPLOYMENT_CREATE_ENFORCEMENT takes effect only if admission control webhook is configured to enforce on object creates/updates. FAIL_KUBE_REQUEST_ENFORCEMENT takes effect only if admission control webhook is enabled to listen on exec and port-forward events. FAIL_DEPLOYMENT_UPDATE_ENFORCEMENT takes effect only if admission control webhook is configured to enforce on object updates. Lists the enforcement actions to take when a violation from this policy is identified. Possible value are UNSET_ENFORCEMENT, SCALE_TO_ZERO_ENFORCEMENT, UNSATISFIABLE_NODE_CONSTRAINT_ENFORCEMENT, KILL_POD_ENFORCEMENT, FAIL_BUILD_ENFORCEMENT, FAIL_KUBE_REQUEST_ENFORCEMENT, FAIL_DEPLOYMENT_CREATE_ENFORCEMENT, and. FAIL_DEPLOYMENT_UPDATE_ENFORCEMENT. | |||
| notifiers |
List of | List of IDs of the notifiers that should be triggered when a violation from this policy is identified. IDs should be in the form of a UUID and are found through the Central API. | |||
| lastUpdated | Date | date-time | |||
| SORTName | String | For internal use only. | |||
| SORTLifecycleStage | String | For internal use only. | |||
| SORTEnforcement | Boolean | For internal use only. | |||
| policyVersion | String | ||||
| policySections | List of StoragePolicySection | PolicySections define the violation criteria for this policy. | |||
| mitreAttackVectors | List of PolicyMitreAttackVectors | ||||
| criteriaLocked | Boolean | Read-only field. If true, the policy’s criteria fields are rendered read-only. | |||
| mitreVectorsLocked | Boolean | Read-only field. If true, the policy’s MITRE ATT&CK fields are rendered read-only. | |||
| isDefault | Boolean | Read-only field. Indicates the policy is a default policy if true and a custom policy if false. | |||
| source | IMPERATIVE, DECLARATIVE, |
71.1.2.360. StoragePolicyGroup
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| fieldName | String | Defines which field on a deployment or image this PolicyGroup evaluates. See https://docs.openshift.com/acs/operating/manage-security-policies.html#policy-criteria_manage-security-policies for a complete list of possible values. | |||
| booleanOperator | OR, AND, | ||||
| negate | Boolean | Determines if the evaluation of this PolicyGroup is negated. Default to false. | |||
| values | List of StoragePolicyValue |
71.1.2.361. StoragePolicyRule
Properties of an individual rules that grant permissions to resources. ////////////////////////////////////////
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| verbs |
List of | ||||
| apiGroups |
List of | ||||
| resources |
List of | ||||
| nonResourceUrls |
List of | ||||
| resourceNames |
List of |
71.1.2.362. StoragePolicySection
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| sectionName | String | ||||
| policyGroups | List of StoragePolicyGroup | The set of policies groups that make up this section. Each group can be considered an individual criterion. |
71.1.2.363. StoragePolicySource
| Enum Values |
|---|
| IMPERATIVE |
| DECLARATIVE |
71.1.2.364. StoragePolicyValue
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| value | String |
71.1.2.365. StoragePortConfig
Next Available Tag: 6
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| containerPort | Integer | int32 | |||
| protocol | String | ||||
| exposure | UNSET, EXTERNAL, NODE, INTERNAL, HOST, ROUTE, | ||||
| exposedPort | Integer | int32 | |||
| exposureInfos | List of PortConfigExposureInfo |
71.1.2.366. StoragePrivateConfig
next available tag: 10
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| DEPRECATEDAlertRetentionDurationDays | Integer | int32 | |||
| alertConfig | |||||
| imageRetentionDurationDays | Integer | int32 | |||
| expiredVulnReqRetentionDurationDays | Integer | int32 | |||
| decommissionedClusterRetention | |||||
| reportRetentionConfig | |||||
| vulnerabilityExceptionConfig | |||||
| administrationEventsConfig | |||||
| metrics |
71.1.2.367. StorageProcessBaseline
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| key | |||||
| elements | List of StorageBaselineElement | ||||
| elementGraveyard | List of StorageBaselineElement | ||||
| created | Date | date-time | |||
| userLockedTimestamp | Date | date-time | |||
| stackRoxLockedTimestamp | Date | date-time | |||
| lastUpdate | Date | date-time |
71.1.2.368. StorageProcessBaselineKey
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| deploymentId | String | The idea is for the keys to be flexible. Only certain combinations of these will be supported. | |||
| containerName | String | ||||
| clusterId | String | ||||
| namespace | String |
71.1.2.369. StorageProcessIndicator
Next available tag: 13
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| deploymentId | String | ||||
| containerName | String | ||||
| podId | String | ||||
| podUid | String | ||||
| signal | |||||
| clusterId | String | ||||
| namespace | String | ||||
| containerStartTime | Date | date-time | |||
| imageId | String |
71.1.2.370. StorageProcessListeningOnPort
The API returns an array of these
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| endpoint | |||||
| deploymentId | String | ||||
| containerName | String | ||||
| podId | String | ||||
| podUid | String | ||||
| signal | |||||
| clusterId | String | ||||
| namespace | String | ||||
| containerStartTime | Date | date-time | |||
| imageId | String |
71.1.2.371. StorageProcessSignal
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | A unique UUID for identifying the message We have this here instead of at the top level because we want to have each message to be self contained. | |||
| containerId | String | ||||
| time | Date | date-time | |||
| name | String | ||||
| args | String | ||||
| execFilePath | String | ||||
| pid | Long | int64 | |||
| uid | Long | int64 | |||
| gid | Long | int64 | |||
| lineage |
List of | ||||
| scraped | Boolean | ||||
| lineageInfo | List of ProcessSignalLineageInfo |
71.1.2.372. StoragePrometheusMetrics
next available tag: 4
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| imageVulnerabilities | |||||
| policyViolations | |||||
| nodeVulnerabilities |
71.1.2.373. StoragePrometheusMetricsGroup
A group is a collection of metrics that are computed by the same aggregator. Metrics in a group may use different subsets of a complete list of labels supported by the aggregator.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| gatheringPeriodMinutes | Long | int64 | |||
| descriptors | Map of GroupLabels | Metric descriptors is a map of metric names to the list of allowed labels. |
71.1.2.374. StorageProtocol
| Enum Values |
|---|
| UNSET_PROTOCOL |
| TCP_PROTOCOL |
| UDP_PROTOCOL |
| SCTP_PROTOCOL |
71.1.2.375. StorageProviderMetadata
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| region | String | ||||
| zone | String | ||||
| | |||||
| aws | |||||
| azure | |||||
| verified | Boolean | ||||
| cluster |
71.1.2.376. StoragePublicConfig
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| loginNotice | |||||
| header | |||||
| footer | |||||
| telemetry |
71.1.2.377. StorageQuayConfig
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| endpoint | String | ||||
| oauthToken | String | The OAuth token for the integration. Required if this is a scanner integration. The server will mask the value of this credential in responses and logs. | |||
| insecure | Boolean | ||||
| registryRobotCredentials |
71.1.2.378. StorageReadinessProbe
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| defined | Boolean |
71.1.2.379. StorageReportConfiguration
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| description | String | ||||
| type | VULNERABILITY, | ||||
| vulnReportFilters | |||||
| scopeId | String | ||||
| emailConfig | |||||
| schedule | |||||
| lastRunStatus | |||||
| lastSuccessfulRunTime | Date | date-time | |||
| resourceScope | |||||
| notifiers | List of StorageNotifierConfiguration | ||||
| creator | |||||
| version | Integer | int32 |
71.1.2.380. StorageReportLastRunStatus
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| reportStatus | SUCCESS, FAILURE, | ||||
| lastRunTime | Date | date-time | |||
| errorMsg | String |
71.1.2.381. StorageReportRetentionConfig
next available tag: 4
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| historyRetentionDurationDays | Long | int64 | |||
| downloadableReportRetentionDays | Long | int64 | |||
| downloadableReportGlobalRetentionBytes | Long | int64 |
71.1.2.382. StorageRequestComment
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| message | String | ||||
| user | |||||
| createdAt | Date | date-time |
71.1.2.383. StorageRequestExpiry
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| expiresWhenFixed | Boolean | Indicates that this request expires when the associated vulnerability is fixed. | |||
| expiresOn | Date | Indicates the timestamp when this request expires. | date-time | ||
| expiryType | TIME, ALL_CVE_FIXABLE, ANY_CVE_FIXABLE, |
71.1.2.384. StorageRequestStatus
Indicates the status of a request. Requests canceled by the user before they are acted upon by the approver are not tracked/persisted (with the exception of audit logs if it is turned on).
- PENDING: Default request state. It indicates that the request has not been fulfilled and that an action (approve/deny) is required.
- APPROVED: Indicates that the request has been approved by the approver.
- DENIED: Indicates that the request has been denied by the approver.
- APPROVED_PENDING_UPDATE: Indicates that the original request was approved, but an update is still pending an approval or denial.
| Enum Values |
|---|
| PENDING |
| APPROVED |
| DENIED |
| APPROVED_PENDING_UPDATE |
71.1.2.385. StorageRequester
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String |
71.1.2.386. StorageResourceCollection
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| description | String | ||||
| createdAt | Date | date-time | |||
| lastUpdated | Date | date-time | |||
| createdBy | |||||
| updatedBy | |||||
| resourceSelectors | List of StorageResourceSelector |
| |||
| embeddedCollections |
71.1.2.387. StorageResourceScope
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| collectionId | String |
71.1.2.388. StorageResourceSelector
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| rules | List of StorageSelectorRule |
|
71.1.2.389. StorageResources
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| cpuCoresRequest | Float | float | |||
| cpuCoresLimit | Float | float | |||
| memoryMbRequest | Float | float | |||
| memoryMbLimit | Float | float |
71.1.2.390. StorageRisk
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| subject | |||||
| score | Float | float | |||
| results | List of StorageRiskResult |
71.1.2.391. StorageRiskResult
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| factors | List of ResultFactor | ||||
| score | Float | float |
71.1.2.392. StorageRiskSubject
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| namespace | String | ||||
| clusterId | String | ||||
| type | UNKNOWN, DEPLOYMENT, NAMESPACE, CLUSTER, NODE, NODE_COMPONENT, IMAGE, IMAGE_COMPONENT, SERVICEACCOUNT, |
71.1.2.393. StorageRiskSubjectType
Next tag: 9
| Enum Values |
|---|
| UNKNOWN |
| DEPLOYMENT |
| NAMESPACE |
| CLUSTER |
| NODE |
| NODE_COMPONENT |
| IMAGE |
| IMAGE_COMPONENT |
| SERVICEACCOUNT |
71.1.2.394. StorageRole
A role specifies which actions are allowed for which subset of cluster objects. Permissions be can either specified directly via setting resource_to_access together with global_access or by referencing a permission set by its id in permission_set_name.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String |
| |||
| description | String | ||||
| permissionSetId | String | The associated PermissionSet and AccessScope for this Role. | |||
| accessScopeId | String | ||||
| globalAccess | NO_ACCESS, READ_ACCESS, READ_WRITE_ACCESS, | ||||
| resourceToAccess | Map of StorageAccess |
Deprecated 2021-04-20 in favor of | |||
| traits |
71.1.2.395. StorageRuleValue
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| value | String | ||||
| matchType | EXACT, REGEX, |
71.1.2.396. StorageS3Compatible
S3Compatible configures the backup integration with an S3 compatible storage provider. S3 compatible is intended for non-AWS providers. For AWS S3 use S3Config.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| bucket | String | ||||
| accessKeyId | String | The access key ID to use. The server will mask the value of this credential in responses and logs. | |||
| secretAccessKey | String | The secret access key to use. The server will mask the value of this credential in responses and logs. | |||
| region | String | ||||
| objectPrefix | String | ||||
| endpoint | String | ||||
| urlStyle | S3_URL_STYLE_UNSPECIFIED, S3_URL_STYLE_VIRTUAL_HOSTED, S3_URL_STYLE_PATH, |
71.1.2.397. StorageS3Config
S3Config configures the backup integration with AWS S3.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| bucket | String | ||||
| useIam | Boolean | ||||
| accessKeyId | String | The access key ID for the storage integration. The server will mask the value of this credential in responses and logs. | |||
| secretAccessKey | String | The secret access key for the storage integration. The server will mask the value of this credential in responses and logs. | |||
| region | String | ||||
| objectPrefix | String | ||||
| endpoint | String |
71.1.2.398. StorageS3URLStyle
| Enum Values |
|---|
| S3_URL_STYLE_UNSPECIFIED |
| S3_URL_STYLE_VIRTUAL_HOSTED |
| S3_URL_STYLE_PATH |
71.1.2.399. StorageScannerHealthInfo
ScannerHealthInfo represents health info of a scanner instance that is deployed on a secured cluster (so called "local scanner"). When the scanner is deployed on a central cluster, the following message is NOT used. ScannerHealthInfo carries data about scanner deployment but does not include scanner health status derived from this data. Aggregated scanner health status is not included because it is derived in central and not in the component that first reports ScannerHealthInfo (sensor).
The following fields are made optional/nullable because there can be errors when trying to obtain them and the default value of 0 might be confusing with the actual value 0. In case an error happens when trying to obtain a certain field, it will be absent (instead of having the default value).
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| totalDesiredAnalyzerPods | Integer | int32 | |||
| totalReadyAnalyzerPods | Integer | int32 | |||
| totalDesiredDbPods | Integer | int32 | |||
| totalReadyDbPods | Integer | int32 | |||
| statusErrors |
List of | Collection of errors that occurred while trying to obtain scanner health info. |
71.1.2.400. StorageScannerV4Config
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| numConcurrentScans | Integer | int32 | |||
| indexerEndpoint | String | ||||
| matcherEndpoint | String |
71.1.2.401. StorageSchedule
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| intervalType | UNSET, DAILY, WEEKLY, MONTHLY, | ||||
| hour | Integer | int32 | |||
| minute | Integer | int32 | |||
| weekly | |||||
| daysOfWeek | |||||
| daysOfMonth |
71.1.2.402. StorageScope
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| cluster | String | ||||
| namespace | String | ||||
| label |
71.1.2.403. StorageScopeLabel
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| key | String | ||||
| value | String |
71.1.2.404. StorageSecret
Flat secret object. Any properties of an individual secret. (regardless of time, scope, or context) ////////////////////////////////////////
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| clusterId | String | ||||
| clusterName | String | ||||
| namespace | String | ||||
| type | String | ||||
| labels |
Map of | ||||
| annotations |
Map of | ||||
| createdAt | Date | date-time | |||
| files | List of StorageSecretDataFile | Metadata about the secrets. The secret need not be a file, but rather may be an arbitrary value. | |||
| relationship |
71.1.2.405. StorageSecretContainerRelationship
Secrets can be mounted in a path in a container. Next Tag: 3
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | Id of the container the secret is mounted in. | |||
| path | String | Path is a container specific mounting directory. |
71.1.2.406. StorageSecretDataFile
Metadata about secret. Additional information is presented for a certificate file and imagePullSecret, but the "file" may also represent some arbitrary value.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| type | UNDETERMINED, PUBLIC_CERTIFICATE, CERTIFICATE_REQUEST, PRIVACY_ENHANCED_MESSAGE, OPENSSH_PRIVATE_KEY, PGP_PRIVATE_KEY, EC_PRIVATE_KEY, RSA_PRIVATE_KEY, DSA_PRIVATE_KEY, CERT_PRIVATE_KEY, ENCRYPTED_PRIVATE_KEY, IMAGE_PULL_SECRET, | ||||
| cert | |||||
| imagePullSecret |
71.1.2.407. StorageSecretDeploymentRelationship
Secrets can be used by a deployment. Next Tag: 3
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | Id of the deployment using the secret within a container. | |||
| name | String | Name of the deployment. |
71.1.2.408. StorageSecretRelationship
The combined relationships that belong to the secret. Next Tag: 6
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| containerRelationships | |||||
| deploymentRelationships | Deployment id to relationship. |
71.1.2.409. StorageSecretType
| Enum Values |
|---|
| UNDETERMINED |
| PUBLIC_CERTIFICATE |
| CERTIFICATE_REQUEST |
| PRIVACY_ENHANCED_MESSAGE |
| OPENSSH_PRIVATE_KEY |
| PGP_PRIVATE_KEY |
| EC_PRIVATE_KEY |
| RSA_PRIVATE_KEY |
| DSA_PRIVATE_KEY |
| CERT_PRIVATE_KEY |
| ENCRYPTED_PRIVATE_KEY |
| IMAGE_PULL_SECRET |
71.1.2.410. StorageSecurityContext
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| privileged | Boolean | ||||
| selinux | |||||
| dropCapabilities |
List of | ||||
| addCapabilities |
List of | ||||
| readOnlyRootFilesystem | Boolean | ||||
| seccompProfile | |||||
| allowPrivilegeEscalation | Boolean |
71.1.2.411. StorageSelectorRule
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| fieldName | String | ||||
| operator | OR, AND, | ||||
| values | List of StorageRuleValue |
|
71.1.2.412. StorageSensorDeploymentIdentification
StackRoxDeploymentIdentification aims at uniquely identifying a StackRox Sensor deployment. It is used to determine whether a sensor connection comes from a sensor pod that has restarted or was recreated (possibly after a network partition), or from a deployment in a different namespace or cluster.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| systemNamespaceId | String | ||||
| defaultNamespaceId | String | ||||
| appNamespace | String | ||||
| appNamespaceId | String | ||||
| appServiceaccountId | String | ||||
| k8sNodeName | String |
71.1.2.413. StorageSensorUpgradeConfig
SensorUpgradeConfig encapsulates configuration relevant to sensor auto-upgrades.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| enableAutoUpgrade | Boolean | Whether to automatically trigger upgrades for out-of-date sensors. |
71.1.2.414. StorageServiceAccount
Any properties of an individual service account. (regardless of time, scope, or context) ////////////////////////////////////////
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| namespace | String | ||||
| clusterName | String | ||||
| clusterId | String | ||||
| labels |
Map of | ||||
| annotations |
Map of | ||||
| createdAt | Date | date-time | |||
| automountToken | Boolean | ||||
| secrets |
List of | ||||
| imagePullSecrets |
List of |
71.1.2.415. StorageServiceIdentity
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| serialStr | String | ||||
| serial | String | int64 | |||
| id | String | ||||
| type | UNKNOWN_SERVICE, SENSOR_SERVICE, CENTRAL_SERVICE, CENTRAL_DB_SERVICE, REMOTE_SERVICE, COLLECTOR_SERVICE, MONITORING_UI_SERVICE, MONITORING_DB_SERVICE, MONITORING_CLIENT_SERVICE, BENCHMARK_SERVICE, SCANNER_SERVICE, SCANNER_DB_SERVICE, ADMISSION_CONTROL_SERVICE, SCANNER_V4_INDEXER_SERVICE, SCANNER_V4_MATCHER_SERVICE, SCANNER_V4_DB_SERVICE, SCANNER_V4_SERVICE, REGISTRANT_SERVICE, | ||||
| initBundleId | String |
71.1.2.416. StorageServiceType
Next available tag: 18
- SCANNER_V4_SERVICE: This is used when Scanner V4 is run in combo-mode.
| Enum Values |
|---|
| UNKNOWN_SERVICE |
| SENSOR_SERVICE |
| CENTRAL_SERVICE |
| CENTRAL_DB_SERVICE |
| REMOTE_SERVICE |
| COLLECTOR_SERVICE |
| MONITORING_UI_SERVICE |
| MONITORING_DB_SERVICE |
| MONITORING_CLIENT_SERVICE |
| BENCHMARK_SERVICE |
| SCANNER_SERVICE |
| SCANNER_DB_SERVICE |
| ADMISSION_CONTROL_SERVICE |
| SCANNER_V4_INDEXER_SERVICE |
| SCANNER_V4_MATCHER_SERVICE |
| SCANNER_V4_DB_SERVICE |
| SCANNER_V4_SERVICE |
| REGISTRANT_SERVICE |
71.1.2.417. StorageSetBasedLabelSelector
SetBasedLabelSelector only allows set-based label requirements.
Next available tag: 3
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| requirements |
71.1.2.418. StorageSetBasedLabelSelectorOperator
| Enum Values |
|---|
| UNKNOWN |
| IN |
| NOT_IN |
| EXISTS |
| NOT_EXISTS |
71.1.2.419. StorageSetBasedLabelSelectorRequirement
Next available tag: 4
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| key | String | ||||
| op | UNKNOWN, IN, NOT_IN, EXISTS, NOT_EXISTS, | ||||
| values |
List of |
71.1.2.420. StorageSeverity
| Enum Values |
|---|
| UNSET_SEVERITY |
| LOW_SEVERITY |
| MEDIUM_SEVERITY |
| HIGH_SEVERITY |
| CRITICAL_SEVERITY |
71.1.2.421. StorageSignature
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| cosign |
71.1.2.422. StorageSignatureIntegration
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| cosign | |||||
| cosignCertificates | |||||
| transparencyLog | |||||
| traits |
71.1.2.423. StorageSimpleAccessScope
Simple access scope is a (simple) selection criteria for scoped resources. It does not allow multi-component AND-rules nor set operations on names.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String |
| |||
| name | String |
| |||
| description | String | ||||
| rules | |||||
| traits |
71.1.2.424. StorageSlimUser
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String |
71.1.2.425. StorageSource
| Enum Values |
|---|
| SOURCE_UNKNOWN |
| SOURCE_RED_HAT |
| SOURCE_OSV |
| SOURCE_NVD |
71.1.2.426. StorageSourceType
| Enum Values |
|---|
| OS |
| PYTHON |
| JAVA |
| RUBY |
| NODEJS |
| GO |
| DOTNETCORERUNTIME |
| INFRASTRUCTURE |
71.1.2.427. StorageSplunk
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| httpToken | String | The HTTP token for the integration. The server will mask the value of this credential in responses and logs. | |||
| httpEndpoint | String | ||||
| insecure | Boolean | ||||
| truncate | String | int64 | |||
| auditLoggingEnabled | Boolean | ||||
| derivedSourceType | Boolean | ||||
| sourceTypes |
Map of |
71.1.2.428. StorageStaticClusterConfig
The difference between Static and Dynamic cluster config is that Static values are not sent over the Central to Sensor gRPC connection. They are used, for example, to generate manifests that can be used to set up the Secured Cluster’s k8s components. They are not dynamically reloaded.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| type | GENERIC_CLUSTER, KUBERNETES_CLUSTER, OPENSHIFT_CLUSTER, OPENSHIFT4_CLUSTER, | ||||
| mainImage | String | ||||
| centralApiEndpoint | String | ||||
| collectionMethod | UNSET_COLLECTION, NO_COLLECTION, KERNEL_MODULE, EBPF, CORE_BPF, | ||||
| collectorImage | String | ||||
| admissionController | Boolean | ||||
| admissionControllerUpdates | Boolean | ||||
| tolerationsConfig | |||||
| slimCollector | Boolean | ||||
| admissionControllerEvents | Boolean | ||||
| admissionControllerFailOnError | Boolean |
71.1.2.429. StorageSubject
Properties of an individual subjects who are granted roles via role bindings. ////////////////////////////////////////
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| kind | UNSET_KIND, SERVICE_ACCOUNT, USER, GROUP, | ||||
| name | String | ||||
| namespace | String | ||||
| clusterId | String | ||||
| clusterName | String |
71.1.2.430. StorageSubjectKind
| Enum Values |
|---|
| UNSET_KIND |
| SERVICE_ACCOUNT |
| USER |
| GROUP |
71.1.2.431. StorageSumoLogic
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| httpSourceAddress | String | ||||
| skipTLSVerify | Boolean |
71.1.2.432. StorageSyslog
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| localFacility | LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7, | ||||
| tcpConfig | |||||
| extraFields | List of StorageKeyValuePair | ||||
| messageFormat | LEGACY, CEF, | ||||
| maxMessageSize | Integer | int32 |
71.1.2.433. StorageTaint
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| key | String | ||||
| value | String | ||||
| taintEffect | UNKNOWN_TAINT_EFFECT, NO_SCHEDULE_TAINT_EFFECT, PREFER_NO_SCHEDULE_TAINT_EFFECT, NO_EXECUTE_TAINT_EFFECT, |
71.1.2.434. StorageTaintEffect
| Enum Values |
|---|
| UNKNOWN_TAINT_EFFECT |
| NO_SCHEDULE_TAINT_EFFECT |
| PREFER_NO_SCHEDULE_TAINT_EFFECT |
| NO_EXECUTE_TAINT_EFFECT |
71.1.2.435. StorageTelemetryConfiguration
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| enabled | Boolean | ||||
| lastSetTime | Date | date-time |
71.1.2.436. StorageTokenMetadata
Next available tag: 8
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| roles |
List of | ||||
| issuedAt | Date | date-time | |||
| expiration | Date | date-time | |||
| revoked | Boolean | ||||
| role | String |
71.1.2.437. StorageToleration
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| key | String | ||||
| operator | TOLERATION_OPERATION_UNKNOWN, TOLERATION_OPERATOR_EXISTS, TOLERATION_OPERATOR_EQUAL, | ||||
| value | String | ||||
| taintEffect | UNKNOWN_TAINT_EFFECT, NO_SCHEDULE_TAINT_EFFECT, PREFER_NO_SCHEDULE_TAINT_EFFECT, NO_EXECUTE_TAINT_EFFECT, |
71.1.2.438. StorageTolerationOperator
| Enum Values |
|---|
| TOLERATION_OPERATION_UNKNOWN |
| TOLERATION_OPERATOR_EXISTS |
| TOLERATION_OPERATOR_EQUAL |
71.1.2.439. StorageTolerationsConfig
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| disabled | Boolean |
71.1.2.440. StorageTraits
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| mutabilityMode | ALLOW_MUTATE, ALLOW_MUTATE_FORCED, | ||||
| visibility | VISIBLE, HIDDEN, | ||||
| origin | IMPERATIVE, DEFAULT, DECLARATIVE, DECLARATIVE_ORPHANED, |
71.1.2.441. StorageTraitsMutabilityMode
EXPERIMENTAL. NOTE: Please refer from using MutabilityMode for the time being. It will be replaced in the future (ROX-14276). MutabilityMode specifies whether and how an object can be modified. Default is ALLOW_MUTATE and means there are no modification restrictions; this is equivalent to the absence of MutabilityMode specification. ALLOW_MUTATE_FORCED forbids all modifying operations except object removal with force bit on.
Be careful when changing the state of this field. For example, modifying an object from ALLOW_MUTATE to ALLOW_MUTATE_FORCED is allowed but will prohibit any further changes to it, including modifying it back to ALLOW_MUTATE.
| Enum Values |
|---|
| ALLOW_MUTATE |
| ALLOW_MUTATE_FORCED |
71.1.2.442. StorageTraitsOrigin
Origin specifies the origin of an object. Objects can have four different origins: - IMPERATIVE: the object was created via the API. This is assumed by default. - DEFAULT: the object is a default object, such as default roles, access scopes etc. - DECLARATIVE: the object is created via declarative configuration. - DECLARATIVE_ORPHANED: the object is created via declarative configuration and then unsuccessfully deleted(for example, because it is referenced by another object) Based on the origin, different rules apply to the objects. Objects with the DECLARATIVE origin are not allowed to be modified via API, only via declarative configuration. Additionally, they may not reference objects with the IMPERATIVE origin. Objects with the DEFAULT origin are not allowed to be modified via either API or declarative configuration. They may be referenced by all other objects. Objects with the IMPERATIVE origin are allowed to be modified via API, not via declarative configuration. They may reference all other objects. Objects with the DECLARATIVE_ORPHANED origin are not allowed to be modified via either API or declarative configuration. DECLARATIVE_ORPHANED resource can become DECLARATIVE again if it is redefined in declarative configuration. Objects with this origin will be cleaned up from the system immediately after they are not referenced by other resources anymore. They may be referenced by all other objects.
| Enum Values |
|---|
| IMPERATIVE |
| DEFAULT |
| DECLARATIVE |
| DECLARATIVE_ORPHANED |
71.1.2.443. StorageTraitsVisibility
EXPERIMENTAL. visibility allows to specify whether the object should be visible for certain APIs.
| Enum Values |
|---|
| VISIBLE |
| HIDDEN |
71.1.2.444. StorageTransparencyLogVerification
Validate the inclusion of signature signing events into a transparency log.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| enabled | Boolean | Validate the inclusion of signatures into a transparency log. Disables validation if not enabled. | |||
| url | String |
The URL of the transparency log. Required for online confirmation of inclusion into the transparency log. Defaults to the Sigstore instance | |||
| validateOffline | Boolean | Force offline validation of the signature proof of inclusion into the transparency log. Do not fall back to request confirmation from the transparency log over network. | |||
| publicKeyPemEnc | String | PEM encoded public key used to validate the proof of inclusion into the transparency log. Defaults to the key of the public Sigstore instance if left empty. |
71.1.2.445. StorageUpgradeProgress
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| upgradeState | UPGRADE_INITIALIZING, UPGRADER_LAUNCHING, UPGRADER_LAUNCHED, PRE_FLIGHT_CHECKS_COMPLETE, UPGRADE_OPERATIONS_DONE, UPGRADE_COMPLETE, UPGRADE_INITIALIZATION_ERROR, PRE_FLIGHT_CHECKS_FAILED, UPGRADE_ERROR_ROLLING_BACK, UPGRADE_ERROR_ROLLED_BACK, UPGRADE_ERROR_ROLLBACK_FAILED, UPGRADE_ERROR_UNKNOWN, UPGRADE_TIMED_OUT, | ||||
| upgradeStatusDetail | String | ||||
| since | Date | date-time |
71.1.2.446. StorageUser
User is an object that allows us to track the roles a user is tied to, and how they logged in.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| authProviderId | String | ||||
| attributes | List of StorageUserAttribute | ||||
| idpToken | String |
71.1.2.447. StorageUserAttribute
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| key | String | ||||
| value | String |
71.1.2.448. StorageUserInfo
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| username | String | ||||
| friendlyName | String | ||||
| permissions | |||||
| roles | List of StorageUserInfoRole |
71.1.2.449. StorageUserInfoRole
Role is wire compatible with the old format of storage.Role and hence only includes role name and associated permissions.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| resourceToAccess | Map of StorageAccess |
71.1.2.450. StorageV1Metadata
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| digest | String | ||||
| created | Date | date-time | |||
| author | String | ||||
| layers | List of StorageImageLayer | ||||
| user | String | ||||
| command |
List of | ||||
| entrypoint |
List of | ||||
| volumes |
List of | ||||
| labels |
Map of |
71.1.2.451. StorageV2Metadata
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| digest | String |
71.1.2.452. StorageViolationState
| Enum Values |
|---|
| ACTIVE |
| RESOLVED |
| ATTEMPTED |
71.1.2.453. StorageVolume
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| source | String | ||||
| destination | String | ||||
| readOnly | Boolean | ||||
| type | String | ||||
| mountPropagation | NONE, HOST_TO_CONTAINER, BIDIRECTIONAL, |
71.1.2.454. StorageVulnerabilityExceptionConfig
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| expiryOptions |
71.1.2.455. StorageVulnerabilityExceptionConfigExpiryOptions
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| dayOptions | List of StorageDayOption | ||||
| fixableCveOptions | |||||
| customDate | Boolean | ||||
| indefinite | Boolean |
71.1.2.456. StorageVulnerabilityExceptionConfigFixableCVEOptions
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| allFixable | Boolean | ||||
| anyFixable | Boolean |
71.1.2.457. StorageVulnerabilityReportFilters
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| fixability | BOTH, FIXABLE, NOT_FIXABLE, | ||||
| sinceLastReport | Boolean | ||||
| severities | List of StorageVulnerabilitySeverity | ||||
| imageTypes | |||||
| allVuln | Boolean | ||||
| sinceLastSentScheduledReport | Boolean | ||||
| sinceStartDate | Date | date-time | |||
| accessScopeRules | List of SimpleAccessScopeRules | ||||
| includeNvdCvss | Boolean | ||||
| includeEpssProbability | Boolean | ||||
| includeAdvisory | Boolean |
71.1.2.458. StorageVulnerabilityRequest
Next available tag: 30 VulnerabilityRequest encapsulates a request such as deferral request and false-positive request.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| targetState | OBSERVED, DEFERRED, FALSE_POSITIVE, | ||||
| status | PENDING, APPROVED, DENIED, APPROVED_PENDING_UPDATE, | ||||
| expired | Boolean | Indicates if this request is a historical request that is no longer in effect due to deferral expiry, cancellation, or restarting cve observation. | |||
| requestor | |||||
| approvers | List of StorageSlimUser | ||||
| createdAt | Date | date-time | |||
| lastUpdated | Date | date-time | |||
| comments | List of StorageRequestComment | ||||
| scope | |||||
| requesterV2 | |||||
| approversV2 | List of StorageApprover | ||||
| deferralReq | |||||
| fpRequest | Object | ||||
| cves | |||||
| updatedDeferralReq | |||||
| deferralUpdate | |||||
| falsePositiveUpdate |
71.1.2.459. StorageVulnerabilityRequestScope
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| imageScope | |||||
| globalScope | Object |
71.1.2.460. StorageVulnerabilitySeverity
| Enum Values |
|---|
| UNKNOWN_VULNERABILITY_SEVERITY |
| LOW_VULNERABILITY_SEVERITY |
| MODERATE_VULNERABILITY_SEVERITY |
| IMPORTANT_VULNERABILITY_SEVERITY |
| CRITICAL_VULNERABILITY_SEVERITY |
71.1.2.461. StorageVulnerabilityState
VulnerabilityState indicates if vulnerability is being observed or deferred(/suppressed). By default, it vulnerabilities are observed.
- OBSERVED: [Default state]
| Enum Values |
|---|
| OBSERVED |
| DEFERRED |
| FALSE_POSITIVE |
71.1.2.462. StorageWatchedImage
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String |
71.1.2.463. SyslogLocalFacility
| Enum Values |
|---|
| LOCAL0 |
| LOCAL1 |
| LOCAL2 |
| LOCAL3 |
| LOCAL4 |
| LOCAL5 |
| LOCAL6 |
| LOCAL7 |
71.1.2.464. SyslogMessageFormat
| Enum Values |
|---|
| LEGACY |
| CEF |
71.1.2.465. SyslogTCPConfig
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| hostname | String | ||||
| port | Integer | int32 | |||
| skipTlsVerify | Boolean | ||||
| useTls | Boolean |
71.1.2.466. TraceBuiltInAuthorizer
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| clustersTotalNum | Integer | int32 | |||
| namespacesTotalNum | Integer | int32 | |||
| deniedAuthzDecisions |
Map of | int32 | |||
| allowedAuthzDecisions |
Map of | int32 | |||
| effectiveAccessScopes |
Map of |
71.1.2.467. UpgradeProcessStatusUpgradeProcessType
- UPGRADE: UPGRADE represents a sensor version upgrade.
- CERT_ROTATION: CERT_ROTATION represents an upgrade process that only rotates the TLS certs used by the cluster, without changing anything else.
| Enum Values |
|---|
| UPGRADE |
| CERT_ROTATION |
71.1.2.468. UpgradeProgressUpgradeState
- UPGRADER_LAUNCHING: In-progress states.
- UPGRADE_COMPLETE: The success state. PLEASE NUMBER ALL IN-PROGRESS STATES ABOVE THIS AND ALL ERROR STATES BELOW THIS.
- UPGRADE_INITIALIZATION_ERROR: Error states.
| Enum Values |
|---|
| UPGRADE_INITIALIZING |
| UPGRADER_LAUNCHING |
| UPGRADER_LAUNCHED |
| PRE_FLIGHT_CHECKS_COMPLETE |
| UPGRADE_OPERATIONS_DONE |
| UPGRADE_COMPLETE |
| UPGRADE_INITIALIZATION_ERROR |
| PRE_FLIGHT_CHECKS_FAILED |
| UPGRADE_ERROR_ROLLING_BACK |
| UPGRADE_ERROR_ROLLED_BACK |
| UPGRADE_ERROR_ROLLBACK_FAILED |
| UPGRADE_ERROR_UNKNOWN |
| UPGRADE_TIMED_OUT |
71.1.2.469. UserInfoResourceToAccess
ResourceToAccess represents a collection of permissions. It is wire compatible with the old format of storage.Role and replaces it in places where only aggregated permissions are required.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| resourceToAccess | Map of StorageAccess |
71.1.2.470. V1AddAuthMachineToMachineConfigRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| config |
71.1.2.471. V1AddAuthMachineToMachineConfigResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| config |
71.1.2.472. V1AdministrationEvent
AdministrationEvents are administrative events emitted by Central. They are used to create transparency for users for asynchronous, background tasks. Events are part of Central’s system health view.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | UUID of the event. | |||
| type | ADMINISTRATION_EVENT_TYPE_UNKNOWN, ADMINISTRATION_EVENT_TYPE_GENERIC, ADMINISTRATION_EVENT_TYPE_LOG_MESSAGE, | ||||
| level | ADMINISTRATION_EVENT_LEVEL_UNKNOWN, ADMINISTRATION_EVENT_LEVEL_INFO, ADMINISTRATION_EVENT_LEVEL_SUCCESS, ADMINISTRATION_EVENT_LEVEL_WARNING, ADMINISTRATION_EVENT_LEVEL_ERROR, | ||||
| message | String | Message associated with the event. The message may include detailed information for this particular event. | |||
| hint | String | Hint associated with the event. The hint may include different information based on the type of event. It can include instructions to resolve an event, or informational hints. | |||
| domain | String | Domain associated with the event. An event’s domain outlines the feature domain where the event was created from. As an example, this might be "Image Scanning". In case of events that cannot be tied to a specific domain, this will be "General". | |||
| resource | |||||
| numOccurrences | String | Occurrences associated with the event. When events may occur multiple times, the occurrences track the amount. | int64 | ||
| lastOccurredAt | Date | Specifies the time when the event has last occurred. | date-time | ||
| createdAt | Date | Specifies the time when the event has been created. | date-time |
71.1.2.473. V1AdministrationEventLevel
AdministrationEventLevel exposes the different levels of events.
| Enum Values |
|---|
| ADMINISTRATION_EVENT_LEVEL_UNKNOWN |
| ADMINISTRATION_EVENT_LEVEL_INFO |
| ADMINISTRATION_EVENT_LEVEL_SUCCESS |
| ADMINISTRATION_EVENT_LEVEL_WARNING |
| ADMINISTRATION_EVENT_LEVEL_ERROR |
71.1.2.474. V1AdministrationEventResource
Resource holds all information about the resource associated with the event.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| type | String | Resource type associated with the event. An event may refer to an underlying resource such as a particular image. In that case, the resource type will be filled here. | |||
| id | String | Resource ID associated with the event. If an event refers to an underlying resource, the resource ID identifies the underlying resource. The resource ID is not guaranteed to be set, depending on the context of the administration event. | |||
| name | String | Resource name associated with the event. If an event refers to an underlying resource, the resource name identifies the underlying resource. The resource name is not guaranteed to be set, depending on the context of the administration event. |
71.1.2.475. V1AdministrationEventType
AdministrationEventType exposes the different types of events.
| Enum Values |
|---|
| ADMINISTRATION_EVENT_TYPE_UNKNOWN |
| ADMINISTRATION_EVENT_TYPE_GENERIC |
| ADMINISTRATION_EVENT_TYPE_LOG_MESSAGE |
71.1.2.476. V1AdministrationEventsFilter
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| from | Date | Matches events with last_occurred_at after a specific timestamp, i.e. the lower boundary. | date-time | ||
| until | Date | Matches events with last_occurred_at before a specific timestamp, i.e. the upper boundary. | date-time | ||
| domain |
List of | Matches events from a specific domain. | |||
| resourceType |
List of | Matches events associated with a specific resource type. | |||
| type | List of V1AdministrationEventType | Matches events based on their type. | |||
| level | List of V1AdministrationEventLevel | Matches events based on their level. |
71.1.2.477. V1AggregateBy
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| aggrFunc | UNSET, COUNT, MIN, MAX, | ||||
| distinct | Boolean |
71.1.2.478. V1Aggregation
| Enum Values |
|---|
| UNSET |
| COUNT |
| MIN |
| MAX |
71.1.2.479. V1AlertEvent
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| time | String | int64 | |||
| type | CREATED, REMOVED, | ||||
| id | String |
71.1.2.480. V1ApproveVulnRequestResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| requestInfo |
71.1.2.481. V1AuthMachineToMachineConfig
AuthMachineToMachineConfig determines rules for exchanging an identity token from a third party with a Central access token. The M2M stands for machine to machine, as this is the intended use-case for the config.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | UUID of the config. Note that when adding a machine to machine config, this field should not be set. | |||
| type | GENERIC, GITHUB_ACTIONS, KUBE_SERVICE_ACCOUNT, | ||||
| tokenExpirationDuration | String | Sets the expiration of the token returned from the ExchangeAuthMachineToMachineToken API call. Possible valid time units are: s, m, h. The maximum allowed expiration duration is 24h. As an example: 2h45m. For additional information on the validation of the duration, see: https://pkg.go.dev/time#ParseDuration. | |||
| mappings | At least one mapping is required to resolve to a valid role for the access token to be successfully generated. | ||||
| issuer | String | The issuer of the related OIDC provider issuing the ID tokens to exchange. Must be non-empty string containing URL when type is GENERIC. In case of GitHub actions, this must be empty or set to https://token.actions.githubusercontent.com. Issuer is a unique key, therefore there may be at most one GITHUB_ACTIONS config, and each GENERIC config must have a distinct issuer. | |||
| traits |
71.1.2.482. V1AuthMachineToMachineConfigType
The type of the auth machine to machine config. Currently supports GitHub actions or any other generic OIDC provider to use for verifying and exchanging the token.
| Enum Values |
|---|
| GENERIC |
| GITHUB_ACTIONS |
| KUBE_SERVICE_ACCOUNT |
71.1.2.483. V1AuthStatus
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| userId | String | ||||
| serviceId | |||||
| expires | Date | date-time | |||
| refreshUrl | String | ||||
| authProvider | |||||
| userInfo | |||||
| userAttributes | List of V1UserAttribute | ||||
| idpToken | String | Token returned to ACS by the underlying identity provider. This field is set only in a few, specific contexts. Do not rely on this field being present in the response. |
71.1.2.484. V1Authorities
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| authorities | List of V1Authority |
71.1.2.485. V1Authority
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| certificatePem | byte[] | byte |
71.1.2.486. V1AuthorizationTraceResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| arrivedAt | Date | date-time | |||
| processedAt | Date | date-time | |||
| request | |||||
| response | |||||
| user | |||||
| trace |
71.1.2.487. V1AuthorizationTraceResponseRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| endpoint | String | ||||
| method | String |
71.1.2.488. V1AuthorizationTraceResponseResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| status | UNKNOWN_STATUS, SUCCESS, FAILURE, | ||||
| error | String |
71.1.2.489. V1AuthorizationTraceResponseUser
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| username | String | ||||
| friendlyName | String | ||||
| aggregatedPermissions | Map of StorageAccess | ||||
| roles |
71.1.2.490. V1AutocompleteResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| values |
List of |
71.1.2.491. V1AvailableProviderTypesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| authProviderTypes |
71.1.2.492. V1BuildDetectionRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| image | |||||
| imageName | String | ||||
| noExternalMetadata | Boolean | ||||
| sendNotifications | Boolean | ||||
| force | Boolean | ||||
| policyCategories |
List of | ||||
| cluster | String | Cluster to delegate scan to, may be the cluster’s name or ID. | |||
| namespace | String | Namespace on the secured cluster from which to read context information when delegating image scans, specifically pull secrets to access the image registry. |
71.1.2.493. V1BuildDetectionResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| alerts | List of StorageAlert |
71.1.2.494. V1BulkProcessBaselinesRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| clusterId | String | ||||
| namespaces |
List of |
71.1.2.495. V1BulkUpdateProcessBaselinesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| success | Boolean |
71.1.2.496. V1CRSGenRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String |
71.1.2.497. V1CRSGenRequestExtended
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| validUntil | Date | date-time | |||
| validFor | String | ||||
| maxRegistrations | Integer | Support for this is to be implemented in ROX-26769. | int32 |
71.1.2.498. V1CRSGenResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| meta | |||||
| crs | byte[] | byte |
71.1.2.499. V1CRSMeta
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| createdAt | Date | date-time | |||
| createdBy | |||||
| expiresAt | Date | date-time |
71.1.2.500. V1CRSMetasResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| items | List of V1CRSMeta |
71.1.2.501. V1CRSRevokeRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| ids |
List of |
71.1.2.502. V1CRSRevokeResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| crsRevocationErrors | |||||
| revokedIds |
List of |
71.1.2.503. V1CentralServicesCapabilities
Provides availability of certain functionality of Central Services in the current configuration. The initial intended use is to disable certain functionality that does not make sense in the Cloud Service context.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| centralScanningCanUseContainerIamRoleForEcr | CapabilityAvailable, CapabilityDisabled, | ||||
| centralCanUseCloudBackupIntegrations | CapabilityAvailable, CapabilityDisabled, | ||||
| centralCanDisplayDeclarativeConfigHealth | CapabilityAvailable, CapabilityDisabled, | ||||
| centralCanUpdateCert | CapabilityAvailable, CapabilityDisabled, | ||||
| centralCanUseAcscsEmailIntegration | CapabilityAvailable, CapabilityDisabled, |
71.1.2.504. V1CentralUpgradeStatus
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| version | String | ||||
| forceRollbackTo | String | The version of previous clone in Central. This is the version we can force rollback to. | |||
| canRollbackAfterUpgrade | Boolean | If true, we can rollback to the current version if an upgrade failed. | |||
| spaceRequiredForRollbackAfterUpgrade | String | int64 | |||
| spaceAvailableForRollbackAfterUpgrade | String | int64 |
71.1.2.505. V1CloudSource
CloudSource is an integration which provides a source for discovered clusters.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| type | TYPE_UNSPECIFIED, TYPE_PALADIN_CLOUD, TYPE_OCM, | ||||
| credentials | |||||
| skipTestIntegration | Boolean | ||||
| paladinCloud | |||||
| ocm |
71.1.2.506. V1CloudSourceCredentials
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| secret | String | Used for single-valued authentication via long-lived tokens. | |||
| clientId | String | Used for client authentication in combination with client_secret. | |||
| clientSecret | String | Used for client authentication in combination with client_id. |
71.1.2.507. V1CloudSourceType
| Enum Values |
|---|
| TYPE_UNSPECIFIED |
| TYPE_PALADIN_CLOUD |
| TYPE_OCM |
71.1.2.508. V1CloudSourcesFilter
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| names |
List of | Matches cloud sources based on their name. | |||
| types | List of V1CloudSourceType | Matches cloud sources based on their type. |
71.1.2.509. V1ClusterDefaultsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| mainImageRepository | String | ||||
| collectorImageRepository | String | ||||
| kernelSupportAvailable | Boolean |
71.1.2.510. V1ClusterResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| cluster | |||||
| clusterRetentionInfo |
71.1.2.511. V1ClustersList
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| clusters | List of StorageCluster | ||||
| clusterIdToRetentionInfo |
71.1.2.512. V1CollectionDeploymentMatchOptions
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| withMatches | Boolean | ||||
| filterQuery |
71.1.2.513. V1ComplianceControl
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| standardId | String | ||||
| groupId | String | ||||
| name | String | ||||
| description | String | ||||
| implemented | Boolean | ||||
| interpretationText | String |
71.1.2.514. V1ComplianceControlGroup
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| standardId | String | ||||
| name | String | ||||
| description | String | ||||
| numImplementedChecks | Integer | int32 |
71.1.2.515. V1ComplianceRun
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| clusterId | String | ||||
| standardId | String | ||||
| startTime | Date | date-time | |||
| finishTime | Date | date-time | |||
| state | INVALID, READY, STARTED, WAIT_FOR_DATA, EVALUTING_CHECKS, FINISHED, | ||||
| errorMessage | String |
71.1.2.516. V1ComplianceRunSelection
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| clusterId | String | The ID of the cluster. "*" means "all clusters". | |||
| standardId | String | The ID of the compliance standard. "*" means "all standards". |
71.1.2.517. V1ComplianceRunState
| Enum Values |
|---|
| INVALID |
| READY |
| STARTED |
| WAIT_FOR_DATA |
| EVALUTING_CHECKS |
| FINISHED |
71.1.2.518. V1ComplianceStandard
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| metadata | |||||
| groups | List of V1ComplianceControlGroup | ||||
| controls | List of V1ComplianceControl |
71.1.2.519. V1ComplianceStandardMetadata
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| description | String | ||||
| numImplementedChecks | Integer | int32 | |||
| scopes | |||||
| dynamic | Boolean | ||||
| hideScanResults | Boolean |
71.1.2.520. V1ComplianceStandardMetadataScope
| Enum Values |
|---|
| UNSET |
| CLUSTER |
| NAMESPACE |
| DEPLOYMENT |
| NODE |
71.1.2.521. V1ConfigureTelemetryRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| enabled | Boolean |
71.1.2.522. V1CountAdministrationEventsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| count | Integer | The total number of events after filtering and deduplication. | int32 |
71.1.2.523. V1CountAlertsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| count | Integer | int32 |
71.1.2.524. V1CountCloudSourcesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| count | Integer | int32 |
71.1.2.525. V1CountDeploymentsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| count | Integer | int32 |
71.1.2.526. V1CountDiscoveredClustersResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| count | Integer | int32 |
71.1.2.527. V1CountImagesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| count | Integer | int32 |
71.1.2.528. V1CountProcessesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| count | Integer | int32 |
71.1.2.529. V1CountReportConfigurationsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| count | Integer | int32 |
71.1.2.530. V1CountSecretsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| count | Integer | int32 |
71.1.2.531. V1CreateCloudSourceRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| cloudSource |
71.1.2.532. V1CreateCloudSourceResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| cloudSource |
71.1.2.533. V1CreateCollectionRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| description | String | ||||
| resourceSelectors | List of StorageResourceSelector | ||||
| embeddedCollectionIds |
List of |
71.1.2.534. V1CreateCollectionResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| collection |
71.1.2.535. V1CreateServiceIdentityRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| type | UNKNOWN_SERVICE, SENSOR_SERVICE, CENTRAL_SERVICE, CENTRAL_DB_SERVICE, REMOTE_SERVICE, COLLECTOR_SERVICE, MONITORING_UI_SERVICE, MONITORING_DB_SERVICE, MONITORING_CLIENT_SERVICE, BENCHMARK_SERVICE, SCANNER_SERVICE, SCANNER_DB_SERVICE, ADMISSION_CONTROL_SERVICE, SCANNER_V4_INDEXER_SERVICE, SCANNER_V4_MATCHER_SERVICE, SCANNER_V4_DB_SERVICE, SCANNER_V4_SERVICE, REGISTRANT_SERVICE, |
71.1.2.536. V1CreateServiceIdentityResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| identity | |||||
| certificatePem | byte[] | byte | |||
| privateKeyPem | byte[] | byte |
71.1.2.537. V1DBExportFormat
DBExportFormat describes a format (= a collection of files) for the database export.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| formatName | String | ||||
| files | List of V1DBExportFormatFile |
71.1.2.538. V1DBExportFormatFile
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| optional | Boolean |
71.1.2.539. V1DBExportManifest
A DB export manifest describes the file contents of a restore request. To prevent data loss, a manifest is always interpreted as binding, i.e., the server must ensure that it will read and make use of every file listed in the manifest, otherwise it must reject the request.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| files | List of V1DBExportManifestFile |
71.1.2.540. V1DBExportManifestFile
A single file in the restore body.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | The name of the file. This may or may not be a (relative) file path and up to the server to interpret. For databases exported as ZIP files, this is the path relative to the root of the archive. | |||
| encoding | UNKNOWN, UNCOMPREESSED, DEFLATED, | ||||
| encodedSize | String | int64 | |||
| decodedSize | String | int64 | |||
| decodedCrc32 | Long | The CRC32 (IEEE) checksum of the decoded(!) data. | int64 |
71.1.2.541. V1DBRestoreProcessMetadata
The metadata of an ongoing or completed restore process. This is the static metadata, which will not change (i.e., it is not a status).
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | An ID identifying the restore process. Auto-assigned. | |||
| header | |||||
| startTime | Date | The time at which the restore process was started. | date-time | ||
| initiatingUserName | String | The user who initiated the database restore process. |
71.1.2.542. V1DBRestoreProcessStatus
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| metadata | |||||
| attemptId | String | ||||
| state | UNKNOWN, NOT_STARTED, IN_PROGRESS, PAUSED, COMPLETED, | ||||
| resumeInfo | |||||
| error | String | ||||
| bytesRead | String | int64 | |||
| filesProcessed | String | int64 |
71.1.2.543. V1DBRestoreProcessStatusState
- COMPLETED: successful if error is empty, unsuccessful otherwise
| Enum Values |
|---|
| UNKNOWN |
| NOT_STARTED |
| IN_PROGRESS |
| PAUSED |
| COMPLETED |
71.1.2.544. V1DBRestoreRequestHeader
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| formatName | String | The name of the database export format. Mandatory. | |||
| manifest | |||||
| localFile |
71.1.2.545. V1DatabaseBackupStatus
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| backupInfo |
71.1.2.546. V1DatabaseStatus
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| databaseAvailable | Boolean | ||||
| databaseType | Hidden, RocksDB, PostgresDB, | ||||
| databaseVersion | String | ||||
| databaseIsExternal | Boolean |
71.1.2.547. V1DayOption
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| numDays | Long | int64 | |||
| enabled | Boolean |
71.1.2.548. V1DecommissionedClusterRetentionInfo
next available tag: 3
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| isExcluded | Boolean | ||||
| daysUntilDeletion | Integer | int32 |
71.1.2.549. V1DeferVulnRequest
next available tag: 6
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| cve | String | This field indicates the CVEs requested to be deferred. | |||
| comment | String | ||||
| scope | |||||
| expiresWhenFixed | Boolean | ||||
| expiresOn | Date | date-time |
71.1.2.550. V1DeferVulnResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| requestInfo |
71.1.2.551. V1DelegatedRegistryCluster
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| isValid | Boolean |
71.1.2.552. V1DelegatedRegistryClustersResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| clusters | List of V1DelegatedRegistryCluster |
71.1.2.553. V1DelegatedRegistryConfig
DelegatedRegistryConfig determines if and where scan requests are delegated to, such as kept in central services or sent to particular secured clusters.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| enabledFor | NONE, ALL, SPECIFIC, | ||||
| defaultClusterId | String | ||||
| registries |
If |
71.1.2.554. V1DeleteAlertsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| numDeleted | Long | int64 | |||
| dryRun | Boolean |
71.1.2.555. V1DeleteImagesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| numDeleted | Long | int64 | |||
| dryRun | Boolean |
71.1.2.556. V1DeleteProcessBaselinesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| numDeleted | Integer | int32 | |||
| dryRun | Boolean |
71.1.2.557. V1DenyVulnRequestResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| requestInfo |
71.1.2.558. V1DeployDetectionRemark
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| permissionLevel | String | ||||
| appliedNetworkPolicies |
List of |
71.1.2.559. V1DeployDetectionRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| deployment | |||||
| noExternalMetadata | Boolean | ||||
| enforcementOnly | Boolean | ||||
| clusterId | String |
71.1.2.560. V1DeployDetectionResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| runs | List of DeployDetectionResponseRun | ||||
| ignoredObjectRefs |
List of | The reference will be in the format: namespace/name[<group>/<version>, Kind=<kind>]. | |||
| remarks | List of V1DeployDetectionRemark |
71.1.2.561. V1DeployYAMLDetectionRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| yaml | String | ||||
| noExternalMetadata | Boolean | ||||
| enforcementOnly | Boolean | ||||
| force | Boolean | ||||
| policyCategories |
List of | ||||
| cluster | String | Cluster to delegate scan to, may be the cluster’s name or ID. | |||
| namespace | String |
71.1.2.562. V1DeploymentLabelsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| labels | |||||
| values |
List of |
71.1.2.563. V1DiscoveredCluster
DiscoveredCluster represents a cluster discovered from a cloud source.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | UUIDv5 generated deterministically from the tuple (metadata.id, metadata.type, source.id). | |||
| metadata | |||||
| status | STATUS_UNSPECIFIED, STATUS_SECURED, STATUS_UNSECURED, | ||||
| source |
71.1.2.564. V1DiscoveredClusterCloudSource
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String |
71.1.2.565. V1DiscoveredClusterMetadata
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | Represents a unique ID under which the cluster is registered with the cloud provider. Matches storage.ClusterMetadata.id for secured clusters. | |||
| name | String | Represents the name under which the cluster is registered with the cloud provider. Matches storage.ClusterMetadata.name for secured clusters. | |||
| type | UNSPECIFIED, AKS, ARO, EKS, GKE, OCP, OSD, ROSA, | ||||
| providerType | PROVIDER_TYPE_UNSPECIFIED, PROVIDER_TYPE_AWS, PROVIDER_TYPE_GCP, PROVIDER_TYPE_AZURE, | ||||
| region | String | The region as reported by the cloud provider. | |||
| firstDiscoveredAt | Date | Timestamp at which the cluster was first discovered by the cloud source. | date-time |
71.1.2.566. V1DiscoveredClusterStatus
- STATUS_UNSPECIFIED: The status of the cluster is unknown. May occur if a secured cluster is missing the metadata for a possible match.
- STATUS_SECURED: The discovered cluster was matched with a secured cluster.
- STATUS_UNSECURED: The discovered cluster was not matched with a secured cluster.
| Enum Values |
|---|
| STATUS_UNSPECIFIED |
| STATUS_SECURED |
| STATUS_UNSECURED |
71.1.2.567. V1DiscoveredClustersFilter
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| names |
List of | Matches discovered clusters of specific names. | |||
| types | List of DiscoveredClusterMetadataType | Matches discovered clusters of specific types. | |||
| statuses | List of V1DiscoveredClusterStatus | Matches discovered clusters of specific statuses. | |||
| sourceIds |
List of | Matches discovered clusters of specific cloud source IDs. |
71.1.2.568. V1DryRunCollectionRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| id | String | ||||
| description | String | ||||
| resourceSelectors | List of StorageResourceSelector | ||||
| embeddedCollectionIds |
List of | ||||
| options |
71.1.2.569. V1DryRunCollectionResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| deployments | List of StorageListDeployment |
71.1.2.570. V1DryRunJobStatusResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| pending | Boolean | ||||
| result |
71.1.2.571. V1DryRunResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| alerts | List of V1DryRunResponseAlert |
71.1.2.572. V1DryRunResponseAlert
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| deployment | String | ||||
| violations |
List of |
71.1.2.573. V1ExchangeAuthMachineToMachineTokenRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| idToken | String | Identity token that is supposed to be exchanged. |
71.1.2.574. V1ExchangeAuthMachineToMachineTokenResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| accessToken | String | The exchanged access token. |
71.1.2.575. V1ExchangeTokenRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| externalToken | String | The external authentication token. The server will mask the value of this credential in responses and logs. | |||
| type | String | ||||
| state | String |
71.1.2.576. V1ExchangeTokenResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| token | String | ||||
| clientState | String | ||||
| test | Boolean | ||||
| user |
71.1.2.577. V1ExportDeploymentResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| deployment |
71.1.2.578. V1ExportImageResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| image |
71.1.2.579. V1ExportNodeResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| node |
71.1.2.580. V1ExportPodResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| pod |
71.1.2.581. V1ExportPoliciesRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| policyIds |
List of |
71.1.2.582. V1ExternalNetworkFlowMetadata
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| entity | |||||
| flowsCount | Integer | int32 |
71.1.2.583. V1FalsePositiveVulnRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| cve | String | This field indicates the CVE requested to be marked as false-positive. | |||
| scope | |||||
| comment | String |
71.1.2.584. V1FalsePositiveVulnResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| requestInfo |
71.1.2.585. V1FeatureFlag
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| envVar | String | ||||
| enabled | Boolean |
71.1.2.586. V1GenerateNetworkPoliciesResponse
Next available tag: 2
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| modification |
71.1.2.587. V1GenerateTokenRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| role | String | ||||
| roles |
List of | ||||
| expiration | Date | date-time |
71.1.2.588. V1GenerateTokenResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| token | String | ||||
| metadata |
71.1.2.589. V1GetAPITokensResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| tokens | List of StorageTokenMetadata |
71.1.2.590. V1GetActiveDBRestoreProcessResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| activeStatus |
71.1.2.591. V1GetAdministrationEventResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| event |
71.1.2.592. V1GetAlertTimeseriesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| clusters |
71.1.2.593. V1GetAlertsCountsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| groups |
71.1.2.594. V1GetAlertsGroupResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| alertsByPolicies |
71.1.2.595. V1GetAlertsGroupResponsePolicyGroup
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| policy | |||||
| numAlerts | String | int64 |
71.1.2.596. V1GetAllowedPeersFromCurrentPolicyForDeploymentResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| allowedPeers | List of V1NetworkBaselineStatusPeer |
71.1.2.597. V1GetAuthMachineToMachineConfigResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| config |
71.1.2.598. V1GetAuthProvidersResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| authProviders | List of StorageAuthProvider |
71.1.2.599. V1GetBaselineGeneratedPolicyForDeploymentResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| modification |
71.1.2.600. V1GetCAConfigResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| helmValuesBundle | byte[] | byte |
71.1.2.601. V1GetCertExpiryComponent
| Enum Values |
|---|
| UNKNOWN |
| CENTRAL |
| SCANNER |
| SCANNER_V4 |
| CENTRAL_DB |
71.1.2.602. V1GetCertExpiryResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| expiry | Date | date-time |
71.1.2.603. V1GetCloudSourceResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| cloudSource |
71.1.2.604. V1GetClustersForPermissionsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| clusters | List of V1ScopeObject |
71.1.2.605. V1GetCollectionCountResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| count | Integer | int32 |
71.1.2.606. V1GetCollectionResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| collection | |||||
| deployments | List of StorageListDeployment |
71.1.2.607. V1GetComplianceRunResultsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| results | |||||
| failedRuns | List of StorageComplianceRunMetadata |
71.1.2.608. V1GetComplianceRunStatusesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| invalidRunIds |
List of | ||||
| runs | List of V1ComplianceRun |
71.1.2.609. V1GetComplianceStandardResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| standard |
71.1.2.610. V1GetComplianceStandardsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| standards | List of V1ComplianceStandardMetadata |
71.1.2.611. V1GetDBExportCapabilitiesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| formats | List of V1DBExportFormat | ||||
| supportedEncodings | List of DBExportManifestEncodingType |
71.1.2.612. V1GetDeclarativeConfigHealthsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| healths | List of StorageDeclarativeConfigHealth |
71.1.2.613. V1GetDefaultRedHatLayeredProductsRegexResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| regex | String |
71.1.2.614. V1GetDeploymentWithRiskResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| deployment | |||||
| risk |
71.1.2.615. V1GetDiffFlowsGroupedFlow
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| entity | |||||
| properties |
71.1.2.616. V1GetDiffFlowsReconciledFlow
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| entity | |||||
| added | |||||
| removed | |||||
| unchanged |
71.1.2.617. V1GetDiffFlowsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| added | List of V1GetDiffFlowsGroupedFlow | ||||
| removed | List of V1GetDiffFlowsGroupedFlow | ||||
| reconciled | List of V1GetDiffFlowsReconciledFlow |
71.1.2.618. V1GetDiscoveredClusterResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| cluster |
71.1.2.619. V1GetExistingProbesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| existingFiles | List of V1ProbeUploadManifestFile |
71.1.2.620. V1GetExternalBackupsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| externalBackups | List of StorageExternalBackup |
71.1.2.621. V1GetExternalNetworkEntitiesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| entities | List of StorageNetworkEntity |
71.1.2.622. V1GetExternalNetworkFlowsMetadataResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| entities | List of V1ExternalNetworkFlowMetadata | ||||
| totalEntities | Integer | int32 |
71.1.2.623. V1GetExternalNetworkFlowsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| entity | |||||
| totalFlows | Integer | int32 | |||
| flows | List of StorageNetworkFlow |
71.1.2.624. V1GetFeatureFlagsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| featureFlags | List of V1FeatureFlag |
71.1.2.625. V1GetGroupedProcessesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| groups | List of V1ProcessNameGroup |
71.1.2.626. V1GetGroupedProcessesWithContainerResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| groups |
71.1.2.627. V1GetGroupsResponse
API for updating Groups and getting users. Next Available Tag: 2
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| groups | List of StorageGroup |
71.1.2.628. V1GetImageIntegrationsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| integrations | List of StorageImageIntegration |
71.1.2.629. V1GetIntegrationHealthResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| integrationHealth | List of StorageIntegrationHealth |
71.1.2.630. V1GetLoginAuthProvidersResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| authProviders |
71.1.2.631. V1GetMitreVectorResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| mitreAttackVector |
71.1.2.632. V1GetNamespacesForClusterAndPermissionsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| namespaces | List of V1ScopeObject |
71.1.2.633. V1GetNamespacesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| namespaces | List of V1Namespace |
71.1.2.634. V1GetNotifiersResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| notifiers | List of StorageNotifier |
71.1.2.635. V1GetPermissionsResponse
GetPermissionsResponse is wire-compatible with the old format of the Role message and represents a collection of aggregated permissions.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| resourceToAccess | Map of StorageAccess |
71.1.2.636. V1GetPolicyCategoriesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| categories | List of V1PolicyCategory |
71.1.2.637. V1GetPolicyMitreVectorsRequestOptions
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| excludePolicy | Boolean | If set to true, policy is excluded from the response. |
71.1.2.638. V1GetPolicyMitreVectorsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| policy | |||||
| vectors | List of StorageMitreAttackVector |
71.1.2.639. V1GetProcessesListeningOnPortsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| listeningEndpoints | List of StorageProcessListeningOnPort | ||||
| totalListeningEndpoints | Integer | int32 |
71.1.2.640. V1GetProcessesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| processes | List of StorageProcessIndicator |
71.1.2.641. V1GetRecentComplianceRunsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| complianceRuns | List of V1ComplianceRun |
71.1.2.642. V1GetReportConfigurationResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| reportConfig |
71.1.2.643. V1GetReportConfigurationsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| reportConfigs | List of StorageReportConfiguration |
71.1.2.644. V1GetResourcesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| resources |
List of |
71.1.2.645. V1GetRoleBindingResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| binding |
71.1.2.646. V1GetRoleResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| role |
71.1.2.647. V1GetRolesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| roles | List of StorageRole |
71.1.2.648. V1GetSensorUpgradeConfigResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| config |
71.1.2.649. V1GetServiceAccountResponse
One service account Next Tag: 2
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| saAndRole |
71.1.2.650. V1GetSubjectResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| subject | |||||
| clusterRoles | List of StorageK8sRole | ||||
| scopedRoles | List of V1ScopedRoles |
71.1.2.651. V1GetUndoModificationForDeploymentResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| undoRecord |
71.1.2.652. V1GetUndoModificationResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| undoRecord |
71.1.2.653. V1GetUpgradeStatusResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| upgradeStatus |
71.1.2.654. V1GetUsersAttributesResponse
Next Tag: 2
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| usersAttributes | List of V1UserAttributeTuple |
71.1.2.655. V1GetUsersResponse
Next Tag: 2
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| users | List of StorageUser |
71.1.2.656. V1GetVulnerabilityExceptionConfigResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| config |
71.1.2.657. V1GetVulnerabilityRequestResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| requestInfo |
71.1.2.658. V1GetWatchedImagesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| watchedImages | List of StorageWatchedImage |
71.1.2.659. V1GroupBatchUpdateRequest
GroupBatchUpdateRequest is an in transaction batch update to the groups present. Next Available Tag: 3
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| previousGroups | List of StorageGroup | Previous groups are the groups expected to be present in the store. Performs a diff on the GroupProperties present in previous_groups and required_groups: 1) if in previous_groups but not required_groups, it gets deleted. 2) if in previous_groups and required_groups, it gets updated. 3) if not in previous_groups but in required_groups, it gets added. | |||
| requiredGroups | List of StorageGroup | Required groups are the groups we want to mutate the previous groups into. | |||
| force | Boolean |
71.1.2.660. V1ImportPoliciesMetadata
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| overwrite | Boolean |
71.1.2.661. V1ImportPoliciesRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| metadata | |||||
| policies | List of StoragePolicy |
71.1.2.662. V1ImportPoliciesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| responses | List of V1ImportPolicyResponse | ||||
| allSucceeded | Boolean |
71.1.2.663. V1ImportPolicyError
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| message | String | ||||
| type | String | ||||
| duplicateName | String | ||||
| validationError | String |
71.1.2.664. V1ImportPolicyResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| succeeded | Boolean | ||||
| policy | |||||
| errors | List of V1ImportPolicyError |
71.1.2.665. V1InitBundleGenRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String |
71.1.2.666. V1InitBundleGenResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| meta | |||||
| helmValuesBundle | byte[] | byte | |||
| kubectlBundle | byte[] | byte |
71.1.2.667. V1InitBundleMeta
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| impactedClusters | List of InitBundleMetaImpactedCluster | ||||
| createdAt | Date | date-time | |||
| createdBy | |||||
| expiresAt | Date | date-time |
71.1.2.668. V1InitBundleMetasResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| items | List of V1InitBundleMeta |
71.1.2.669. V1InitBundleRevokeRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| ids |
List of | ||||
| confirmImpactedClustersIds |
List of |
71.1.2.670. V1InitBundleRevokeResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| initBundleRevocationErrors | |||||
| initBundleRevokedIds |
List of |
71.1.2.671. V1InterruptDBRestoreProcessResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| resumeInfo |
71.1.2.672. V1JobId
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| jobId | String |
71.1.2.673. V1KernelSupportAvailableResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| kernelSupportAvailable | Boolean |
71.1.2.674. V1ListAdministrationEventsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| events | List of V1AdministrationEvent |
71.1.2.675. V1ListAlertsRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| query | String | ||||
| pagination |
71.1.2.676. V1ListAlertsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| alerts | List of StorageListAlert |
71.1.2.677. V1ListAllowedTokenRolesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| roleNames |
List of |
71.1.2.678. V1ListAuthMachineToMachineConfigResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| configs | List of V1AuthMachineToMachineConfig |
71.1.2.679. V1ListCloudSourcesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| cloudSources | List of V1CloudSource |
71.1.2.680. V1ListCollectionSelectorsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| selectors |
List of |
71.1.2.681. V1ListCollectionsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| collections | List of StorageResourceCollection |
71.1.2.682. V1ListDeploymentsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| deployments | List of StorageListDeployment |
71.1.2.683. V1ListDeploymentsWithProcessInfoResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| deployments | List of ListDeploymentsWithProcessInfoResponseDeploymentWithProcessInfo |
71.1.2.684. V1ListDiscoveredClustersResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| clusters | List of V1DiscoveredCluster |
71.1.2.685. V1ListImagesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| images | List of StorageListImage |
71.1.2.686. V1ListMitreAttackVectorsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| mitreAttackVectors | List of StorageMitreAttackVector |
71.1.2.687. V1ListNodesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| nodes | List of StorageNode |
71.1.2.688. V1ListPermissionSetsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| permissionSets | List of StoragePermissionSet |
71.1.2.689. V1ListPoliciesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| policies | List of StorageListPolicy |
71.1.2.690. V1ListRoleBindingsResponse
A list of k8s role bindings (free of scoped information) Next Tag: 2
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| bindings | List of StorageK8sRoleBinding |
71.1.2.691. V1ListRolesResponse
A list of k8s roles (free of scoped information) Next Tag: 2
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| roles | List of StorageK8sRole |
71.1.2.692. V1ListSecretsResponse
A list of secrets with their relationships. Next Tag: 2
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| secrets | List of StorageListSecret |
71.1.2.693. V1ListServiceAccountResponse
A list of service accounts (free of scoped information) Next Tag: 2
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| saAndRoles | List of V1ServiceAccountAndRoles |
71.1.2.694. V1ListSignatureIntegrationsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| integrations | List of StorageSignatureIntegration |
71.1.2.695. V1ListSimpleAccessScopesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| accessScopes | List of StorageSimpleAccessScope |
71.1.2.696. V1ListSubjectsResponse
A list of k8s subjects (users and groups only, for service accounts, try the service account service) Next Tag: 2
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| subjectAndRoles | List of V1SubjectAndRoles |
71.1.2.697. V1ListVulnerabilityRequestsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| requestInfos | List of StorageVulnerabilityRequest |
71.1.2.698. V1LockProcessBaselinesRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| keys | List of StorageProcessBaselineKey | ||||
| locked | Boolean |
71.1.2.699. V1LogLevelRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| level | String | ||||
| modules |
List of |
71.1.2.700. V1LogLevelResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| level | String | ||||
| moduleLevels | List of V1ModuleLevel |
71.1.2.701. V1MaxSecuredUnitsUsageResponse
MaxSecuredUnitsUsageResponse holds the maximum values of the secured nodes and CPU Units (as reported by Kubernetes) with the time at which these values were aggregated, with the aggregation period accuracy (1h).
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| maxNodesAt | Date | date-time | |||
| maxNodes | String | int64 | |||
| maxCpuUnitsAt | Date | date-time | |||
| maxCpuUnits | String | int64 |
71.1.2.702. V1Metadata
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| version | String | ||||
| buildFlavor | String | ||||
| releaseBuild | Boolean | ||||
| licenseStatus | NONE, INVALID, EXPIRED, RESTARTING, VALID, |
71.1.2.703. V1ModuleLevel
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| module | String | ||||
| level | String |
71.1.2.704. V1Namespace
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| metadata | |||||
| numDeployments | Integer | int32 | |||
| numSecrets | Integer | int32 | |||
| numNetworkPolicies | Integer | int32 |
71.1.2.705. V1NetworkBaselineExternalStatusResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| anomalous | List of V1NetworkBaselinePeerStatus | ||||
| totalAnomalous | Integer | int32 | |||
| baseline | List of V1NetworkBaselinePeerStatus | ||||
| totalBaseline | Integer | int32 |
71.1.2.706. V1NetworkBaselinePeerEntity
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| type | UNKNOWN_TYPE, DEPLOYMENT, INTERNET, LISTEN_ENDPOINT, EXTERNAL_SOURCE, INTERNAL_ENTITIES, | ||||
| name | String | ||||
| discovered | Boolean |
71.1.2.707. V1NetworkBaselinePeerStatus
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| peer | |||||
| status | BASELINE, ANOMALOUS, |
71.1.2.708. V1NetworkBaselinePeerStatusStatus
Status of this peer connection. As of now we only have two statuses: - BASELINE: the connection is in the current deployment baseline - ANOMALOUS: the connection is not recognized by the current deployment baseline
| Enum Values |
|---|
| BASELINE |
| ANOMALOUS |
71.1.2.709. V1NetworkBaselineStatusPeer
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| entity | |||||
| port | Long | The port and protocol of the destination of the given connection. | int64 | ||
| protocol | L4_PROTOCOL_UNKNOWN, L4_PROTOCOL_TCP, L4_PROTOCOL_UDP, L4_PROTOCOL_ICMP, L4_PROTOCOL_RAW, L4_PROTOCOL_SCTP, L4_PROTOCOL_ANY, | ||||
| ingress | Boolean | A boolean representing whether the query is for an ingress or egress connection. This is defined with respect to the current deployment. Thus: - If the connection in question is in the outEdges of the current deployment, this should be false. - If it is in the outEdges of the peer deployment, this should be true. |
71.1.2.710. V1NetworkBaselineStatusResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| statuses | List of V1NetworkBaselinePeerStatus |
71.1.2.711. V1NetworkEdgeProperties
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| port | Long | int64 | |||
| protocol | L4_PROTOCOL_UNKNOWN, L4_PROTOCOL_TCP, L4_PROTOCOL_UDP, L4_PROTOCOL_ICMP, L4_PROTOCOL_RAW, L4_PROTOCOL_SCTP, L4_PROTOCOL_ANY, | ||||
| lastActiveTimestamp | Date | date-time |
71.1.2.712. V1NetworkEdgePropertiesBundle
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| properties | List of V1NetworkEdgeProperties |
71.1.2.713. V1NetworkGraph
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| epoch | Long | int64 | |||
| nodes | List of V1NetworkNode |
71.1.2.714. V1NetworkGraphDiff
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| DEPRECATEDNodeDiffs | Map of V1NetworkNodeDiff | ||||
| nodeDiffs | Map of V1NetworkNodeDiff |
71.1.2.715. V1NetworkGraphEpoch
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| epoch | Long | int64 |
71.1.2.716. V1NetworkGraphScope
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| query | String |
71.1.2.717. V1NetworkNode
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| entity | |||||
| internetAccess | Boolean | ||||
| policyIds |
List of | ||||
| nonIsolatedIngress | Boolean | ||||
| nonIsolatedEgress | Boolean | ||||
| queryMatch | Boolean | ||||
| outEdges |
71.1.2.718. V1NetworkNodeDiff
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| policyIds |
List of | ||||
| DEPRECATEDOutEdges | |||||
| outEdges | |||||
| nonIsolatedIngress | Boolean | ||||
| nonIsolatedEgress | Boolean |
71.1.2.719. V1NetworkPoliciesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| networkPolicies | List of StorageNetworkPolicy |
71.1.2.720. V1NetworkPolicyInSimulation
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| policy | |||||
| status | INVALID, UNCHANGED, MODIFIED, ADDED, DELETED, | ||||
| oldPolicy |
71.1.2.721. V1NetworkPolicyInSimulationStatus
| Enum Values |
|---|
| INVALID |
| UNCHANGED |
| MODIFIED |
| ADDED |
| DELETED |
71.1.2.722. V1OCMConfig
OCMConfig provides information required to fetch discovered clusters from the OpenShift cluster manager.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| endpoint | String |
71.1.2.723. V1Pagination
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| limit | Integer | int32 | |||
| offset | Integer | int32 | |||
| sortOption | |||||
| sortOptions | List of V1SortOption | This field is under development. It is not supported on any REST APIs. |
71.1.2.724. V1PaladinCloudConfig
PaladinCloudConfig provides information required to fetch discovered clusters from Paladin Cloud.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| endpoint | String |
71.1.2.725. V1PodsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| pods | List of StoragePod |
71.1.2.726. V1PolicyCategoriesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| categories |
List of |
71.1.2.727. V1PolicyCategory
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| isDefault | Boolean |
71.1.2.728. V1PolicyFromSearchRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| searchParams | String |
71.1.2.729. V1PolicyFromSearchResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| policy | |||||
| alteredSearchTerms |
List of | ||||
| hasNestedFields | Boolean |
71.1.2.730. V1PongMessage
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| status | String |
71.1.2.731. V1PostReportConfigurationRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| reportConfig |
71.1.2.732. V1PostReportConfigurationResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| reportConfig |
71.1.2.733. V1Preferences
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| maxGrpcReceiveSizeBytes | String | uint64 |
71.1.2.734. V1ProbeUploadManifestFile
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| size | String | int64 | |||
| crc32 | Long | int64 |
71.1.2.735. V1ProcessBaselineUpdateError
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| error | String | ||||
| key |
71.1.2.736. V1ProcessGroup
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| args | String | ||||
| signals | List of StorageProcessIndicator |
71.1.2.737. V1ProcessNameAndContainerNameGroup
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| containerName | String | ||||
| timesExecuted | Long | int64 | |||
| groups | List of V1ProcessGroup | ||||
| suspicious | Boolean |
71.1.2.738. V1ProcessNameGroup
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| timesExecuted | Long | int64 | |||
| groups | List of V1ProcessGroup |
71.1.2.739. V1PutConfigRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| config |
71.1.2.740. V1PutNetworkGraphConfigRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| config |
71.1.2.741. V1PutPlatformComponentConfigRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| rules | List of PlatformComponentConfigRule |
71.1.2.742. V1RawQuery
RawQuery represents the search query string. The format of the query string is "<field name>:<value,value,…><field name>:<value, value,...>…" For example: To search for deployments named "central" and "sensor" in the namespace "stackrox", the query string would be "Deployment:central,sensor+Namespace:stackrox" RawQuery is used in ListAPIs to search for a particular object.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| query | String | ||||
| pagination |
71.1.2.743. V1RenamePolicyCategoryRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| newCategoryName | String |
71.1.2.744. V1ResolveAlertsRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| query | String |
71.1.2.745. V1SADeploymentRelationship
Service accounts can be used by a deployment. Next Tag: 3
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | Name of the deployment. |
71.1.2.746. V1ScanImageInternalRequestSource
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| clusterId | String | ||||
| namespace | String | ||||
| imagePullSecrets |
List of |
71.1.2.747. V1ScanImageInternalResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| image |
71.1.2.748. V1ScanImageRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| imageName | String | ||||
| force | Boolean | ||||
| includeSnoozed | Boolean | ||||
| cluster | String | Cluster to delegate scan to, may be the cluster’s name or ID. | |||
| namespace | String | Namespace on the secured cluster from which to read context information when delegating image scans, specifically pull secrets to access the image registry. |
71.1.2.749. V1ScopeObject
ScopeObject represents an ID, name pair, which can apply to any entity that takes part in an access scope (so far Cluster and Namespace).
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String |
71.1.2.750. V1ScopedRoles
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| namespace | String | ||||
| roles | List of StorageK8sRole |
71.1.2.751. V1SearchCategory
Next available tag: 78
| Enum Values |
|---|
| SEARCH_UNSET |
| ALERTS |
| IMAGES |
| IMAGE_COMPONENTS |
| IMAGE_VULN_EDGE |
| IMAGE_COMPONENT_EDGE |
| POLICIES |
| DEPLOYMENTS |
| ACTIVE_COMPONENT |
| PODS |
| SECRETS |
| PROCESS_INDICATORS |
| COMPLIANCE |
| CLUSTERS |
| NAMESPACES |
| NODES |
| NODE_COMPONENTS |
| NODE_VULN_EDGE |
| NODE_COMPONENT_EDGE |
| NODE_COMPONENT_CVE_EDGE |
| COMPLIANCE_STANDARD |
| COMPLIANCE_CONTROL_GROUP |
| COMPLIANCE_CONTROL |
| SERVICE_ACCOUNTS |
| ROLES |
| ROLEBINDINGS |
| REPORT_CONFIGURATIONS |
| PROCESS_BASELINES |
| SUBJECTS |
| RISKS |
| VULNERABILITIES |
| CLUSTER_VULNERABILITIES |
| IMAGE_VULNERABILITIES |
| NODE_VULNERABILITIES |
| COMPONENT_VULN_EDGE |
| CLUSTER_VULN_EDGE |
| NETWORK_ENTITY |
| VULN_REQUEST |
| NETWORK_BASELINE |
| NETWORK_POLICIES |
| PROCESS_BASELINE_RESULTS |
| COMPLIANCE_METADATA |
| COMPLIANCE_RESULTS |
| COMPLIANCE_DOMAIN |
| CLUSTER_HEALTH |
| POLICY_CATEGORIES |
| IMAGE_INTEGRATIONS |
| COLLECTIONS |
| POLICY_CATEGORY_EDGE |
| PROCESS_LISTENING_ON_PORT |
| API_TOKEN |
| REPORT_METADATA |
| REPORT_SNAPSHOT |
| COMPLIANCE_INTEGRATIONS |
| COMPLIANCE_SCAN_CONFIG |
| COMPLIANCE_SCAN |
| COMPLIANCE_CHECK_RESULTS |
| BLOB |
| ADMINISTRATION_EVENTS |
| COMPLIANCE_SCAN_CONFIG_STATUS |
| ADMINISTRATION_USAGE |
| COMPLIANCE_PROFILES |
| COMPLIANCE_RULES |
| COMPLIANCE_SCAN_SETTING_BINDINGS |
| COMPLIANCE_SUITES |
| CLOUD_SOURCES |
| DISCOVERED_CLUSTERS |
| COMPLIANCE_REMEDIATIONS |
| COMPLIANCE_BENCHMARKS |
| AUTH_PROVIDERS |
| COMPLIANCE_REPORT_SNAPSHOT |
| IMAGE_COMPONENTS_V2 |
| IMAGE_VULNERABILITIES_V2 |
| IMAGES_V2 |
| VIRTUAL_MACHINES |
71.1.2.752. V1SearchOptionsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| options |
List of |
71.1.2.753. V1SearchResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| results | List of V1SearchResult | ||||
| counts | List of SearchResponseCount |
71.1.2.754. V1SearchResult
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| category | SEARCH_UNSET, ALERTS, IMAGES, IMAGE_COMPONENTS, IMAGE_VULN_EDGE, IMAGE_COMPONENT_EDGE, POLICIES, DEPLOYMENTS, ACTIVE_COMPONENT, PODS, SECRETS, PROCESS_INDICATORS, COMPLIANCE, CLUSTERS, NAMESPACES, NODES, NODE_COMPONENTS, NODE_VULN_EDGE, NODE_COMPONENT_EDGE, NODE_COMPONENT_CVE_EDGE, COMPLIANCE_STANDARD, COMPLIANCE_CONTROL_GROUP, COMPLIANCE_CONTROL, SERVICE_ACCOUNTS, ROLES, ROLEBINDINGS, REPORT_CONFIGURATIONS, PROCESS_BASELINES, SUBJECTS, RISKS, VULNERABILITIES, CLUSTER_VULNERABILITIES, IMAGE_VULNERABILITIES, NODE_VULNERABILITIES, COMPONENT_VULN_EDGE, CLUSTER_VULN_EDGE, NETWORK_ENTITY, VULN_REQUEST, NETWORK_BASELINE, NETWORK_POLICIES, PROCESS_BASELINE_RESULTS, COMPLIANCE_METADATA, COMPLIANCE_RESULTS, COMPLIANCE_DOMAIN, CLUSTER_HEALTH, POLICY_CATEGORIES, IMAGE_INTEGRATIONS, COLLECTIONS, POLICY_CATEGORY_EDGE, PROCESS_LISTENING_ON_PORT, API_TOKEN, REPORT_METADATA, REPORT_SNAPSHOT, COMPLIANCE_INTEGRATIONS, COMPLIANCE_SCAN_CONFIG, COMPLIANCE_SCAN, COMPLIANCE_CHECK_RESULTS, BLOB, ADMINISTRATION_EVENTS, COMPLIANCE_SCAN_CONFIG_STATUS, ADMINISTRATION_USAGE, COMPLIANCE_PROFILES, COMPLIANCE_RULES, COMPLIANCE_SCAN_SETTING_BINDINGS, COMPLIANCE_SUITES, CLOUD_SOURCES, DISCOVERED_CLUSTERS, COMPLIANCE_REMEDIATIONS, COMPLIANCE_BENCHMARKS, AUTH_PROVIDERS, COMPLIANCE_REPORT_SNAPSHOT, IMAGE_COMPONENTS_V2, IMAGE_VULNERABILITIES_V2, IMAGES_V2, VIRTUAL_MACHINES, | ||||
| fieldToMatches | Map of SearchResultMatches | ||||
| score | Double | double | |||
| location | String | Location is intended to be a unique, yet human readable, identifier for the result. For example, for a deployment, the location will be "$cluster_name/$namespace/$deployment_name. It is displayed in the UI in the global search results, underneath the name for each result. |
71.1.2.755. V1SecuredUnitsUsageResponse
SecuredUnitsUsageResponse holds the values of the currently observable administration usage metrics.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| numNodes | String | int64 | |||
| numCpuUnits | String | int64 |
71.1.2.756. V1ServiceAccountAndRoles
A service account and the roles that reference it Next Tag: 5
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| serviceAccount | |||||
| clusterRoles | List of StorageK8sRole | ||||
| scopedRoles | List of V1ScopedRoles | ||||
| deploymentRelationships | List of V1SADeploymentRelationship |
71.1.2.757. V1ServiceIdentityResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| identities | List of StorageServiceIdentity |
71.1.2.758. V1SimulateNetworkGraphResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| simulatedGraph | |||||
| policies | List of V1NetworkPolicyInSimulation | ||||
| added | |||||
| removed |
71.1.2.759. V1SortOption
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| field | String | ||||
| reversed | Boolean | ||||
| aggregateBy |
71.1.2.760. V1SubjectAndRoles
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| subject | |||||
| roles | List of StorageK8sRole |
71.1.2.761. V1SuppressCVERequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| cves |
List of |
These are (NVD) vulnerability identifiers, | |||
| duration | String | In JSON format, the Duration type is encoded as a string rather than an object, where the string ends in the suffix "s" (indicating seconds) and is preceded by the number of seconds, with nanoseconds expressed as fractional seconds. For example, 3 seconds with 0 nanoseconds should be encoded in JSON format as "3s", while 3 seconds and 1 nanosecond should be expressed in JSON format as "3.000000001s", and 3 seconds and 1 microsecond should be expressed in JSON format as "3.000001s". |
71.1.2.762. V1TLSChallengeResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| trustInfoSerialized | byte[] | byte | |||
| signature | byte[] | byte | |||
| signatureSecondaryCa | byte[] | optional signature by key from TrustInfo.secondary_cert_chain[0]. | byte |
71.1.2.763. V1TestCloudSourceRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| cloudSource | |||||
| updateCredentials | Boolean | If true, cloud_source must include valid credentials. If false, the resource must already exist and credentials in cloud_source are ignored. |
71.1.2.764. V1Traits
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| mutabilityMode | ALLOW_MUTATE, ALLOW_MUTATE_FORCED, | ||||
| visibility | VISIBLE, HIDDEN, | ||||
| origin | IMPERATIVE, DEFAULT, DECLARATIVE, DECLARATIVE_ORPHANED, |
71.1.2.765. V1TraitsMutabilityMode
EXPERIMENTAL. NOTE: Please refer from using MutabilityMode for the time being. It will be replaced in the future (ROX-14276). MutabilityMode specifies whether and how an object can be modified. Default is ALLOW_MUTATE and means there are no modification restrictions; this is equivalent to the absence of MutabilityMode specification. ALLOW_MUTATE_FORCED forbids all modifying operations except object removal with force bit on.
Be careful when changing the state of this field. For example, modifying an object from ALLOW_MUTATE to ALLOW_MUTATE_FORCED is allowed but will prohibit any further changes to it, including modifying it back to ALLOW_MUTATE.
| Enum Values |
|---|
| ALLOW_MUTATE |
| ALLOW_MUTATE_FORCED |
71.1.2.766. V1TraitsOrigin
Origin specifies the origin of an object. Objects can have four different origins: - IMPERATIVE: the object was created via the API. This is assumed by default. - DEFAULT: the object is a default object, such as default roles, access scopes etc. - DECLARATIVE: the object is created via declarative configuration. - DECLARATIVE_ORPHANED: the object is created via declarative configuration and then unsuccessfully deleted(for example, because it is referenced by another object) Based on the origin, different rules apply to the objects. Objects with the DECLARATIVE origin are not allowed to be modified via API, only via declarative configuration. Additionally, they may not reference objects with the IMPERATIVE origin. Objects with the DEFAULT origin are not allowed to be modified via either API or declarative configuration. They may be referenced by all other objects. Objects with the IMPERATIVE origin are allowed to be modified via API, not via declarative configuration. They may reference all other objects. Objects with the DECLARATIVE_ORPHANED origin are not allowed to be modified via either API or declarative configuration. DECLARATIVE_ORPHANED resource can become DECLARATIVE again if it is redefined in declarative configuration. Objects with this origin will be cleaned up from the system immediately after they are not referenced by other resources anymore. They may be referenced by all other objects.
| Enum Values |
|---|
| IMPERATIVE |
| DEFAULT |
| DECLARATIVE |
| DECLARATIVE_ORPHANED |
71.1.2.767. V1TraitsVisibility
EXPERIMENTAL. visibility allows to specify whether the object should be visible for certain APIs.
| Enum Values |
|---|
| VISIBLE |
| HIDDEN |
71.1.2.768. V1TriggerComplianceRunsRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| selection |
71.1.2.769. V1TriggerComplianceRunsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| startedRuns | List of V1ComplianceRun |
71.1.2.770. V1Type
| Enum Values |
|---|
| CREATED |
| REMOVED |
71.1.2.771. V1UndoVulnRequestResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| requestInfo |
71.1.2.772. V1UnsuppressCVERequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| cves |
List of |
These are (NVD) vulnerability identifiers, |
71.1.2.773. V1UpdateCollectionResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| collection |
71.1.2.774. V1UpdateExternalBackupRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| externalBackup | |||||
| updatePassword | Boolean | When false, use the stored credentials of an existing external backup configuration given its ID. |
71.1.2.775. V1UpdateImageIntegrationRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| config | |||||
| updatePassword | Boolean | When false, use the stored credentials of an existing image integration given its ID. |
71.1.2.776. V1UpdateNotifierRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| notifier | |||||
| updatePassword | Boolean | When false, use the stored credentials of an existing notifier configuration given its ID. |
71.1.2.777. V1UpdateProcessBaselinesRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| keys | List of StorageProcessBaselineKey | ||||
| addElements | List of StorageBaselineItem | ||||
| removeElements | List of StorageBaselineItem |
71.1.2.778. V1UpdateProcessBaselinesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| baselines | List of StorageProcessBaseline | ||||
| errors | List of V1ProcessBaselineUpdateError |
71.1.2.779. V1UpdateSensorUpgradeConfigRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| config |
71.1.2.780. V1UpdateVulnRequestResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| requestInfo |
71.1.2.781. V1UpdateVulnerabilityExceptionConfigRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| config |
71.1.2.782. V1UpdateVulnerabilityExceptionConfigResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| config |
71.1.2.783. V1UserAttribute
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| key | String | ||||
| values |
List of |
71.1.2.784. V1UserAttributeTuple
UserAttributeTuple descript the auth:key:value tuple that decides group membership. Next Tag: 4
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| authProviderId | String | ||||
| key | String | ||||
| value | String |
71.1.2.785. V1VulnDefinitionsInfo
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| lastUpdatedTimestamp | Date | date-time |
71.1.2.786. V1VulnDefinitionsInfoRequestComponent
| Enum Values |
|---|
| SCANNER |
| SCANNER_V4 |
71.1.2.787. V1VulnMgmtExportWorkloadsResponse
The workloads response contains the full image details including the vulnerability data.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| deployment | |||||
| images | List of StorageImage | ||||
| livePods | Integer | int32 |
71.1.2.788. V1VulnerabilityExceptionConfig
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| expiryOptions |
71.1.2.789. V1VulnerabilityExceptionConfigExpiryOptions
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| dayOptions | List of V1DayOption | This allows users to set expiry interval based on number of days. | |||
| fixableCveOptions | |||||
| customDate | Boolean | This option, if true, allows UI to show a custom date picker for setting expiry date. | |||
| indefinite | Boolean |
71.1.2.790. V1VulnerabilityExceptionConfigFixableCVEOptions
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| allFixable | Boolean | This options allows users to expire the vulnerability deferral request if and only if all vulnerabilities in the requests become fixable. | |||
| anyFixable | Boolean | This options allows users to expire the vulnerability deferral request if any vulnerability in the requests become fixable. |
71.1.2.791. V1WatchImageRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | The name of the image. This must be fully qualified, including a tag, but must NOT include a SHA. |
71.1.2.792. V1WatchImageResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| normalizedName | String | ||||
| errorType | NO_ERROR, INVALID_IMAGE_NAME, NO_VALID_INTEGRATION, SCAN_FAILED, | ||||
| errorMessage | String | Only set if error_type is NOT equal to "NO_ERROR". |
71.1.2.793. V2Advisory
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| link | String |
71.1.2.794. V2AggregateBy
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| aggrFunc | UNSET, COUNT, MIN, MAX, | ||||
| distinct | Boolean |
71.1.2.795. V2Aggregation
| Enum Values |
|---|
| UNSET |
| COUNT |
| MIN |
| MAX |
71.1.2.796. V2ApproveVulnerabilityExceptionResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| exception |
71.1.2.797. V2BaseComplianceScanConfigurationSettings
Next available tag: 5
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| oneTimeScan | Boolean | ||||
| profiles |
List of | ||||
| scanSchedule | |||||
| description | String | ||||
| notifiers | List of V2NotifierConfiguration |
71.1.2.798. V2COStatus
Represents the status of compliance operator
| Enum Values |
|---|
| HEALTHY |
| UNHEALTHY |
71.1.2.799. V2CVSSScore
71.1.2.800. V2CVSSV3
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| vector | String | ||||
| exploitabilityScore | Float | float | |||
| impactScore | Float | float | |||
| attackVector | ATTACK_LOCAL, ATTACK_ADJACENT, ATTACK_NETWORK, ATTACK_PHYSICAL, | ||||
| attackComplexity | COMPLEXITY_LOW, COMPLEXITY_HIGH, | ||||
| privilegesRequired | PRIVILEGE_NONE, PRIVILEGE_LOW, PRIVILEGE_HIGH, | ||||
| userInteraction | UI_NONE, UI_REQUIRED, | ||||
| scope | UNCHANGED, CHANGED, | ||||
| confidentiality | IMPACT_NONE, IMPACT_LOW, IMPACT_HIGH, | ||||
| integrity | IMPACT_NONE, IMPACT_LOW, IMPACT_HIGH, | ||||
| availability | IMPACT_NONE, IMPACT_LOW, IMPACT_HIGH, | ||||
| score | Float | float | |||
| severity | UNKNOWN, NONE, LOW, MEDIUM, HIGH, CRITICAL, |
71.1.2.801. V2CVSSV3Scope
| Enum Values |
|---|
| UNCHANGED |
| CHANGED |
71.1.2.802. V2CancelVulnerabilityExceptionResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| exception |
71.1.2.803. V2ClusterCheckStatus
ClusterCheckStatus groups the result of the check by cluster
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| cluster | |||||
| status | UNSET_CHECK_STATUS, PASS, FAIL, ERROR, INFO, MANUAL, NOT_APPLICABLE, INCONSISTENT, | ||||
| createdTime | Date | date-time | |||
| checkUid | String | ||||
| lastScanTime | Date | date-time |
71.1.2.804. V2ClusterPlatformType
| Enum Values |
|---|
| GENERIC_CLUSTER |
| KUBERNETES_CLUSTER |
| OPENSHIFT_CLUSTER |
| OPENSHIFT4_CLUSTER |
71.1.2.805. V2ClusterProviderType
| Enum Values |
|---|
| UNSPECIFIED |
| AKS |
| ARO |
| EKS |
| GKE |
| OCP |
| OSD |
| ROSA |
71.1.2.806. V2ClusterScanStatus
ClusterScanStatus holds status based on cluster in the event that a scan configuration was successfully applied to some clusters but not others. Next available tag: 5
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| clusterId | String | ||||
| errors |
List of | ||||
| clusterName | String | ||||
| suiteStatus |
71.1.2.807. V2CollectionReference
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| collectionId | String | ||||
| collectionName | String |
71.1.2.808. V2CollectionSnapshot
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String |
71.1.2.809. V2Comment
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| message | String | ||||
| user | |||||
| createdAt | Date | date-time |
71.1.2.810. V2ComplianceBenchmark
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| version | String | ||||
| description | String | ||||
| provider | String | ||||
| shortName | String |
71.1.2.811. V2ComplianceCheckData
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| clusterId | String | ||||
| scanName | String | ||||
| result |
71.1.2.812. V2ComplianceCheckResult
ComplianceCheckResult details of an instance of a compliance check result
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| checkId | String | ||||
| checkName | String | ||||
| checkUid | String | ||||
| description | String | ||||
| instructions | String | ||||
| rationale | String | ||||
| valuesUsed |
List of | ||||
| warnings |
List of | ||||
| status | UNSET_CHECK_STATUS, PASS, FAIL, ERROR, INFO, MANUAL, NOT_APPLICABLE, INCONSISTENT, | ||||
| ruleName | String | ||||
| labels |
Map of | ||||
| annotations |
Map of | ||||
| controls | List of V2ComplianceControl |
71.1.2.813. V2ComplianceCheckResultStatusCount
Group the number of occurrences by status
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| checkName | String | ||||
| rationale | String | ||||
| ruleName | String | ||||
| checkStats | List of V2ComplianceCheckStatusCount | ||||
| controls | List of V2ComplianceControl |
71.1.2.814. V2ComplianceCheckStatus
| Enum Values |
|---|
| UNSET_CHECK_STATUS |
| PASS |
| FAIL |
| ERROR |
| INFO |
| MANUAL |
| NOT_APPLICABLE |
| INCONSISTENT |
71.1.2.815. V2ComplianceCheckStatusCount
Group the number of occurrences by status
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| count | Integer | int32 | |||
| status | UNSET_CHECK_STATUS, PASS, FAIL, ERROR, INFO, MANUAL, NOT_APPLICABLE, INCONSISTENT, |
71.1.2.816. V2ComplianceClusterCheckStatus
ComplianceClusterCheckStatus provides the status of a compliance check result across clusters
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| checkId | String | ||||
| checkName | String | ||||
| clusters | List of V2ClusterCheckStatus | ||||
| description | String | ||||
| instructions | String | ||||
| rationale | String | ||||
| valuesUsed |
List of | ||||
| warnings |
List of | ||||
| labels |
Map of | ||||
| annotations |
Map of | ||||
| controls | List of V2ComplianceControl |
71.1.2.817. V2ComplianceClusterOverallStats
ComplianceClusterOverallStats provides overall stats for cluster
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| cluster | |||||
| checkStats | List of V2ComplianceCheckStatusCount | ||||
| clusterErrors |
List of | ||||
| lastScanTime | Date | date-time |
71.1.2.818. V2ComplianceClusterScanStats
ComplianceClusterScanStats provides scan stats overview based on cluster
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| scanStats | |||||
| cluster |
71.1.2.819. V2ComplianceControl
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| standard | String | ||||
| control | String |
71.1.2.820. V2ComplianceIntegration
Next Tag: 11
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| version | String | ||||
| clusterId | String | ||||
| clusterName | String | ||||
| namespace | String | ||||
| statusErrors |
List of | Collection of errors that occurred while trying to obtain compliance operator health info. | |||
| operatorInstalled | Boolean | ||||
| status | HEALTHY, UNHEALTHY, | ||||
| clusterPlatformType | GENERIC_CLUSTER, KUBERNETES_CLUSTER, OPENSHIFT_CLUSTER, OPENSHIFT4_CLUSTER, | ||||
| clusterProviderType | UNSPECIFIED, AKS, ARO, EKS, GKE, OCP, OSD, ROSA, |
71.1.2.821. V2ComplianceProfile
Next Tag: 12
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| profileVersion | String | ||||
| productType | String | ||||
| description | String | ||||
| rules | List of V2ComplianceRule | ||||
| product | String | ||||
| title | String | ||||
| values |
List of | ||||
| standards | List of V2ComplianceBenchmark |
71.1.2.822. V2ComplianceProfileScanStats
ComplianceProfileScanStats provides scan stats overview based on profile
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| checkStats | List of V2ComplianceCheckStatusCount | ||||
| profileName | String | ||||
| title | String | ||||
| version | String | ||||
| benchmarks | List of V2ComplianceBenchmark |
71.1.2.823. V2ComplianceProfileSummary
Next Tag: 8
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| productType | String | ||||
| description | String | ||||
| title | String | ||||
| ruleCount | Integer | int32 | |||
| profileVersion | String | ||||
| standards | List of V2ComplianceBenchmark |
71.1.2.824. V2ComplianceReportHistoryResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| complianceReportSnapshots | List of V2ComplianceReportSnapshot |
71.1.2.825. V2ComplianceReportSnapshot
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| reportJobId | String | ||||
| scanConfigId | String | ||||
| name | String | ||||
| description | String | ||||
| reportStatus | |||||
| reportData | |||||
| user | |||||
| isDownloadAvailable | Boolean |
71.1.2.826. V2ComplianceReportStatus
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| runState | WAITING, PREPARING, GENERATED, DELIVERED, FAILURE, PARTIAL_ERROR, PARTIAL_SCAN_ERROR_DOWNLOAD, PARTIAL_SCAN_ERROR_EMAIL, | ||||
| startedAt | Date | date-time | |||
| completedAt | Date | date-time | |||
| errorMsg | String | ||||
| reportRequestType | ON_DEMAND, SCHEDULED, | ||||
| reportNotificationMethod | EMAIL, DOWNLOAD, | ||||
| failedClusters | List of V2FailedCluster |
71.1.2.827. V2ComplianceReportStatusReportMethod
| Enum Values |
|---|
| ON_DEMAND |
| SCHEDULED |
71.1.2.828. V2ComplianceReportStatusRunState
| Enum Values |
|---|
| WAITING |
| PREPARING |
| GENERATED |
| DELIVERED |
| FAILURE |
| PARTIAL_ERROR |
| PARTIAL_SCAN_ERROR_DOWNLOAD |
| PARTIAL_SCAN_ERROR_EMAIL |
71.1.2.829. V2ComplianceRule
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| ruleType | String | ||||
| severity | String | ||||
| standard | String | ||||
| control | String | ||||
| title | String | ||||
| description | String | ||||
| rationale | String | ||||
| fixes | List of ComplianceRuleFix | ||||
| id | String | ||||
| ruleId | String | ||||
| parentRule | String | ||||
| instructions | String | ||||
| warning | String |
71.1.2.830. V2ComplianceRunReportRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| scanConfigId | String | ||||
| reportNotificationMethod | EMAIL, DOWNLOAD, |
71.1.2.831. V2ComplianceRunReportResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| runState | SUBMITTED, ERROR, | ||||
| submittedAt | Date | date-time | |||
| errorMsg | String |
71.1.2.832. V2ComplianceRunReportResponseRunState
| Enum Values |
|---|
| SUBMITTED |
| ERROR |
71.1.2.833. V2ComplianceScanCluster
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| clusterId | String | ||||
| clusterName | String |
71.1.2.834. V2ComplianceScanConfiguration
Next available tag: 5
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| scanName | String | ||||
| scanConfig | |||||
| clusters |
List of |
71.1.2.835. V2ComplianceScanConfigurationStatus
Next available tag: 9
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| scanName | String | ||||
| scanConfig | |||||
| clusterStatus | List of V2ClusterScanStatus | ||||
| createdTime | Date | date-time | |||
| lastUpdatedTime | Date | date-time | |||
| modifiedBy | |||||
| lastExecutedTime | Date | date-time |
71.1.2.836. V2ComplianceScanStatsShim
ComplianceScanStatsShim models statistics of checks for a given scan configuration
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| scanName | String | ||||
| checkStats | List of V2ComplianceCheckStatusCount | ||||
| lastScan | Date | date-time | |||
| scanConfigId | String |
71.1.2.837. V2CountReportConfigurationsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| count | Integer | int32 |
71.1.2.838. V2CreateDeferVulnerabilityExceptionRequest
next available tag: 6
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| cves |
List of | REQUIRED. The CVEs to which the exception should be applied. | |||
| comment | String | REQUIRED. The rationale for creating the exception. | |||
| scope | |||||
| exceptionExpiry |
71.1.2.839. V2CreateDeferVulnerabilityExceptionResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| exception |
71.1.2.840. V2CreateFalsePositiveVulnerabilityExceptionRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| cves |
List of | REQUIRED. The CVEs to which the exception should be applied. | |||
| scope | |||||
| comment | String | REQUIRED. The rationale for creating the exception. |
71.1.2.841. V2CreateFalsePositiveVulnerabilityExceptionResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| exception |
71.1.2.842. V2DeferralRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| expiry |
71.1.2.843. V2DeferralUpdate
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| cves |
List of | Use this field to update the CVEs of a deferral exception. | |||
| expiry |
71.1.2.844. V2DenyVulnerabilityExceptionResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| exception |
71.1.2.845. V2EPSS
EPSS Score stores two epss metrics returned by scanner - epss probability and epss percentile
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| epssProbability | Float | float | |||
| epssPercentile | Float | float |
71.1.2.846. V2EmailNotifierConfiguration
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| notifierId | String | ||||
| mailingLists |
List of | ||||
| customSubject | String | ||||
| customBody | String |
71.1.2.847. V2EmbeddedVulnerability
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| cve | String | ||||
| summary | String | ||||
| link | String | ||||
| publishedOn | Date | date-time | |||
| lastModified | Date | date-time | |||
| firstSystemOccurrence | Date | Time when the CVE was first seen, for this specific distro, in the system. | date-time | ||
| cvssMetrics | List of V2CVSSScore | ||||
| epss | |||||
| cvss | Float | float | |||
| fixedBy | String | ||||
| severity | UNKNOWN_VULNERABILITY_SEVERITY, LOW_VULNERABILITY_SEVERITY, MODERATE_VULNERABILITY_SEVERITY, IMPORTANT_VULNERABILITY_SEVERITY, CRITICAL_VULNERABILITY_SEVERITY, | ||||
| advisory |
71.1.2.848. V2ExceptionExpiry
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| expiryType | TIME, ALL_CVE_FIXABLE, ANY_CVE_FIXABLE, | ||||
| expiresOn | Date | Indicates the timestamp when the exception expires. This field is REQUIRED only if the expiry type is set to TIME. | date-time |
71.1.2.849. V2ExceptionStatus
Indicates the status of a request.
- PENDING: Default request state. It indicates that the request has not been fulfilled and that an action (approve/deny) is required.
- APPROVED: Indicates that the request has been approved by the approver.
- DENIED: Indicates that the request has been denied by the approver.
- APPROVED_PENDING_UPDATE: Indicates that the original request was approved, but an update is still pending an approval or denial.
| Enum Values |
|---|
| PENDING |
| APPROVED |
| DENIED |
| APPROVED_PENDING_UPDATE |
71.1.2.850. V2FailedCluster
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| clusterId | String | ||||
| clusterName | String | ||||
| reason | String | ||||
| operatorVersion | String |
71.1.2.851. V2FalsePositiveUpdate
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| cves |
List of | Use this field to update the CVEs of a false-positive exception. |
71.1.2.852. V2GetVulnerabilityExceptionResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| exception |
71.1.2.853. V2ListComplianceCheckClusterResponse
ListComplianceCheckClusterResponse provides stats per cluster
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| checkResults | List of V2ClusterCheckStatus | ||||
| profileName | String | ||||
| checkName | String | ||||
| totalCount | Integer | int32 | |||
| controls | List of V2ComplianceControl |
71.1.2.854. V2ListComplianceCheckResultResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| checkResults | List of V2ComplianceCheckResult | ||||
| profileName | String | ||||
| clusterId | String | ||||
| totalCount | Integer | int32 | |||
| lastScanTime | Date | date-time |
71.1.2.855. V2ListComplianceClusterOverallStatsResponse
ListComplianceCheckScanStatsResponse provides stats per cluster
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| scanStats | List of V2ComplianceClusterOverallStats | ||||
| totalCount | Integer | int32 |
71.1.2.856. V2ListComplianceClusterProfileStatsResponse
ListComplianceClusterProfileStatsResponse provides stats for the profiles within the scans
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| scanStats | List of V2ComplianceProfileScanStats | ||||
| clusterId | String | ||||
| clusterName | String | ||||
| totalCount | Integer | int32 |
71.1.2.857. V2ListComplianceClusterScanStatsResponse
ListComplianceClusterScanStatsResponse provides stats for the clusters within the scans
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| scanStats | List of V2ComplianceClusterScanStats | ||||
| totalCount | Integer | int32 |
71.1.2.858. V2ListComplianceIntegrationsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| integrations | List of V2ComplianceIntegration | ||||
| totalCount | Integer | int32 |
71.1.2.859. V2ListComplianceProfileResults
ListComplianceProfileResults provides scan stats overview based on profile
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| profileResults | |||||
| profileName | String | ||||
| totalCount | Integer | int32 |
71.1.2.860. V2ListComplianceProfileScanStatsResponse
ListComplianceProfileScanStatsResponse provides stats for the profiles within the scans
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| scanStats | List of V2ComplianceProfileScanStats | ||||
| totalCount | Integer | int32 |
71.1.2.861. V2ListComplianceProfileSummaryResponse
ListComplianceProfileSummaryResponse provides a list of profiles summaries
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| profiles | List of V2ComplianceProfileSummary | ||||
| totalCount | Integer | int32 |
71.1.2.862. V2ListComplianceProfilesResponse
ListComplianceProfilesResponse provides a list of profiles
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| profiles | List of V2ComplianceProfile | ||||
| totalCount | Integer | int32 |
71.1.2.863. V2ListComplianceResultsResponse
ListComplianceResultsResponse provides the complete scan results
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| scanResults | List of V2ComplianceCheckData | ||||
| totalCount | Integer | int32 |
71.1.2.864. V2ListComplianceScanConfigsClusterProfileResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| clusterId | String | ||||
| clusterName | String | ||||
| profiles | List of V2ComplianceProfileSummary | ||||
| totalCount | Integer | int32 |
71.1.2.865. V2ListComplianceScanConfigsProfileResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| profiles | List of V2ComplianceProfileSummary | ||||
| totalCount | Integer | int32 |
71.1.2.866. V2ListComplianceScanConfigurationsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| configurations | |||||
| totalCount | Integer | int32 |
71.1.2.867. V2ListReportConfigurationsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| reportConfigs | List of V2ReportConfiguration |
71.1.2.868. V2ListVirtualMachinesResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| virtualMachines | List of V2VirtualMachine | ||||
| totalCount | Integer | int32 |
71.1.2.869. V2ListVulnerabilityExceptionsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| exceptions | List of V2VulnerabilityException |
71.1.2.870. V2NotificationMethod
| Enum Values |
|---|
| |
| DOWNLOAD |
71.1.2.871. V2NotifierConfiguration
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| emailConfig | |||||
| notifierName | String |
71.1.2.872. V2Pagination
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| limit | Integer | int32 | |||
| offset | Integer | int32 | |||
| sortOption | |||||
| sortOptions | List of V2SortOption | This field is under development. It is not supported on any REST APIs. |
71.1.2.873. V2RawQuery
RawQuery represents the search query string. The format of the query string is "<field name>:<value,value,…><field name>:<value, value,...>…" For example: To search for deployments named "central" and "sensor" in the namespace "stackrox", the query string would be "Deployment:central,sensor+Namespace:stackrox" RawQuery is used in ListAPIs to search for a particular object.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| query | String | ||||
| pagination |
71.1.2.874. V2ReportConfiguration
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| description | String | ||||
| type | VULNERABILITY, | ||||
| vulnReportFilters | |||||
| schedule | |||||
| resourceScope | |||||
| notifiers | List of V2NotifierConfiguration |
71.1.2.875. V2ReportConfigurationReportType
| Enum Values |
|---|
| VULNERABILITY |
71.1.2.876. V2ReportHistoryResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| reportSnapshots | List of V2ReportSnapshot |
71.1.2.877. V2ReportRequestViewBased
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| type | VULNERABILITY, | ||||
| viewBasedVulnReportFilters | |||||
| areaOfConcern | String |
71.1.2.878. V2ReportRequestViewBasedReportType
| Enum Values |
|---|
| VULNERABILITY |
71.1.2.879. V2ReportSchedule
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| intervalType | UNSET, WEEKLY, MONTHLY, | ||||
| hour | Integer | int32 | |||
| minute | Integer | int32 | |||
| daysOfWeek | |||||
| daysOfMonth |
71.1.2.880. V2ReportScheduleDaysOfMonth
1 for 1st, 2 for 2nd …. 31 for 31st
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| days |
List of | int32 |
71.1.2.881. V2ReportScheduleDaysOfWeek
Sunday = 0, Monday = 1, …. Saturday = 6
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| days |
List of | int32 |
71.1.2.882. V2ReportScheduleIntervalType
| Enum Values |
|---|
| UNSET |
| WEEKLY |
| MONTHLY |
71.1.2.883. V2ReportSnapshot
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| reportConfigId | String | ||||
| reportJobId | String | ||||
| name | String | ||||
| description | String | ||||
| vulnReportFilters | |||||
| viewBasedVulnReportFilters | |||||
| collectionSnapshot | |||||
| schedule | |||||
| reportStatus | |||||
| notifiers | List of V2NotifierConfiguration | ||||
| user | |||||
| isDownloadAvailable | Boolean | ||||
| areaOfConcern | String |
71.1.2.884. V2ReportStatus
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| runState | WAITING, PREPARING, GENERATED, DELIVERED, FAILURE, | ||||
| completedAt | Date | date-time | |||
| errorMsg | String | ||||
| reportRequestType | ON_DEMAND, SCHEDULED, | ||||
| reportNotificationMethod | EMAIL, DOWNLOAD, |
71.1.2.885. V2ReportStatusReportMethod
| Enum Values |
|---|
| ON_DEMAND |
| SCHEDULED |
71.1.2.886. V2ReportStatusResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| status |
71.1.2.887. V2ReportStatusRunState
| Enum Values |
|---|
| WAITING |
| PREPARING |
| GENERATED |
| DELIVERED |
| FAILURE |
71.1.2.888. V2ResourceScope
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| collectionScope |
71.1.2.889. V2RunReportRequest
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| reportConfigId | String | ||||
| reportNotificationMethod | EMAIL, DOWNLOAD, |
71.1.2.890. V2RunReportResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| reportConfigId | String | ||||
| reportId | String |
71.1.2.891. V2RunReportResponseViewBased
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| reportID | String | ||||
| requestName | String |
71.1.2.892. V2ScanComponent
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| name | String | ||||
| version | String | ||||
| topCvss | Float | float | |||
| riskScore | Float | float | |||
| architecture | String | ||||
| vulns | List of V2EmbeddedVulnerability | ||||
| source | OS, PYTHON, JAVA, RUBY, NODEJS, GO, DOTNETCORERUNTIME, INFRASTRUCTURE, | ||||
| notes | List of V2ScanComponentNote |
71.1.2.893. V2ScanComponentNote
Note specifies a conditional status of the scan component.
- UNSCANNED: Scan components remain unscanned if the corresponding package is not associated with a valid Common Platform Enumeration (CPE).
| Enum Values |
|---|
| UNSPECIFIED |
| UNSCANNED |
71.1.2.894. V2Schedule
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| intervalType | UNSET, WEEKLY, MONTHLY, DAILY, | ||||
| hour | Integer | int32 | |||
| minute | Integer | int32 | |||
| daysOfWeek | |||||
| daysOfMonth |
71.1.2.895. V2ScheduleDaysOfMonth
1 for 1st, 2 for 2nd …. 31 for 31st
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| days |
List of | int32 |
71.1.2.896. V2ScheduleDaysOfWeek
Sunday = 0, Monday = 1, …. Saturday = 6
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| days |
List of | int32 |
71.1.2.897. V2ScheduleIntervalType
| Enum Values |
|---|
| UNSET |
| WEEKLY |
| MONTHLY |
| DAILY |
71.1.2.898. V2SlimUser
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String |
71.1.2.899. V2SortOption
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| field | String | ||||
| reversed | Boolean | ||||
| aggregateBy |
71.1.2.900. V2Source
| Enum Values |
|---|
| SOURCE_UNKNOWN |
| SOURCE_RED_HAT |
| SOURCE_OSV |
| SOURCE_NVD |
71.1.2.901. V2SourceType
| Enum Values |
|---|
| OS |
| PYTHON |
| JAVA |
| RUBY |
| NODEJS |
| GO |
| DOTNETCORERUNTIME |
| INFRASTRUCTURE |
71.1.2.902. V2UpdateVulnerabilityExceptionResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| exception |
71.1.2.903. V2ViewBasedVulnerabilityReportFilters
filter for ondemand view based reports
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| query | String |
71.1.2.904. V2VirtualMachine
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| namespace | String | ||||
| name | String | ||||
| clusterId | String | ||||
| clusterName | String | ||||
| facts |
Map of | ||||
| lastUpdated | Date | date-time | |||
| vsockCid | Integer | int32 | |||
| state | UNKNOWN, STOPPED, RUNNING, | ||||
| scan |
71.1.2.905. V2VirtualMachineScan
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| scanTime | Date | date-time | |||
| operatingSystem | String | ||||
| notes | List of V2VirtualMachineScanNote | ||||
| components | List of V2ScanComponent |
71.1.2.906. V2VirtualMachineScanNote
| Enum Values |
|---|
| UNSET |
| OS_UNKNOWN |
| OS_UNSUPPORTED |
71.1.2.907. V2VulnerabilityException
Next available tag: 16 VulnerabilityException represents a vulnerability exception such as deferral and false-positive.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | Auto-generated display name of the exception. | |||
| targetState | OBSERVED, DEFERRED, FALSE_POSITIVE, | ||||
| status | PENDING, APPROVED, DENIED, APPROVED_PENDING_UPDATE, | ||||
| expired | Boolean |
If set to | |||
| requester | |||||
| approvers | List of V2SlimUser | ||||
| createdAt | Date | date-time | |||
| lastUpdated | Date | date-time | |||
| comments | List of V2Comment | ||||
| scope | |||||
| deferralRequest | |||||
| falsePositiveRequest | Object | ||||
| cves |
List of | Indicates the CVEs to which the exception applies. | |||
| deferralUpdate | |||||
| falsePositiveUpdate |
71.1.2.908. V2VulnerabilityExceptionScope
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| imageScope |
71.1.2.909. V2VulnerabilityReportFilters
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| fixability | BOTH, FIXABLE, NOT_FIXABLE, | ||||
| severities | |||||
| imageTypes | |||||
| allVuln | Boolean | ||||
| sinceLastSentScheduledReport | Boolean | ||||
| sinceStartDate | Date | date-time | |||
| includeNvdCvss | Boolean | ||||
| includeEpssProbability | Boolean | ||||
| includeAdvisory | Boolean |
71.1.2.910. V2VulnerabilityReportFiltersVulnerabilitySeverity
| Enum Values |
|---|
| UNKNOWN_VULNERABILITY_SEVERITY |
| LOW_VULNERABILITY_SEVERITY |
| MODERATE_VULNERABILITY_SEVERITY |
| IMPORTANT_VULNERABILITY_SEVERITY |
| CRITICAL_VULNERABILITY_SEVERITY |
71.1.2.911. V2VulnerabilitySeverity
| Enum Values |
|---|
| UNKNOWN_VULNERABILITY_SEVERITY |
| LOW_VULNERABILITY_SEVERITY |
| MODERATE_VULNERABILITY_SEVERITY |
| IMPORTANT_VULNERABILITY_SEVERITY |
| CRITICAL_VULNERABILITY_SEVERITY |
71.1.2.912. V2VulnerabilityState
VulnerabilityState are the possible applicable to CVE. By default all vulnerabilities are in observed state.
- OBSERVED: This is the default state and indicates that the CVE is not excluded from policy evaluation and risk evaluation.
- DEFERRED: Indicates that the vulnerability is deferred. A deferred CVE is excluded from policy evaluation and risk evaluation.
- FALSE_POSITIVE: Indicates that the vulnerability is a false-positive. A false-positive CVE is excluded from policy evaluation and risk evaluation.
| Enum Values |
|---|
| OBSERVED |
| DEFERRED |
| FALSE_POSITIVE |
71.1.2.913. V4Contents
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| packagesDEPRECATED | List of V4Package | ||||
| packages | Map of V4Package | ||||
| distributionsDEPRECATED | List of V4Distribution | ||||
| distributions | Map of V4Distribution | ||||
| repositoriesDEPRECATED | List of V4Repository | ||||
| repositories | Map of V4Repository | ||||
| environmentsDEPRECATED | Map of EnvironmentList | ||||
| environments | Map of EnvironmentList |
71.1.2.914. V4Distribution
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| did | String | ||||
| name | String | ||||
| version | String | ||||
| versionCodeName | String | ||||
| versionId | String | ||||
| arch | String | ||||
| cpe | String | ||||
| prettyName | String |
71.1.2.915. V4Environment
Environment describes the surrounding environment a package was discovered in.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| packageDb | String | ||||
| introducedIn | String | ||||
| distributionId | String | ||||
| repositoryIds |
List of |
71.1.2.916. V4NormalizedVersion
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| kind | String | ||||
| v |
List of | int32 |
71.1.2.917. V4Package
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| version | String | ||||
| normalizedVersion | |||||
| fixedInVersion | String | ||||
| kind | String | ||||
| source | |||||
| packageDb | String | ||||
| repositoryHint | String | ||||
| module | String | ||||
| arch | String | ||||
| cpe | String |
71.1.2.918. V4Repository
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| id | String | ||||
| name | String | ||||
| key | String | ||||
| uri | String | ||||
| cpe | String |
71.1.2.919. ViolationKeyValueAttrs
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| attrs | List of KeyValueAttrsKeyValueAttr |
71.1.2.920. ViolationNetworkFlowInfo
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| protocol | L4_PROTOCOL_UNKNOWN, L4_PROTOCOL_TCP, L4_PROTOCOL_UDP, L4_PROTOCOL_ICMP, L4_PROTOCOL_RAW, L4_PROTOCOL_SCTP, L4_PROTOCOL_ANY, | ||||
| source | |||||
| destination |
71.1.2.921. VirtualMachineState
| Enum Values |
|---|
| UNKNOWN |
| STOPPED |
| RUNNING |
71.1.2.922. VolumeMountPropagation
| Enum Values |
|---|
| NONE |
| HOST_TO_CONTAINER |
| BIDIRECTIONAL |
71.1.2.923. VulnerabilityExceptionServiceApproveVulnerabilityExceptionBody
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| comment | String | REQUIRED. The rationale for approving the exception. |
71.1.2.924. VulnerabilityExceptionServiceDenyVulnerabilityExceptionBody
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| comment | String | REQUIRED. The rationale for denying the exception. |
71.1.2.925. VulnerabilityExceptionServiceUpdateVulnerabilityExceptionBody
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| comment | String | REQUIRED. The rationale for updating the exception. | |||
| deferralUpdate | |||||
| falsePositiveUpdate |
71.1.2.926. VulnerabilityReportFiltersFixability
| Enum Values |
|---|
| BOTH |
| FIXABLE |
| NOT_FIXABLE |
71.1.2.927. VulnerabilityReportFiltersImageType
| Enum Values |
|---|
| DEPLOYED |
| WATCHED |
71.1.2.928. VulnerabilityRequestCVEs
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| cves |
List of |
These are (NVD) vulnerability identifiers, |
71.1.2.929. VulnerabilityRequestScopeImage
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| registry | String | ||||
| remote | String | ||||
| tag | String |
71.1.2.930. VulnerabilityRequestServiceApproveVulnerabilityRequestBody
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| comment | String |
71.1.2.931. VulnerabilityRequestServiceDenyVulnerabilityRequestBody
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| comment | String |
71.1.2.932. VulnerabilityRequestServiceUpdateVulnerabilityRequestBody
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
| comment | String | ||||
| expiry |
71.1.2.933. WatchImageResponseErrorType
| Enum Values |
|---|
| NO_ERROR |
| INVALID_IMAGE_NAME |
| NO_VALID_INTEGRATION |
| SCAN_FAILED |
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}