swagger: '2.0' ################################################################################ # API Information # ################################################################################ info: description: Secure Docker and Kubernetes based container deployments with the NeuVector run-time security solution. version: '5.3.1' title: NeuVector API contact: email: support@neuvector.com schemes: - https externalDocs: description: Find out more about NeuVector url: 'https://www.suse.com/products/neuvector/' ################################################################################ # Tags # ################################################################################ tags: - name: Admission description: Admission Control - name: Authentication description: Authenticates login or logout - name: Compliance description: Operations about Compliance - name: Controller description: Operations about Controller - name: DLP description: Operations about DLP - name: Namespace description: Operations about Namespace - name: Enforcer description: Operations about Enforcer - name: EULA description: End-User License Agreement - name: File description: Operations about File - name: File Monitor description: Operations about File Monitor - name: Group description: Operations about Group - name: Host description: Operations about Host - name: Log description: Operations about Log - name: Policy description: Operations about Policy - name: Process description: Operations about Process Profile - name: Response Rule description: Operations about Response Rule - name: Scan description: Operations about Scan - name: Server description: Operations about Server - name: Cloud description: Operations about Cloud - name: Service description: Operations about Service - name: Sniffer description: Operations about Sniffer - name: System description: Operations about System - name: User description: Operations about User - name: Vulnerability description: Operations about Vulnerability management - name: WAF Rule description: Operations about waf Rule - name: Container description: Operations about Container - name: Federation description: Operations about Federation ################################################################################ # Paths # ################################################################################ paths: /v1/admission/options: get: tags: - Admission summary: Get a list of admission options security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTAdmissionConfigData' /v1/admission/rule/{id}: get: tags: - Admission summary: Show an admission rule security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: id description: Rule ID required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTAdmissionRuleData' delete: tags: - Admission summary: Delete an admission rule security: - ApiKeyAuth: [] - TokenAuth: [] parameters: - in: path name: id description: Rule ID required: true type: string responses: '200': description: Success /v1/admission/rule: post: tags: - Admission summary: Add admission control rule security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: Admission rule data required: true schema: $ref: '#/definitions/RESTAdmissionRuleConfigData' responses: '200': description: Success schema: $ref: '#/definitions/RESTAdmissionRuleData' patch: tags: - Admission summary: Update admission rule security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: Admission rule data required: true schema: $ref: '#/definitions/RESTAdmissionRuleConfigData' responses: '200': description: Success /v1/admission/rule/promote: post: tags: - Admission summary: Promote admission control rule security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: Admission control rule data required: true schema: $ref: '#/definitions/RESTAdmCtrlPromoteRequestData' responses: '200': description: Success /v1/admission/rules: get: tags: - Admission summary: Get a list of admission rules security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: query name: scope type: string required: false enum: - fed - local description: "When set to fed, returned fed admission rules. When set to local, returned local admission rules. If there is no query string 'scope', all admission rules will be returned." responses: '200': description: Success schema: $ref: '#/definitions/RESTAdmissionRulesData' delete: tags: - Admission summary: Delete all admission rules security: - ApiKeyAuth: [] - TokenAuth: [] parameters: - in: query name: scope type: string required: false enum: - fed - local description: "When set to fed, fed admission rules get removed. When set to local or no query string, local admission rules will be removed." responses: '200': description: Success /v1/admission/state: get: tags: - Admission summary: Get admission state security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTAdmissionConfigData' '404': description: Operation not allowed schema: $ref: '#/definitions/RESTError' patch: tags: - Admission summary: Update admission state security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: Admission config state data required: true schema: $ref: '#/definitions/RESTAdmissionConfigData' responses: '200': description: Success '404': description: Operation not allowed schema: $ref: '#/definitions/RESTError' /v1/admission/stats: get: tags: - Admission summary: Get admission control statistics security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTAdmissionStatsData' /v1/assess/admission/rule: post: tags: - Admission summary: Test admission control rules security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: Admission rule data required: true schema: $ref: '#/definitions/RESTAdmissionRuleConfigData' responses: '200': description: Success schema: $ref: '#/definitions/RESTAdmCtrlRulesTestResults' /v1/auth: post: tags: - Authentication summary: Login Authentication consumes: - application/json produces: - application/json parameters: - in: body name: body description: User login data required: true schema: $ref: '#/definitions/RESTAuthData' responses: '200': description: Success schema: $ref: '#/definitions/RESTTokenData' '401': description: Authentication failed schema: $ref: '#/definitions/RESTError' patch: tags: - Authentication summary: Keep login session alive security: - ApiKeyAuth: [] - TokenAuth: [] responses: '200': description: Success delete: tags: - Authentication summary: Logout current logged in user security: - ApiKeyAuth: [] - TokenAuth: [] responses: '200': description: Success '408': description: Authentication failed schema: $ref: '#/definitions/RESTError' /v1/auth/{server}: post: tags: - Authentication summary: Authenticate to specified server security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: server description: Name of the specified server required: true type: string - in: body name: body description: User login data required: true schema: $ref: '#/definitions/RESTAuthData' responses: '200': description: Success /v1/bench/host/{id}/docker: get: tags: - Compliance summary: Docker bench security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: id description: Host ID required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTBenchReport' post: tags: - Compliance summary: Docker bench run security: - ApiKeyAuth: [] - TokenAuth: [] parameters: - in: path name: id description: Host ID required: true type: string responses: '200': description: Success /v1/bench/host/{id}/kubernetes: get: tags: - Compliance summary: Kubernetes bench security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: id description: Host ID required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTBenchReport' post: tags: - Compliance summary: Kubernetes bench run security: - ApiKeyAuth: [] - TokenAuth: [] parameters: - in: path name: id description: Host ID required: true type: string responses: '200': description: Success /v1/compliance/profile: get: tags: - Compliance summary: Get compliance profile list security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTComplianceProfilesData' /v1/compliance/profile/{name}: get: tags: - Compliance summary: Get compliance profile detail security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: name description: Profile name required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTComplianceProfileData' patch: tags: - Compliance summary: Configure compliance profile security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: name description: Compliance profile name required: true type: string - in: body name: body description: Compliance profile config data required: true schema: $ref: '#/definitions/RESTComplianceProfileConfigData' responses: '200': description: Success /v1/compliance/profile/{name}/entry/{check}: patch: tags: - Compliance summary: Configure compliance profile entry security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: name description: Compliance profile name required: true type: string - in: path name: check description: Compliance profile entry check name required: true type: string - in: body name: body description: Compliance profile entry data required: true schema: $ref: '#/definitions/RESTComplianceProfileEntryConfigData' responses: '200': description: Success delete: tags: - Compliance summary: Delete compliance profile entry security: - ApiKeyAuth: [] - TokenAuth: [] parameters: - in: path name: name description: Compliance profile name required: true type: string - in: path name: check description: Compliance profile entry check name required: true type: string responses: '200': description: Success /v1/file/compliance/profile: post: tags: - File summary: Export compliance profile as a yaml format. The exported yaml file can be imported by CRD or REST API to update the compliance profile. security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: header name: X-Auth-Token required: true type: string - in: body name: body description: Names of profiles to export schema: $ref: '#/definitions/RESTCompProfilesExport' responses: '200': description: Success. Get a yaml file. /v1/file/compliance/profile/config: post: tags: - compliance profile. The payload body is the content of the compliance profile yaml file. summary: import compliance profile security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - 'application/json' - 'text/plain; charset=utf-8' parameters: - in: header name: X-Auth-Token required: true type: string - in: header name: X-Transaction-ID required: false type: string - in: body name: body description: compliance profile yaml file required: true schema: type: string responses: '200': description: Success /v1/controller: get: tags: - Controller summary: Get a list of controllers security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTController' /v1/controller/{id}: get: tags: - Controller summary: Show controller security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: id description: Controller ID required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTControllerData' patch: tags: - Controller summary: Update controller security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: id description: Controller ID required: true type: string - in: body name: body description: Controller update data required: true schema: $ref: '#/definitions/RESTControllerConfigData' responses: '200': description: Success /v1/controller/{id}/stats: get: tags: - Controller summary: Controller get system statistics security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: id description: Controller ID required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTWorkloadStatsData' /v1/controller/{id}/config: get: tags: - Controller summary: Controller get configure security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: id description: Controller ID required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTControllerConfigData' /v1/custom_check: get: tags: - Compliance summary: Get custom check scripts of all groups security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTCustomCheckListData' /v1/custom_check/{group}: get: tags: - Compliance summary: GET custom check scripts of the specified group security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: group description: Script config name required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTCustomCheckData' patch: tags: - Compliance summary: Update custom check scripts of the specified group security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: group description: Script config name required: true type: string - in: body name: body description: Script config data required: true schema: $ref: '#/definitions/RESTCustomCheckConfigData' responses: '200': description: Success /v1/dlp/sensor: get: tags: - DLP summary: Get DLP sensors security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTDlpSensorsData' post: tags: - DLP summary: Create DLP sensor security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: Sensor data required: true schema: $ref: '#/definitions/RESTDlpSensorConfigData' responses: '200': description: Success /v1/dlp/sensor/{name}: get: tags: - DLP summary: Get DLP sensor detail security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: name description: Sensor name required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTDlpSensorData' patch: tags: - DLP summary: Configure DLP sensor security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: name description: Sensor name required: true type: string - in: body name: body description: Sensor data required: true schema: $ref: '#/definitions/RESTDlpSensorConfigData' responses: '200': description: Success delete: tags: - DLP summary: Delete DLP sensor security: - ApiKeyAuth: [] - TokenAuth: [] parameters: - in: path name: name description: Sensor name required: true type: string responses: '200': description: Success /v1/dlp/group: get: tags: - DLP summary: Get DLP group list security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTDlpGroupsData' /v1/dlp/group/{name}: get: tags: - DLP summary: Get DLP group detail security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: name description: DLP group name required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTDlpGroupData' patch: tags: - DLP summary: Configure DLP group security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: name description: DLP group name required: true type: string - in: body name: body description: DLP group data required: true schema: $ref: '#/definitions/RESTDlpGroupConfigData' responses: '200': description: Success /v1/dlp/rule: get: tags: - DLP summary: Get all DLP rules security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTDlpRulesData' /v1/dlp/rule/{name}: get: tags: - DLP summary: Get DLP rule security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: name description: DLP rule name required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTDlpRuleData' /v1/domain: get: tags: - Namespace summary: Get Namespace list security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTDomainsData' patch: tags: - Namespace summary: Configure Namespace setting security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: Namespace update data required: true schema: $ref: '#/definitions/RESTDomainConfigData' responses: '200': description: Success /v1/domain/{name}: patch: tags: - Namespace summary: Update namespace security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: name description: namespace name required: true type: string - in: body name: body description: Namespace update data required: true schema: $ref: '#/definitions/RESTDomainEntryConfigData' responses: '200': description: Success /v1/enforcer: get: tags: - Enforcer summary: Get a list of enforcers security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTAgentsData' /v1/enforcer/{id}: get: tags: - Enforcer summary: Show enforcer security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: id description: Enforcer ID required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTAgentData' patch: tags: - Enforcer summary: Update enforcer security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: id description: Enforcer ID required: true type: string - in: body name: body description: Enforcer update data required: true schema: $ref: '#/definitions/RESTAgentConfigData' responses: '200': description: Success /v1/enforcer/{id}/stats: get: tags: - Enforcer summary: Get enforcer statistics security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: id description: Enforcer ID required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTAgentStatsData' /v1/enforcer/{id}/config: get: tags: - Enforcer summary: Enforcer get configure security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: id description: Enforcer ID required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTAgentConfigData' /v1/eula: get: tags: - EULA summary: Get EULA agreement acceptance status produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTEULAData' post: tags: - EULA summary: Accept EULA agreement security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: EULA data required: true schema: $ref: '#/definitions/RESTEULAData' responses: '200': description: Success /v1/file/admission: post: tags: - File summary: Export admission control configuration as a yaml format. The exported yaml file can be imported by CRD or REST API to update the admission control settings. security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: query name: scope type: string required: false enum: - local description: "It exports the admission control rules & state configurations when the scope is local." - in: body name: body description: Configuration data required: true schema: $ref: '#/definitions/RESTAdmCtrlRulesExport' responses: '200': description: Success. Get a yaml file. /v1/file/admission/config: post: tags: - File description: Importing admission config. The payload body is the content of the admission config yaml file. summary: import admission config security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - 'application/json' - 'text/plain; charset=utf-8' parameters: - in: header name: X-Transaction-ID required: false type: string - in: body name: body description: admission config yaml file required: true schema: type: string responses: '200': description: Success /v1/file/config: get: tags: - File summary: Download a configure file security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success. Get a configure file. post: tags: - File summary: Upload configure file security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - multipart/form-data parameters: - in: header name: X-Transaction-ID required: false type: string - in: formData type: file name: configuration description: a yaml configure file responses: '200': description: Success. Upload a configure file. /v1/file/dlp: post: tags: - File summary: Export DLP configuration as a yaml format security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: query name: scope type: string required: false enum: - local description: "It exports the DLP configurations when the scope is local." - in: body name: body description: Configuration data required: true schema: $ref: '#/definitions/RESTDlpSensorExport' responses: '200': description: Success. Get a yaml file. /v1/file/dlp/config: post: tags: - File description: Importing DLP config. The payload body is the content of the DLP config yaml file. summary: import DLP config security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - 'application/json' - 'text/plain; charset=utf-8' parameters: - in: header name: X-Transaction-ID required: false type: string - in: body name: body description: DLP config yaml file required: true schema: type: string responses: '200': description: Success /v1/file/vulnerability/profile: post: tags: - File summary: Export vulnerability profile as a yaml format. The exported yaml file can be imported by CRD or REST API to update the compliance profile. security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: header name: X-Auth-Token required: true type: string - in: body name: body description: Names of profiles to export schema: $ref: '#/definitions/RESTVulnProfilesExport' responses: '200': description: Success. Get a yaml file. /v1/file/vulnerability/profile/config: post: tags: - compliance profile. The payload body is the content of the vulnerability profile yaml file. summary: import compliance profile security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - 'application/json' - 'text/plain; charset=utf-8' parameters: - in: header name: X-Auth-Token required: true type: string - in: header name: X-Transaction-ID required: false type: string - in: body name: body description: compliance profile yaml file required: true schema: type: string responses: '200': description: Success /v1/file/waf: post: tags: - File summary: Export waf configuration as a yaml format security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: query name: scope type: string required: false enum: - local description: "It exports the waf configurations when the scope is local." - in: body name: body description: Configuration data required: true schema: $ref: '#/definitions/RESTWafSensorExport' responses: '200': description: Success. Get a yaml file. /v1/file/waf/config: post: tags: - File description: Importing waf config. The payload body is the content of the waf config yaml file. summary: import waf config security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - 'application/json' - 'text/plain; charset=utf-8' parameters: - in: header name: X-Transaction-ID required: false type: string - in: body name: body description: waf config yaml file required: true schema: type: string responses: '200': description: Success /v1/file/group: get: tags: - File summary: (Obsolete, please use POST method.) Export the yaml format configuration file ( used for CRD or group policy ). security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: body name: body description: Configuration data required: true schema: $ref: '#/definitions/RESTGroupExport' responses: '200': description: Success. Get a yaml file. post: tags: - File summary: Export configuration as the yaml format ( used for CRD or group policy ) security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: Configuration data required: true schema: $ref: '#/definitions/RESTGroupExport' responses: '200': description: Success. Get a yaml file. /v1/file/group/config: get: tags: - File summary: Get import status security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTImportTaskData' post: tags: - File description: Importing group policy. The payload body is the content of the group policy yaml file. summary: import group policy security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - 'application/json' - 'text/plain; charset=utf-8' parameters: - in: header name: X-Transaction-ID required: false type: string - in: query name: scope type: string required: false enum: - local description: "When set the scope to be local, it will import local group policy. If there is no query string 'scope', it will use 'local' as the default value." - in: body name: body description: group policy yaml file required: true schema: type: string responses: '200': description: Success /v1/file_monitor: get: tags: - File Monitor summary: Get a list of file monitors security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: query name: scope type: string required: false enum: - fed - local description: "When set to fed, returned fed file monitor list. When set to local, returned local file monitor list. If there is no query string 'scope', all file monitor list will be returned." responses: '200': description: Success schema: $ref: '#/definitions/RESTFileMonitorFileData' /v1/file_monitor/{name}: get: tags: - File Monitor summary: Show file monitor security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: name description: File monitor name required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTFileMonitorFile' patch: tags: - File Monitor summary: Update file monitor security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: name description: File monitor name required: true type: string - in: body name: body description: File monitor update data required: true schema: $ref: '#/definitions/RESTFileMonitorConfigData' responses: '200': description: Success /v1/group: get: tags: - Group summary: Get a list of groups security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: query name: scope type: string required: false enum: - fed - local description: "When set to fed, returned fed groups. When set to local, returned local groups. If there is no query string 'scope', all groups will be returned." responses: '200': description: Success schema: $ref: '#/definitions/RESTGroupsData' post: tags: - Group summary: Create group security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: Group data required: true schema: $ref: '#/definitions/RESTGroupConfigData' responses: '200': description: Success '400': description: Error schema: $ref: '#/definitions/RESTError' /v1/group/{name}: get: tags: - Group summary: Show group security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: name description: Group name required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTGroupData' patch: tags: - Group summary: Update group security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: name description: Group name required: true type: string - in: body name: body description: Group update data required: true schema: $ref: '#/definitions/RESTGroupConfigData' responses: '200': description: Success delete: tags: - Group summary: Delete group security: - ApiKeyAuth: [] - TokenAuth: [] parameters: - in: path name: name description: Group name required: true type: string responses: '200': description: Success /v1/host: get: tags: - Host summary: Get a list of hosts security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTHostsData' /v1/host/{id}: get: tags: - Host summary: Show host security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: id description: Host ID required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTHostData' /v1/host/{id}/compliance: get: tags: - Host summary: Show host compliance report security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: id description: Host ID required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTComplianceData' /v1/log/activity: get: tags: - Log summary: Get activity list security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTEventsData' /v1/log/audit: get: tags: - Log summary: Get a list of audits security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTAuditsData' /v1/log/event: get: tags: - Log summary: Get a list of events security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTEventsData' /v1/log/incident: get: tags: - Log summary: Get a list of incidents security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTIncidentsData' /v1/log/threat: get: tags: - Log summary: Get a list of threats security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTThreatsData' /v1/log/threat/{id}: get: tags: - Log summary: Show threat security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: id description: Threat ID required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTThreatData' /v1/log/violation: get: tags: - Log summary: Get a list of violations security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTPolicyViolationsData' /v1/log/violation/workload: get: tags: - Log summary: Get violation workloads security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTPolicyViolationsWLData' /v1/log/security: get: tags: - Log summary: Get security event list security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTSecurityData' /v1/password_profile: get: tags: - User summary: Get password profile list security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTPwdProfilesData' /v1/password_profile/{name}: get: tags: - User summary: Get password profile security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: name description: Password profile name required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTPwdProfileData' patch: tags: - User summary: Configure password profile security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: name description: Password profile name required: true type: string - in: body name: body description: Password profile data required: true schema: $ref: '#/definitions/RESTPwdProfileConfigData' responses: '200': description: Success /v1/policy/rule: get: tags: - Policy summary: Get a list of policy rules security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: query name: scope type: string required: false enum: - fed - local description: "When set to fed, returned fed policy rules. When set to local, returned local policy rules. If there is no query string 'scope', all policy rules will be returned." responses: '200': description: Success schema: $ref: '#/definitions/RESTPolicyRulesData' patch: tags: - Policy summary: Policy rule action security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: Policy rule action data required: true schema: $ref: '#/definitions/RESTPolicyRuleActionData' - in: query name: scope type: string required: false enum: - fed - local description: "When set to fed, fed policy rules get created. When set to local or no query string, local policy rules get created." responses: '200': description: Success delete: tags: - Policy summary: Delete all policy rules security: - ApiKeyAuth: [] - TokenAuth: [] parameters: - in: query name: scope type: string required: false enum: - fed - local description: "When set to fed, fed policy rules get removed. When set to local or no query string, local policy rules get removed." responses: '200': description: Success /v1/policy/rule/{id}: get: tags: - Policy summary: Show policy rule security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: id description: Rule ID required: true type: integer format: uint32 responses: '200': description: Success schema: $ref: '#/definitions/RESTPolicyRuleData' '400': description: Error schema: $ref: '#/definitions/RESTError' '404': description: Error schema: $ref: '#/definitions/RESTError' patch: tags: - Policy summary: Update policy rule security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: id description: Rule ID required: true type: integer format: uint32 - in: body name: body description: Policy rule update data required: true schema: $ref: '#/definitions/RESTPolicyRuleConfigData' responses: '200': description: Success delete: tags: - Policy summary: Delete policy rule security: - ApiKeyAuth: [] - TokenAuth: [] parameters: - in: path name: id description: Rule ID required: true type: integer format: uint32 responses: '200': description: Success /v1/policy/rules/promote: post: tags: - Policy summary: Promote policy security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: Policy promote data required: true schema: $ref: '#/definitions/RESTPolicyPromoteRequestData' responses: '200': description: Success /v1/process_profile: get: tags: - Process summary: Get a list of process profiles security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: query name: scope type: string required: false enum: - fed - local description: "When set to fed, returned fed process profiles. When set to local, returned local process profiles. If there is no query string 'scope', all process profiles will be returned." responses: '200': description: Success schema: $ref: '#/definitions/RESTProcessProfilesData' /v1/process_profile/{name}: get: tags: - Process summary: Get a process profile security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: name description: Process profile name required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTProcessProfileData' patch: tags: - Process summary: Update a process profile security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: name description: Process profile name required: true type: string - in: body name: body description: Process profile configure data required: true schema: $ref: '#/definitions/RESTProcessProfileConfigData' responses: '200': description: Success /v1/process_rules/{uuid}: get: tags: - Process summary: Get a process rule security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: uuid description: Process rule uuid required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTProcessRulesResp' /v1/response/rule: get: tags: - Response Rule summary: Get a list of response rules security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: query name: scope type: string required: false enum: - fed - local description: "When set to fed, returned fed response rules. When set to local, returned local response rules. If there is no query string 'scope', all response rules will be returned." responses: '200': description: Success schema: $ref: '#/definitions/RESTResponseRulesData' patch: tags: - Response Rule summary: Update response rule action security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: Response rule action data required: true schema: $ref: '#/definitions/RESTResponseRuleActionData' responses: '200': description: Success delete: tags: - Response Rule summary: Delete all response rules security: - ApiKeyAuth: [] - TokenAuth: [] parameters: - in: query name: scope type: string required: false enum: - fed - local description: "When set to fed, all fed response rules get removed. When set to local or no query string, local response rules will be removed." responses: '200': description: Success /v1/response/rule/{id}: get: tags: - Response Rule summary: Get a response rule security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: id description: Rule ID required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTResponseRuleData' patch: tags: - Response Rule summary: Update a response rule security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: id description: Rule ID required: true type: string - in: body name: body description: Response rule data required: true schema: $ref: '#/definitions/RESTResponseRuleConfigData' responses: '200': description: Success delete: tags: - Response Rule summary: Delete a response rule security: - ApiKeyAuth: [] - TokenAuth: [] parameters: - in: path name: id description: Rule ID required: true type: string responses: '200': description: Success /v1/response/workload_rules/{id}: get: tags: - Response Rule summary: Get response rule workload security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: id description: Workload rules ID required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTResponseRulesData' /v1/scan/scanner: get: tags: - Scan summary: Get scanner list security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTScannerData' /v1/scan/config: get: tags: - Scan summary: Get scan configure security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTScanConfigData' patch: tags: - Scan summary: Update scan configure security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: Scan configure data required: true schema: $ref: '#/definitions/RESTScanConfigData' responses: '200': description: Success /v1/scan/host/{id}: get: tags: - Scan summary: Get host scan report security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: id description: Host ID required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTScanReportData' post: tags: - Scan summary: Start host scan security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: id description: Host ID required: true type: string responses: '200': description: Success /v1/scan/image: get: tags: - Scan summary: Get scan image summary security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTScanImageSummaryData' /v1/scan/image/{id}: get: tags: - Scan summary: Get image scan report security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: id description: Image id required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTScanReportData' /v1/scan/platform: get: tags: - Scan summary: Show scan platform summary security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTScanPlatformSummaryData' /v1/scan/platform/platform: get: tags: - Scan summary: Show scan platform report security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTScanReportData' post: tags: - Scan summary: Request scan platform security: - ApiKeyAuth: [] - TokenAuth: [] responses: '200': description: Success /v1/scan/registry: get: tags: - Scan summary: Get a list of registries security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: query name: scope type: string required: false enum: - fed - local description: "When set to fed, returned fed registries. When set to local, returned local-defined registries. If there is no query string 'scope', all registries will be returned." responses: '200': description: Success schema: $ref: '#/definitions/RESTRegistrySummaryListData' post: tags: - Scan summary: Create a registry security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: Registry data required: true schema: $ref: '#/definitions/RESTRegistryConfigData' responses: '200': description: Success /v2/scan/registry: post: tags: - Scan summary: Create a registry security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: Registry data required: true schema: $ref: '#/definitions/RESTRegistryConfigDataV2' responses: '200': description: Success /v1/scan/registry/{name}: get: tags: - Scan summary: Show registry security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: name description: Name of the registry required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTRegistrySummaryData' patch: tags: - Scan summary: Update registry security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: name description: Name of the registry required: true type: string - in: body name: body description: Registry data required: true schema: $ref: '#/definitions/RESTRegistryConfigData' responses: '200': description: Success delete: tags: - Scan summary: Delete registry security: - ApiKeyAuth: [] - TokenAuth: [] parameters: - in: path name: name description: Name of the registry required: true type: string responses: '200': description: Success /v2/scan/registry/{name}: patch: tags: - Scan summary: Update registry security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: name description: Name of the registry required: true type: string - in: body name: body description: Registry data required: true schema: $ref: '#/definitions/RESTRegistryConfigDataV2' responses: '200': description: Success /v1/scan/registry/{name}/images: get: tags: - Scan summary: Show registry image summary security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: name description: Name of the registry required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTRegistryImageSummaryData' /v1/scan/registry/{name}/image/{id}: get: tags: - Scan summary: Get registry image scan report security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: name description: Name of the registry required: true type: string - in: path name: id description: Image ID required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTScanReportData' /v1/scan/registry/{name}/layers/{id}: get: tags: - Scan summary: Show registry layers report security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: name description: Name of the registry required: true type: string - in: path name: id description: Layer ID required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTScanLayersReportData' /v1/scan/registry/{name}/scan: post: tags: - Scan summary: Start a registry scan security: - ApiKeyAuth: [] - TokenAuth: [] parameters: - in: path name: name description: Name of the registry required: true type: string responses: '200': description: Success delete: tags: - Scan summary: Stop registry scan security: - ApiKeyAuth: [] - TokenAuth: [] parameters: - in: path name: name description: Name of the registry required: true type: string responses: '200': description: Success /v1/scan/repository: post: tags: - Scan summary: Scan repository security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json produces: - application/json parameters: - in: body name: body description: Repository data required: true schema: $ref: '#/definitions/RESTScanRepoReqData' responses: '200': description: Success schema: $ref: '#/definitions/RESTScanRepoReportData' /v1/scan/status: get: tags: - Scan summary: Scan status security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTScanStatusData' /v1/scan/cache_stat/{id}: get: tags: - Scan summary: Get scanner cache statistic data security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: id description: Scanner ID required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTScanCacheStat' /v1/scan/cache_data/{id}: get: tags: - Scan summary: Get scanner cache index data security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: id description: Scanner ID required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTScanCacheData' /v1/scan/workload/{id}: get: tags: - Scan summary: Get container scan report security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: id description: Workload ID required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTScanReportData' post: tags: - Scan summary: Start container scan security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: id description: Workload ID required: true type: string responses: '200': description: Success /v1/scan/sigstore/root_of_trust: get: tags: - Scan summary: Get all sigstore roots of trust security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/REST_SigstoreRootOfTrustCollection' post: tags: - Scan summary: Create new sigstore root of trust security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: Root of Trust Data required: true schema: $ref: '#/definitions/REST_SigstoreRootOfTrust_POST' responses: '200': description: Success /v1/scan/sigstore/root_of_trust/{root_name}: get: tags: - Scan summary: Get single sigstore root of trust by name security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: root_name description: Root Of Trust Name required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/REST_SigstoreRootOfTrust_GET' patch: tags: - Scan summary: Update single sigstore root of trust by name security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: root_name description: Root Of Trust Name required: true type: string - in: body name: body description: Root of Trust Data required: true schema: $ref: '#/definitions/REST_SigstoreRootOfTrust_PATCH' responses: '200': description: Success delete: tags: - Scan summary: Delete single sigstore root of trust by name security: - ApiKeyAuth: [] - TokenAuth: [] parameters: - in: path name: root_name description: Root Of Trust Name required: true type: string responses: '200': description: Success /v1/scan/sigstore/root_of_trust/{root_name}/verifier: get: tags: - Scan summary: Get all sigstore verifiers for given sigstore root of trust security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: root_name description: Root Of Trust Name required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/REST_SigstoreVerifierCollection' post: tags: - Scan summary: Create new sigstore verifier for given sigstore root of trust security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: root_name description: Root Of Trust Name required: true type: string - in: body name: body description: Root of Trust Data required: true schema: $ref: '#/definitions/REST_SigstoreVerifier' responses: '200': description: Success /v1/scan/sigstore/root_of_trust/{root_name}/verifier/{verifier_name}: get: tags: - Scan summary: Get sigstore verifier by name under given sigstore root of trust security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: root_name description: Root Of Trust Name required: true type: string - in: path name: verifier_name description: Verifier Name required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/REST_SigstoreVerifier' patch: tags: - Scan summary: Update sigstore verifier by name under given sigstore root of trust security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: root_name description: Root Of Trust Name required: true type: string - in: path name: verifier_name description: Verifier Name required: true type: string - in: body name: body description: Verifier patch data required: true schema: $ref: '#/definitions/REST_SigstoreVerifier_PATCH' responses: '200': description: Success delete: tags: - Scan summary: Delete sigstore verifier by name under given sigstore root of trust security: - ApiKeyAuth: [] - TokenAuth: [] parameters: - in: path name: root_name description: Root Of Trust Name required: true type: string - in: path name: verifier_name description: Verifier Name required: true type: string responses: '200': description: Success /v1/server: get: tags: - Server summary: Get a list of servers security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTServersData' post: tags: - Server summary: Create server security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: Server data required: true schema: $ref: '#/definitions/RESTServerConfigData' responses: '200': description: Success /v1/server/{name}: get: tags: - Server summary: Show server security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: name description: Name of the server required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTServerData' patch: tags: - Server summary: Update server security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: name description: Name of the server required: true type: string - in: body name: body description: Server data required: true schema: $ref: '#/definitions/RESTServerConfigData' responses: '200': description: Success delete: tags: - Server summary: Delete the server security: - ApiKeyAuth: [] - TokenAuth: [] parameters: - in: path name: name description: Name of the server required: true type: string responses: '200': description: Success /v1/server/{name}/role/{role}: patch: tags: - Server summary: Update server role groups security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: name description: Server name required: true type: string - in: path name: role description: Role name required: true type: string - in: body name: body description: Server role groups update data required: true schema: $ref: '#/definitions/RESTServerRoleGroupsConfigData' responses: '200': description: Success /v1/server/{name}/user: get: tags: - Server summary: Show server user list security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: name description: Name of the server required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTUsersData' /v1/service: get: tags: - Service summary: Get a list of services security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTServicesData' post: tags: - Service summary: Create service security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: Service data required: true schema: $ref: '#/definitions/RESTServiceConfigData' responses: '200': description: Success /v1/service/{name}: get: tags: - Service summary: Show service security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: name description: Service name required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTServiceData' /v1/service/config: patch: tags: - Service summary: Configure service security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: Service configure data required: true schema: $ref: '#/definitions/RESTServiceBatchConfigData' responses: '200': description: Success /v1/service/config/network: patch: tags: - Service summary: Configure services in batch security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: Service configure data required: true schema: $ref: '#/definitions/RESTServiceBatchConfigData' responses: '200': description: Success /v1/service/config/profile: patch: tags: - Service summary: Configure services in batch security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: Service configure data required: true schema: $ref: '#/definitions/RESTServiceBatchConfigData' responses: '200': description: Success /v1/sniffer: get: tags: - Sniffer summary: Get a list of sniffers security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: query name: f_workload required: true type: string description: Workload ID responses: '200': description: Success schema: $ref: '#/definitions/RESTSniffersData' post: tags: - Sniffer summary: Sniffer start security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: query name: f_workload required: true type: string description: Workload ID - in: body name: body description: Sniffer args data required: true schema: $ref: '#/definitions/RESTSnifferArgsData' responses: '200': description: Success /v1/sniffer/{id}: get: tags: - Sniffer summary: Show sniffer security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: id description: Sniffer ID required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTSnifferData' delete: tags: - Sniffer summary: Delete sniffer security: - ApiKeyAuth: [] - TokenAuth: [] parameters: - in: path name: id description: Sniffer ID required: true type: string responses: '200': description: Success /v1/sniffer/stop/{id}: patch: tags: - Sniffer summary: Stop sniffer security: - ApiKeyAuth: [] - TokenAuth: [] parameters: - in: path name: id description: Sniffer ID required: true type: string responses: '200': description: Success /v1/sniffer/{id}/pcap: get: tags: - Sniffer summary: Sniffer get a pcap file security: - ApiKeyAuth: [] - TokenAuth: [] parameters: - in: path name: id description: Sniffer ID required: true type: string responses: '200': description: Success. Get pcap file. /v1/system/summary: get: tags: - System summary: System summary security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTSystemSummaryData' /v1/system/config: get: tags: - System summary: System get configure security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: query name: scope type: string required: false enum: - fed - local description: "When set the scope to be fed, it will return the fed system configures. When set the scope to be local, it will return the local system configures. If there is no query string 'scope', it will return all system configures." responses: '200': description: Success schema: $ref: '#/definitions/RESTSystemConfigData' patch: tags: - System summary: System configure security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: System configure data required: true schema: $ref: '#/definitions/RESTSystemConfigConfigData' responses: '200': description: Success /v2/system/config: get: tags: - System summary: Get system configuration (starting from 5.0, rest client should call this api.) security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: query name: scope type: string required: false enum: - fed - local description: "When set the scope to be fed, it will return the fed system configures. When set the scope to be local, it will return the local system configures. If there is no query string 'scope', it will return all system configures." responses: '200': description: Success schema: $ref: '#/definitions/RESTSystemConfigDataV2' patch: tags: - System summary: System configure (starting from 5.0, rest client should call this api.) security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: System configure data required: true schema: $ref: '#/definitions/RESTSystemConfigConfigDataV2' responses: '200': description: Success /v1/system/config/webhook: post: tags: - System summary: Create system webhook security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: System configure data required: true schema: $ref: '#/definitions/RESTSystemWebhookConfigData' responses: '200': description: Success /v1/system/config/webhook/{name}: patch: tags: - System summary: Configure system webhook security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: name description: System webhook name required: true type: string - in: query name: scope type: string required: false enum: - fed - local description: "When set the scope to be fed, it will update the fed level webhook. When set the scope to be local, it will update the local webhook. If there is no query string 'scope', it will use 'local' as the default value." - in: body name: body description: System configure data required: true schema: $ref: '#/definitions/RESTSystemWebhookConfigData' responses: '200': description: Success delete: tags: - System summary: Delete system webhook security: - ApiKeyAuth: [] - TokenAuth: [] parameters: - in: path name: name description: System webhook name required: true type: string - in: query name: scope type: string required: false enum: - fed - local description: "When set the scope to be fed, it will delete the fed level webhook. When set the scope to be local, it will delete the local webhook. If there is no query string 'scope', it will use 'local' as the default value." responses: '200': description: Success /v1/system/request: post: tags: - System summary: System request security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: System request data required: true schema: $ref: '#/definitions/RESTSystemRequestData' responses: '200': description: Success /v1/system/license: get: tags: - System summary: Show license security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTLicenseShowData' delete: tags: - System summary: Delete license security: - ApiKeyAuth: [] - TokenAuth: [] responses: '200': description: Success /v1/system/license/update: post: tags: - System summary: License update security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: License key required: true schema: $ref: '#/definitions/RESTLicenseKey' responses: '200': description: Success /v1/user: get: tags: - User summary: Gets a list of users security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTUsersData' post: tags: - User summary: Creates a user security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: User information required: true schema: $ref: '#/definitions/RESTUserData' responses: '200': description: Success /v1/user/{fullname}: get: tags: - User summary: Gets a user security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: fullname description: User name required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTUserData' patch: tags: - User summary: Update user security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: fullname description: User name required: true type: string - in: body name: body description: User update data required: true schema: $ref: '#/definitions/RESTUserConfigData' responses: '200': description: Success '403': description: Error schema: $ref: '#/definitions/RESTError' delete: tags: - User summary: Delete user security: - ApiKeyAuth: [] - TokenAuth: [] parameters: - in: path name: fullname description: User name required: true type: string responses: '200': description: Success /v1/user/{fullname}/password: post: tags: - User summary: Configure user login security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: fullname description: User name required: true type: string - in: body name: body description: User password configuration data required: true schema: $ref: '#/definitions/RESTUserPwdConfigData' responses: '200': description: Success /v1/user/{fullname}/role/{role}: patch: tags: - User summary: For CLI to modify one role security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: fullname description: User name required: true type: string - in: path name: role description: Role name required: true type: string - in: body name: body description: User role domain update data required: true schema: $ref: '#/definitions/RESTUserRoleDomainsConfigData' responses: '200': description: Success /v1/user_role: get: tags: - User summary: Get role list security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTUserRolesData' post: tags: - User summary: Creates a role security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: Role information required: true schema: $ref: '#/definitions/RESTUserRoleConfigData' responses: '200': description: Success /v1/user_role/{name}: get: tags: - User summary: Get role details security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: name description: User role name required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTUserRoleData' patch: tags: - User summary: Config a user role security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: name description: User role name required: true type: string - in: body name: body description: User role update data required: true schema: $ref: '#/definitions/RESTUserRoleConfigData' responses: '200': description: Success delete: tags: - User summary: Delete a user role security: - ApiKeyAuth: [] - TokenAuth: [] parameters: - in: path name: name description: User role name required: true type: string responses: '200': description: Success /v1/vulnerability/profile: get: tags: - Vulnerability summary: Get vulnerability profile list security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTVulnerabilityProfilesData' /v1/vulnerability/profile/{name}: get: tags: - Vulnerability summary: Get vulnerability profile detail security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: name description: Profile name required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTVulnerabilityProfileData' patch: tags: - Vulnerability summary: Configure vulnerability profile security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: name description: Vulnerability profile name required: true type: string - in: body name: body description: Vulnerability profile config data required: true schema: $ref: '#/definitions/RESTVulnerabilityProfileConfigData' responses: '200': description: Success /v1/vulnerability/profile/{name}/entry: post: tags: - Vulnerability summary: Create the vulnerability profile entry security: - ApiKeyAuth: [] - TokenAuth: [] parameters: - in: path name: name description: Name of the vulnerability profile entry required: true type: string - in: body name: body description: Vulnerability profile entry data required: true schema: $ref: '#/definitions/RESTVulnerabilityProfileEntryConfigData' responses: '200': description: Success /v1/vulnerability/profile/{name}/entry/{id}: patch: tags: - Vulnerability summary: Configure vulnerability profile entry security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: name description: Vulnerability profile name required: true type: string - in: path name: id description: Vulnerability profile entry id required: true type: integer format: uint32 - in: body name: body description: Vulnerability profile entry data required: true schema: $ref: '#/definitions/RESTVulnerabilityProfileEntryConfigData' responses: '200': description: Success delete: tags: - Vulnerability summary: Delete vulnerability profile entry security: - ApiKeyAuth: [] - TokenAuth: [] parameters: - in: path name: name description: Vulnerability profile name required: true type: string - in: path name: id description: Vulnerability profile entry id required: true type: integer format: uint32 responses: '200': description: Success /v1/waf/sensor: get: tags: - WAF Rule summary: Get waf rule list security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: query name: scope type: string required: false enum: - local description: "The default value is local which returns local waf rule list." responses: '200': description: Success schema: $ref: '#/definitions/RESTWafSensorsData' post: tags: - WAF Rule summary: Create waf sensor security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: Sensor data required: true schema: $ref: '#/definitions/RESTDlpSensorConfigData' responses: '200': description: Success /v1/waf/sensor/{name}: get: tags: - WAF Rule summary: Get waf sensor detail security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: name description: waf sensor name required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTWafSensorData' patch: tags: - WAF Rule summary: Update a waf sensor security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: name description: waf sensor name required: true type: string - in: body name: body description: waf sensor data required: true schema: $ref: '#/definitions/RESTWafSensorConfigData' responses: '200': description: Success delete: tags: - WAF Rule summary: Delete a waf sensor security: - ApiKeyAuth: [] - TokenAuth: [] parameters: - in: path name: name description: waf sensor name required: true type: string responses: '200': description: Success /v1/waf/group: get: tags: - WAF Rule summary: Get waf group list security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: query name: scope type: string required: false enum: - local description: "The default value is local. It returns local waf group list." responses: '200': description: Success schema: $ref: '#/definitions/RESTWafGroupsData' /v1/waf/group/{name}: get: tags: - WAF Rule summary: Get waf group detail security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: name description: waf group name required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTWafGroupData' patch: tags: - WAF Rule summary: Update a waf group security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: name description: waf group name required: true type: string - in: body name: body description: waf group data required: true schema: $ref: '#/definitions/RESTWafGroupConfigData' responses: '200': description: Success /v1/waf/rule: get: tags: - WAF Rule summary: Get waf rule list security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTWafRulesData' /v1/waf/rule/{name}: get: tags: - WAF Rule summary: Get waf rule detail security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: name description: waf rule name required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTWafRuleData' /v1/workload: get: tags: - Container summary: Get container list security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTWorkloadsData' /v2/workload: get: tags: - Container summary: Get container list (starting from 5.0, rest client should call this api.) security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTWorkloadsDataV2' /v1/workload/{id}: get: tags: - Container summary: Get container detail security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: id description: Workload ID required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTWorkloadDetailData' patch: tags: - Container summary: Update Container security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: id description: Container ID required: true type: string - in: body name: body description: Container update data required: true schema: $ref: '#/definitions/RESTWorkloadConfigData' responses: '200': description: Success /v2/workload/{id}: get: tags: - Container summary: Get container detail (starting from 5.0, rest client should call this api.) security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: id description: Workload ID required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTWorkloadDetailDataV2' /v1/workload/{id}/stats: get: tags: - Container summary: get container stats security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: id description: Container ID required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTWorkloadStatsData' /v1/workload/{id}/config: get: tags: - Container summary: Get a container configure security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: id description: container ID required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTWorkloadConfigData' /v1/workload/{id}/process: get: tags: - Container summary: Get a container process security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: id description: Container ID required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTProcessList' '400': description: Container not running schema: $ref: '#/definitions/RESTError' /v1/workload/{id}/process_history: get: tags: - Container summary: Get a container process history security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: id description: Container ID required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTProcessProfileEntry' /v1/workload/{id}/compliance: get: tags: - Container summary: Get a container compliance report security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: id description: Container ID required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTComplianceData' /v1/workload/request/{id}: post: tags: - Container summary: Container request security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: id description: Container ID required: true type: string - in: body name: body description: Container request data required: true schema: $ref: '#/definitions/RESTWorkloadRequestData' responses: '200': description: Success /v1/csp/file/support: post: tags: - File summary: Export support config tarball in gz format security: - ApiKeyAuth: [] - TokenAuth: [] responses: '200': description: Success. Get a tarball gz file. /v1/fed/healthcheck: get: tags: - Federation summary: Health Check of Federate Primary REST server responses: '200': description: Success /v1/api_key: get: tags: - Apikey summary: Gets a list of apikeys security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json responses: '200': description: Success schema: $ref: '#/definitions/RESTApikeysData' post: tags: - Apikey summary: Creates an apikey security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: Apikey information required: true schema: $ref: '#/definitions/RESTApikeyCreationData' responses: '200': description: Success schema: $ref: '#/definitions/RESTApikeyGeneratedData' /v1/api_key/{accesskey}: get: tags: - Apikey summary: Gets an apikey security: - ApiKeyAuth: [] - TokenAuth: [] produces: - application/json parameters: - in: path name: accesskey description: Apikey access key required: true type: string responses: '200': description: Success schema: $ref: '#/definitions/RESTApikeyData' delete: tags: - Apikey summary: Delete apikey security: - ApiKeyAuth: [] - TokenAuth: [] parameters: - in: path name: accesskey description: Apikey access key required: true type: string responses: '200': description: Success /v1/system/config/remote_repository: post: tags: - Remote Repository summary: Create a remote repository. security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: body name: body description: Initial Configuration required: true schema: $ref: '#/definitions/RESTRemoteRepository' responses: '200': description: Created the remote repository. /v1/system/config/remote_repository/{alias}: patch: tags: - Remote Repository summary: Update a remote repository. security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: alias description: The alias of the remote repository to update. required: true type: string - in: body name: body description: Configuration fields to update required: true schema: $ref: '#/definitions/RESTRemoteRepositoryConfigData' responses: '200': description: Updated the remote repository. delete: tags: - Remote Export Repository summary: Delete a remote repository. security: - ApiKeyAuth: [] - TokenAuth: [] consumes: - application/json parameters: - in: path name: alias description: The alias of the remote repository to update. required: true type: string responses: '200': description: Deleted the remote repository. ################################################################################ # Security Definitions # ################################################################################ securityDefinitions: ApiKeyAuth: type: apiKey in: header name: X-Auth-Apikey TokenAuth: type: apiKey in: header name: X-Auth-Token ################################################################################ # Definitions # ################################################################################ definitions: Audit: type: object required: - level - reported_timestamp - reported_at - cluster_name - host_id - host_name - enforcer_id - enforcer_name - base_os - high_vul_cnt - medium_vul_cnt - cvedb_version - message - user - error - aggregation_from - count - platform - platform_version properties: name: type: string example: Container.Managed level: type: string example: INFO reported_timestamp: type: integer format: int64 example: 1516832670 reported_at: type: string format: date-time example: 2018-01-24T22:24:30Z cluster_name: type: string example: cluster1 response_rule_id: type: integer example: 10007 host_id: type: string example: 2AU7:TIEN:O5KX:QK56:LFQP:IJSV:FXBN:QJV7 host_name: type: string example: ubuntu64 enforcer_id: type: string example: bced57295eefbd3f3bd0cf798b6184fa789 enforcer_name: type: string example: allinone workload_id: type: string example: 7df6a19648e2860c89fe12c8d5b1c52079a workload_name: type: string example: "" workload_domain: type: string example: "" workload_image: type: string example: "" workload_service: type: string example: "" image: type: string example: "alpine:3.16.1" image_id: type: string example: d572b7ee3511b21a2b78b8915bc03c5786ad01949704c1418624224c4cae2c5f registry: type: string example: https://registry.hub.docker.com/ registry_name: type: string example: "" repository: type: string example: alpine tag: type: string example: latest base_os: type: string example: ubuntu:16.04 high_vul_cnt: type: integer example: 1 medium_vul_cnt: type: integer example: 1 high_vuls: type: array items: type: string example: "" medium_vuls: type: array items: type: string example: "" cvedb_version: type: string example: "1.011" message: type: string example: "" user: type: string example: root error: type: string example: "Request failed" aggregation_from: type: integer format: int64 example: 1516832670 count: type: integer example: 10 items: type: array items: type: string example: "" platform: type: string example: "" platform_version: type: string example: "" packages: type: array items: type: string example: "" package_ver: type: string fixed_ver: type: string score: type: number format: float32 example: 7.3 score_v3: type: number format: float32 example: 7.3 vectors: type: string vectors_v3: type: string link: type: string description: type: string pub_date: type: string last_mod_date: type: string image_layer_digest: type: string example: "sha256:08614570918e6832c44397cc7bce8037f07a8e2b87aec19d57a3da5eff274c7b" cmds: type: string Event: type: object required: - level - reported_timestamp - reported_at - cluster_name - host_id - host_name - enforcer_id - enforcer_name - controller_id - controller_name - workload_id - workload_name - workload_domain - workload_image - workload_service - category - user - user_roles - user_addr - user_session - message properties: name: type: string example: Container.Managed level: type: string example: INFO reported_timestamp: type: integer format: int64 example: 1516832670 reported_at: type: string format: date-time example: 2018-01-24T22:24:30Z cluster_name: type: string example: cluster1 response_rule_id: type: integer example: 10009 host_id: type: string example: QK56:LFQP:IJSV:FXBN:QJV7:5MBB:6PL5 host_name: type: string example: ubuntu64 enforcer_id: type: string example: bced57295eefbd3f3bd0cf798b6184fa789 enforcer_name: type: string example: allinone controller_id: type: string example: "" controller_name: type: string example: "" workload_id: type: string example: 7df6a19648e2860c89fe12c8d5b1c52079a workload_name: type: string example: kafkadocker_zookeeper_1 workload_domain: type: string example: "" workload_image: type: string example: zookeeper workload_service: type: string example: "" category: type: string example: WORKLOAD user: type: string example: user user_roles: type: object description: map key is domain(string type) additionalProperties: type: string example: domain1: admin domain2: reader user_addr: type: string example: "" user_session: type: string example: "" rest_method: type: string example: "" rest_request: type: string example: "" rest_body: type: string example: "" enforcer_limit: type: integer example: 0 license_expire: type: string example: "" message: type: string example: "Start managing container kafkadocker_zookeeper_1" GroupRoleMapping: type: object required: - group - global_role properties: group: type: string example: "Domain Admins" global_role: type: string example: admin role_domains: type: object description: Object key is role and value is array of domains additionalProperties: type: array items: type: string example: ["domain1", "domain2"] Incident: type: object required: - name - level - reported_timestamp - reported_at - cluster_name - response_rule_id - host_id - host_name - enforcer_id - enforcer_name - id - workload_id - workload_name - workload_domain - workload_image - workload_service - remote_workload_id - remote_workload_name - remote_workload_domain - remote_workload_image - remote_workload_service - proc_name - proc_path - proc_cmd - proc_real_uid - proc_effective_uid - proc_real_user - proc_effective_user - file_path - file_name - client_ip - server_ip - client_port - server_port - server_conn_port - ether_type - ip_proto - conn_ingress - proc_parent_name - proc_parent_path - action - group - rule_id - aggregation_from - count - message properties: name: type: string example: Host.Suspicious.Process level: type: string example: WARNING reported_timestamp: type: integer format: int64 example: 1515020888 reported_at: type: string format: date-time example: 2018-01-03T23:08:08Z cluster_name: type: string example: cluster1 response_rule_id: type: integer example: 10006 host_id: type: string example: ubuntu64:ZYA3:UZL5:2WOT:QYEF:SLVT:LIBD host_name: type: string example: ubuntu64 enforcer_id: type: string example: a928be54f34fbb696426890a7249c067 enforcer_name: type: string example: allinone id: type: string example: e6e19591-75a0-43e9-bebb-145d588e6718 workload_id: type: string example: 83e76eabd68494649440fa0a35451315289c70eb3094454e419952dffaa7715a workload_name: type: string example: iperfserver workload_domain: type: string example: "" workload_image: type: string example: iperfserver workload_service: type: string example: iperfserver remote_workload_id: type: string example: external remote_workload_name: type: string example: iperfclient remote_workload_domain: type: string example: "" remote_workload_image: type: string example: iperfclient remote_workload_service: type: string example: iperfclient proc_name: type: string example: nc proc_path: type: string example: /bin/nc.traditional proc_cmd: type: string example: "./dns_tunneling/iodine/bin/iodine -f -r 172.17.0.3 -P" proc_real_uid: type: integer example: 1000 proc_effective_uid: type: integer example: 1000 proc_real_user: type: string example: test proc_effective_user: type: string example: root file_path: type: string example: "" file_name: type: array items: type: string example: "" client_ip: type: string example: 192.168.1.62 server_ip: type: string example: 10.1.4.3 client_port: type: integer format: uint16 example: 56564 server_port: type: integer format: uint16 example: 80 server_conn_port: type: integer format: uint16 example: 80 ether_type: type: integer format: uint16 example: 2048 ip_proto: type: integer format: uint8 example: 6 conn_ingress: type: boolean example: false proc_parent_name: type: string example: sh proc_parent_path: type: string example: /bin/dash action: type: string example: violate group: type: string example: nv.iperfserver rule_id: type: string example: 00000000-0000-0000-0000-000000000001 aggregation_from: type: integer format: int64 example: 1515020888 count: type: integer example: 1 message: type: string example: "dns tunneling" RESTAdmCatOptions: type: object properties: k8s_options: $ref: '#/definitions/RESTAdmRuleOptions' RESTAdmCtrlPromoteRequest: type: object required: - ids properties: ids: type: array items: type: integer format: uint32 example: 12 RESTAdmCtrlPromoteRequestData: type: object required: - request properties: request: $ref: '#/definitions/RESTAdmCtrlPromoteRequest' RESTAdmCtrlRulesExport: type: object properties: export_config: type: boolean example: true ids: type: array items: type: integer format: uint32 example: 12 remote_export_options: $ref: '#/definitions/RESTRemoteExportOptions' RESTAdmCtrlTestRuleInfo: type: object required: - container_image - id - disabled - type - mode - rule_details - rule_cfg_type properties: container_image: type: string description: the tested container image in the pod id: type: integer format: uint32 example: 10001 disabled: type: boolean example: false type: type: string enum: [allow, deny] mode: type: string description: per-rule mode enum: ["monitor","protect",""] rule_details: type: string example: "It matches deny rule id 1000 with criteria: (allow privilege escalation = true)" rule_cfg_type: type: string enum: [federal, ground, user_created] RESTAdmCtrlRulesTestResult: type: object required: - index - name - kind - message - matched_rules - allowed properties: index: type: integer example: 1 name: type: string example: iperfserver kind: type: string example: Deployment message: type: string example: " Creation of Kubernetes Deployment is allowed [Notice: the requested image(s) are not scanned: quay.io/nvlab/iperf]." matched_rules: type: array items: $ref: '#/definitions/RESTAdmCtrlTestRuleInfo' allowed: type: boolean example: false RESTAdmCtrlRulesTestResults: type: object properties: props_unavailable: type: array items: type: string example: ["user", "userGroups"] global_mode: type: string enum: ["monitor","protect", ""] results: type: array items: $ref: '#/definitions/RESTAdmCtrlRulesTestResult' RESTAdmissionConfigData: type: object required: - k8s_env properties: state: $ref: '#/definitions/RESTAdmissionState' admission_options: $ref: '#/definitions/RESTAdmRuleTypeOptions' k8s_env: type: boolean example: false admission_custom_criteria_options: $ref: '#/definitions/RESTAdminCustomCriteriaOptions' admission_custom_criteria_templates: $ref: '#/definitions/RESTAdminCriteriaTemplate' predefined_risky_roles: type: array items: type: string example: ["risky_role_view_secret", "risky_role_create_pod"] RESTAdmissionRule: type: object required: - id - category - comment - criteria - disable - critical - cfg_type - rule_type - rule_mode - containers properties: id: type: integer format: uint32 example: 2 category: type: string example: Kubernetes comment: type: string example: "Do not delete this exception rule" criteria: type: array items: $ref: '#/definitions/RESTAdmRuleCriterion' disable: type: boolean example: false critical: type: boolean example: false cfg_type: type: string enum: [user_created, ground, federal] rule_type: type: string enum: [exception, deny] rule_mode: type: string enum: ["", monitor, protect] containers: type: array items: type: string enum: [containers, init_containers, ephemeral_containers] RESTAdmissionRuleConfig: type: object required: - id - category - cfg_type - rule_type - containers properties: id: type: integer format: uint32 example: 1 category: type: string example: Kubernetes comment: type: string example: comment criteria: type: array items: $ref: '#/definitions/RESTAdmRuleCriterion' disable: type: boolean example: true actions: type: array items: type: string example: "" cfg_type: type: string enum: [user_created, ground, federal] rule_type: type: string enum: [exception, deny] rule_mode: type: string enum: ["", monitor, protect] containers: type: array items: type: string enum: [containers, init_containers, ephemeral_containers] RESTAdmissionRuleConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTAdmissionRuleConfig' RESTAdmissionRuleData: type: object required: - rule properties: rule: $ref: '#/definitions/RESTAdmissionRule' RESTAdmissionRulesData: type: object required: - rules properties: rules: type: array items: $ref: '#/definitions/RESTAdmissionRule' RESTAdmissionRuleOption: type: object required: - name - ops properties: name: type: string example: group ops: type: array items: type: string example: - containsAny - containsAll - = values: type: array items: type: string example: - "" - "true" - "false" match_src: type: string example: yaml sub_options: type: object properties: rule: type: string example: criterion_name options: $ref: '#/definitions/RESTAdmissionRuleOption' RESTAdmRuleCriterion: type: object required: - name - op - value properties: name: type: string example: namespace op: type: string example: = value: type: string example: kube-system sub_criteria: type: array items: $ref: '#/definitions/RESTAdmRuleCriterion' type: type: string example: customPath template_kind: type: string example: podTemplate path: type: string example: item.spec.serviceAccountName value_type: type: string example: string RESTAdmRuleOptions: type: object required: - rule_options properties: rule_options: type: object properties: rule: type: string example: criterion_name options: $ref: '#/definitions/RESTAdmissionRuleOption' RESTAdmRuleTypeOptions: type: object required: - deny_options - exception_options properties: deny_options: $ref: '#/definitions/RESTAdmCatOptions' exception_options: $ref: '#/definitions/RESTAdmCatOptions' psp_collection: type: array items: $ref: '#/definitions/RESTAdmRuleCriterion' pss_collections: type: object description: map key is domain(string type) additionalProperties: type: array items: type: string example: restricted: ["Uses illegal volume type.", "Allows running as root user."] baseline: ["Sets HostNetwork, HostPID, or HostIPC to true.", "Allows privileged container(s)."] sigstore_verifiers: type: array items: type: string example: ["public/verifier1", "private1/verifier1", "private1/verifier2"] RESTAdmissionState: type: object properties: enable: type: boolean example: true mode: type: string example: Protect default_action: type: string example: allow adm_client_mode: type: string example: service adm_svc_type: type: string example: "" adm_client_mode_options: type: object properties: service: type: string example: service url: type: string example: "service:xyz-svc-admission-webhook.xyz.svc" ctrl_states: type: object properties: validate: type: string example: validate states: type: boolean example: true RESTAdmissionStats: type: object required: - k8s_allowed_requests - k8s_denied_requests - k8s_erroneous_requests - k8s_ignored_requests - jenkins_allowed_requests - jenkins_denied_requests - jenkins_erroneous_requests properties: k8s_allowed_requests: type: integer format: int64 example: 2 k8s_denied_requests: type: integer format: int64 example: 1 k8s_erroneous_requests: type: integer format: int64 example: 1 k8s_ignored_requests: type: integer format: int64 example: 1 jenkins_allowed_requests: type: integer format: int64 example: 3 jenkins_denied_requests: type: integer format: int64 example: 1 jenkins_erroneous_requests: type: integer format: int64 example: 1 RESTAdmissionStatsData: type: object required: - stats properties: stats: $ref: '#/definitions/RESTAdmissionStats' RESTAgent: type: object required: - id - name - display_name - host_name - host_id - version - labels - domain - pid_mode - network_mode - created_at - started_at - joined_at - memory_limit - cpus - cluster_ip - connection_state - disconnected_at properties: id: type: string example: 924ccbbfcac6842e7370305bc51f4594764314f6 name: type: string example: allinone display_name: type: string example: allinone host_name: type: string example: ubuntu64 host_id: type: string example: 2AU7:TIEN:O5KX:QK56:LFQP:IJSV:FXBN:QJV7 version: type: string example: 0.1.0 labels: type: object description: map key is string type additionalProperties: type: string example: com.docker.compose.service: allinone domain: type: string example: "" pid_mode: type: string example: "" network_mode: type: string example: host created_at: type: string format: date-time example: 2018-01-23T21:14:31Z started_at: type: string format: date-time example: 2018-01-23T21:14:31Z joined_at: type: string format: date-time example: 2018-01-23T21:14:55Z memory_limit: type: integer format: int64 example: 0 cpus: type: string example: "" cluster_ip: type: string example: 10.1.5.1 connection_state: type: string example: connected disconnected_at: type: string example: "" RESTAgentData: type: object required: - enforcer properties: enforcer: $ref: '#/definitions/RESTAgent' RESTAgentsData: type: object required: - enforcers properties: enforcers: type: array items: $ref: '#/definitions/RESTAgent' RESTAgentConfig: type: object properties: debug: type: array items: type: string example: - packet - log - parser - tcp - session - timer - error disable_nvprotect: type: boolean example: false disable_kvcctl: type: boolean example: false RESTAgentConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTAgentConfig' RESTAgentStatsData: type: object required: - id - read_at - stats properties: id: type: string example: 541386aa8e36fe113593cc0dc6678b7d2a read_at: type: string format: date-time example: 2018-01-18T07:20:15Z stats: $ref: '#/definitions/RESTStats' RESTAuditsData: type: object required: - audits properties: audits: type: array items: $ref: '#/definitions/Audit' RESTAuthData: type: object required: - client_ip properties: client_ip: type: string example: "" password: $ref: '#/definitions/RESTAuthPassword' Token: $ref: '#/definitions/RESTAuthToken' RESTAuthPassword: type: object required: - username - password properties: username: type: string example: admin password: type: string format: password example: mypassword new_password: type: string description: need to specify when server responds the user needs to change password example: mynewpassword RESTAuthToken: type: object required: - token - state - redirect_endpoint properties: token: type: string example: "" state: type: string example: "" redirect_endpoint: type: string example: "" RESTAWSAccountKeyConfig: type: object properties: id: type: string example: "831010404316" access_key_id: type: string example: AKIAIHUHS4BTYUDKVV4Q secret_access_key: type: string example: D7XGZO34AMUfTbunL region: type: string example: us-west-2 RESTAwsCloudRes: type: object required: - cloud_type - project_name - region_list - aws_lambda_resource properties: cloud_type: type: string example: aws_cloud project_name: type: string example: demo_project region_list: type: array items: type: string example: - us-east-1 - us-west-1 - us-west-2 aws_lambda_resource: $ref: '#/definitions/RESTAwsLambdaRes' RESTAwsFuncPermission: type: object required: - aws_attached_policy - policy_permission_level - permission_state - allowed_detail properties: aws_attached_policy: type: boolean example: true policy_permission_level: type: string example: High permission_state: type: array items: type: string example: ["Full Access policy AWSLambdaFullAccess", "In policy AWSLambdaFullAccess : Full Access to dynamodb "] allowed_detail: type: object properties: key: type: string example: cloudformation value: type: array items: $ref: '#/definitions/RESTAwsResDetail' RESTAwsFunction: type: object required: - function_name - region properties: function_name: type: string example: nvnodejs region: type: string example: us-west-1 report: type: array items: $ref: '#/definitions/RESTScanAwsFuncReport' RESTAwsFuncSummary: type: object required: - function_id - version - function_name - scan_result - high - medium - permission_level - status properties: function_id: type: string example: project_id version: type: string example: "1.0" function_name: type: string example: demo_project scan_result: type: string example: "" high: type: integer example: 5 medium: type: integer example: 5 permission_level: type: string example: "" status: type: string example: data_lost RESTAwsLambdaResDetail: type: object required: - status - func_list properties: status: type: string example: data_lost func_list: type: array items: $ref: '#/definitions/RESTAwsFuncSummary' RESTAwsLambdaRes: type: object required: - status - aws_region_resource properties: status: type: string example: data_lost aws_region_resource: type: object properties: key: type: string example: "" value: $ref: '#/definitions/RESTAwsLambdaResDetail' RESTAwsResDetail: type: object required: - permission_level - resource - permission_state properties: permission_level: type: string example: Low resource: type: string example: DescribeChangeSet permission_state: type: string example: "" RESTAwsResource: type: object required: - project_name - region_list - aws_lambda_resource properties: acc_id: type: string example: "" acc_key: type: string example: "" project_name: type: string example: demo_project region_list: type: array items: type: string example: - us-east-1 - us-east-2 aws_lambda_resource: $ref: '#/definitions/RESTAwsLambdaRes' RESTAwsResourceConfig: type: object required: - project_name properties: project_name: type: string example: demo_project acc_id: type: string example: "" acc_key: type: string example: "" region_list: type: array items: type: string example: - us-east-1 - us-west-1 - us-west-2 RESTAwsResourceCreate: type: object required: - project_name properties: project_name: type: string example: demo_project acc_id: type: string example: "" acc_key: type: string example: "" region_list: type: array items: type: string example: - us-east-1 - us-west-1 - us-west-2 RESTBenchItem: type: object required: - catalog - type - level - test_number - profile - scored - automated - description - message - remediation - group properties: catalog: type: string example: docker type: type: string example: "" level: type: string example: INFO test_number: type: string example: "1" profile: type: string example: "Level 1" scored: type: boolean example: true automated: type: boolean example: true description: type: string example: "General Configuration" message: type: array items: type: string example: "Host Configuration" remediation: type: string example: "" group: type: string example: nv.calico RESTBenchReport: type: object required: - run_timestamp - run_at - cis_version - items properties: run_timestamp: type: integer format: int64 example: 1516561253 run_at: type: string format: date-time example: 2018-06-21T19:00:53Z cis_version: type: string example: "1.5.1" items: type: array items: $ref: '#/definitions/RESTBenchItem' RESTCloudResList: type: object required: - cloud_resources properties: cloud_resources: type: array items: $ref: '#/definitions/RESTAwsCloudRes' RESTCLUSEventCondition: type: object properties: type: type: string example: "" value: type: string example: "" RESTComplianceData: type: object required: - run_timestamp - run_at - kubernetes_cis_category - kubernetes_cis_version - docker_cis_version - items properties: run_timestamp: type: integer format: int64 example: 1516561253 run_at: type: string format: date-time example: 2018-06-21T19:00:53Z kubernetes_cis_category: type: string example: "" kubernetes_cis_version: type: string example: "1.5.1" docker_cis_version: type: string example: "1.2.0" items: type: array items: $ref: '#/definitions/RESTBenchItem' RESTComplianceProfile: type: object required: - name - disable_system - entries properties: name: type: string example: default disable_system: type: boolean example: false entries: type: array items: $ref: '#/definitions/RESTComplianceProfileEntry' cfg_type: type: string enum: [user_created, ground] RESTComplianceProfileConfig: type: object required: - name properties: name: type: string example: default disable_system: type: boolean example: false entries: type: array items: $ref: '#/definitions/RESTComplianceProfileEntry' RESTComplianceProfileConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTComplianceProfileConfig' RESTComplianceProfileEntry: type: object required: - test_number - tags properties: test_number: type: string example: "" tags: type: array items: type: string example: "" RESTComplianceProfileEntryConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTComplianceProfileEntry' RESTComplianceProfileData: type: object required: - profile properties: profile: $ref: '#/definitions/RESTComplianceProfile' RESTComplianceProfilesData: type: object required: - profiles properties: profiles: type: array items: $ref: '#/definitions/RESTComplianceProfile' RESTCompProfilesExport: type: object properties: names: type: array items: type: string example: ["default"] remote_export_options: $ref: '#/definitions/RESTRemoteExportOptions' RESTController: type: object required: - id - name - display_name - host_name - host_id - version - labels - domain - created_at - started_at - joined_at - memory_limit - cpus - cluster_ip - leader - connection_state - disconnected_at - orch_conn_status - orch_conn_last_error properties: id: type: string example: b63882364cd1a56b2234ce0c9266ca403090e5e8148 name: type: string example: allinone display_name: type: string example: allinone host_name: type: string example: ubuntu64 host_id: type: string example: 2AU7:TIEN:O5KX:QK56:LFQP:IJSV:FXBN:QJV7 version: type: string example: "0.1.0" labels: type: object description: map key is string type additionalProperties: type: string example: com.docker.compose.config-hash: e94ce458b3bc97cd478e9738a759d76fb819 domain: type: string example: "" created_at: type: string format: date-time example: 2018-01-24T17:16:59Z started_at: type: string format: date-time example: 2018-01-24T17:16:59Z joined_at: type: string format: date-time example: 2018-01-24T17:17:10Z memory_limit: type: integer format: int64 example: 0 cpus: type: string example: "" cluster_ip: type: string example: 10.1.5.1 leader: type: boolean example: true connection_state: type: string example: connected disconnected_at: type: string example: "" orch_conn_status: type: string example: "" orch_conn_last_error: type: string example: "" RESTControllerData: type: object required: - controller properties: controller: $ref: '#/definitions/RESTController' RESTControllerConfig: type: object properties: debug: type: array items: type: string example: - "log" - "parser" - "tcp" - "session" - "error" RESTControllerConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTControllerConfig' RESTCriteriaEntry: type: object required: - key - value - op properties: key: type: string example: pattern value: type: string example: "[0-9]" op: type: string example: regex RESTCustomCheck: type: object required: - name - script properties: name: type: string example: node script: type: string example: "uname -r " RESTCustomCheckConfig: type: object required: - add - delete - update properties: add: $ref: '#/definitions/RESTCustomChecks' delete: $ref: '#/definitions/RESTCustomChecks' update: $ref: '#/definitions/RESTCustomChecks' RESTCustomCheckConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTCustomCheckConfig' RESTCustomCheckData: type: object required: - config properties: config: $ref: '#/definitions/RESTCustomChecks' RESTCustomCheckListData: type: object required: - configs properties: configs: type: array items: $ref: '#/definitions/RESTCustomChecks' RESTCustomChecks: type: object required: - group - scripts properties: group: type: string example: containers enabled: type: boolean example: false writable: type: boolean example: false scripts: type: array items: $ref: '#/definitions/RESTCustomCheck' RESTDlpGroup: type: object required: - name - status - sensors properties: name: type: string example: nodes status: type: boolean example: true sensors: type: array items: $ref: '#/definitions/RESTDlpSetting' RESTDlpGroupConfig: type: object required: - name properties: name: type: string example: ssn status: type: boolean example: true delete: type: array items: type: string example: "" sensors: type: array items: $ref: '#/definitions/RESTDlpSetting' replace: type: array items: $ref: '#/definitions/RESTDlpSetting' RESTDlpGroupConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTDlpGroupConfig' RESTDlpGroupData: type: object required: - dlp_group properties: dlp_group: $ref: '#/definitions/RESTDlpGroup' RESTDlpGroupsData: type: object required: - dlp_groups properties: dlp_groups: type: array items: $ref: '#/definitions/RESTDlpGroup' RESTDlpRule: type: object required: - name - id - patterns - cfg_type properties: name: type: string example: testrule413251424153561246153614615462515134635 id: type: integer format: uint32 example: 4001 patterns: type: array items: $ref: '#/definitions/RESTCriteriaEntry' cfg_type: type: string enum: [user_created, ground] RESTDlpRuleData: type: object required: - rule properties: rule: $ref: '#/definitions/RESTDlpRuleDetail' RESTDlpRuleDetail: type: object required: - sensors - rules properties: sensors: type: array items: type: string example: - "ssn" - "credit" rules: type: array items: $ref: '#/definitions/RESTDlpRule' RESTDlpRulesData: type: object required: - rules properties: rules: type: array items: $ref: '#/definitions/RESTDlpRule' RESTDlpSensor: type: object required: - name - groups - rules - comment - predefine - cfg_type properties: name: type: string example: sensor.ssn groups: type: array items: type: string example: ["external", "nodes"] rules: type: array items: $ref: '#/definitions/RESTDlpRule' comment: type: string example: "Sensor for SSN detection" predefine: type: boolean example: true cfg_type: type: string enum: [user_created, ground] RESTDlpSensorConfig: type: object required: - name properties: name: type: string example: sensor.creditcard change: type: array items: $ref: '#/definitions/RESTDlpRule' delete: type: array items: $ref: '#/definitions/RESTDlpRule' rules: type: array items: $ref: '#/definitions/RESTDlpRule' comment: type: string example: "Sensor for Credit Card detection" RESTDlpSensorConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTDlpSensorConfig' RESTDlpSensorData: type: object required: - sensor properties: sensor: $ref: '#/definitions/RESTDlpSensor' RESTDlpSensorExport: type: object required: - names properties: names: type: array items: type: string example: [""] remote_export_options: $ref: '#/definitions/RESTRemoteExportOptions' RESTDlpSensorsData: type: object required: - sensors properties: sensors: type: array items: $ref: '#/definitions/RESTDlpSensor' RESTDlpSetting: type: object required: - name - action properties: name: type: string example: sensor.ssn action: type: string example: log comment: type: string example: "logging sensor ssn" RESTDomain: type: object required: - name - workloads - running_workloads - running_pods - services - tags - labels properties: name: type: string example: iperfspace workloads: type: integer example: 14 running_workloads: type: integer example: 14 running_pods: type: integer example: 7 services: type: integer example: 3 tags: type: array items: type: string example: [""] labels: type: object description: map key is string type additionalProperties: type: string example: ns.env-1: production RESTDomainConfig: type: object properties: tag_per_domain: type: boolean example: true RESTDomainConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTDomainConfig' RESTDomainsData: type: object required: - domains - tag_per_domain properties: domains: type: array items: $ref: '#/definitions/RESTDomain' tag_per_domain: type: boolean example: false RESTDomainEntryConfig: type: object required: - name properties: name: type: string example: iperfspace tags: type: array items: type: string example: [""] RESTDomainEntryConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTDomainEntryConfig' RESTError: type: object required: - code - error - message properties: code: type: integer example: 3 error: type: string example: Request failed message: type: string example: Invalid format password_profile_basic: $ref: '#/definitions/RESTPwdProfileBasic' import_task_data: $ref: '#/definitions/RESTImportTaskData' RESTEULA: type: object required: - accepted properties: accepted: type: boolean RESTEULAData: type: object required: - eula properties: eula: $ref: '#/definitions/RESTEULA' RESTEventsData: type: object required: - events properties: events: type: array items: $ref: '#/definitions/Event' RESTFedSystemConfig: type: object required: - webhooks properties: webhooks: $ref: '#/definitions/RESTWebhook' RESTFileMonitorConfig: type: object properties: add_filters: type: array items: $ref: '#/definitions/RESTFileMonitorFilterConfig' delete_filters: type: array items: $ref: '#/definitions/RESTFileMonitorFilterConfig' update_filters: type: array items: $ref: '#/definitions/RESTFileMonitorFilterConfig' RESTFileMonitorConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTFileMonitorConfig' RESTFileMonitorFile: type: object required: - path - mask - is_dir - protect - files properties: path: type: string example: "" mask: type: integer format: uint64 example: 0 is_dir: type: boolean example: false protect: type: boolean example: false files: type: array items: type: string example: [""] RESTFileMonitorFileData: type: object required: - files properties: files: type: array items: $ref: '#/definitions/RESTFileMonitorFile' RESTFileMonitorFilterConfig: type: object required: - filter - recursive - behavior - applications - group properties: filter: type: string example: "" recursive: type: boolean example: false behavior: type: string example: "" applications: type: array items: type: string example: "" group: type: string example: "" RESTGCRKey: type: object properties: json_key: type: string example: "" RESTGCRKeyConfig: type: object properties: json_key: type: string example: "" RESTGroup: type: object required: - name - learned - reserved - domain - creater_domains - kind - platform_role - cap_change_mode - criteria - members - policy_rules - response_rules properties: name: type: string example: kafkadocker_kafka learned: type: boolean example: true reserved: type: boolean example: false policy_mode: type: string example: Discover domain: type: string example: "" creater_domains: type: array items: type: string example: ["domain1", "domain2"] kind: type: string example: "" platform_role: type: string example: core cap_change_mode: type: boolean example: true criteria: type: array items: $ref: '#/definitions/RESTCriteriaEntry' members: type: array items: $ref: '#/definitions/RESTWorkloadBrief' policy_rules: type: array items: type: integer format: uint32 example: 10005 response_rules: type: array items: type: integer format: uint32 example: 1247 RESTGroupCaps: type: object properties: cap_change_mode: type: boolean example: false cap_scorable: type: boolean example: false RESTGroupBrief: type: object required: - name - comment - learned - reserved - not_scored - domain - creater_domains - kind - platform_role - cfg_type - baseline_profile properties: name: type: string example: "" comment: type: string example: "" learned: type: boolean example: true reserved: type: boolean example: false policy_mode: type: string example: "" profile_mode: type: string example: "" not_scored: type: boolean example: true domain: type: string example: "" creater_domains: type: array items: type: string example: "" kind: type: string example: "" platform_role: type: string example: "" cfg_type: type: string enum: [learned, user_created, ground, federal] example: ground baseline_profile: type: string example: "" cap_change_mode: type: boolean example: false cap_scorable: type: boolean example: false RESTGroupData: type: object required: - group properties: group: $ref: '#/definitions/RESTGroupDetail' RESTGroupDetail: type: object required: - name - learned - reserved - domain - creater_domains - kind - platform_role - cap_change_mode - cfg_type - criteria - members - policy_rules - response_rules properties: name: type: string example: containers learned: type: boolean example: true reserved: type: boolean example: false policy_mode: type: string example: "" domain: type: string example: external creater_domains: type: array items: type: string example: ["domain1", "domain2"] kind: type: string example: "" platform_role: type: string example: admin cap_change_mode: type: boolean example: false cfg_type: type: string enum: [learned, user_created, ground, federal] criteria: type: array items: $ref: '#/definitions/RESTCriteriaEntry' members: type: array items: $ref: '#/definitions/RESTWorkloadBrief' policy_rules: type: array items: $ref: '#/definitions/RESTPolicyRule' response_rules: type: array items: $ref: '#/definitions/RESTResponseRule' RESTGroupsData: type: object required: - groups properties: groups: type: array items: $ref: '#/definitions/RESTGroup' RESTGroupConfig: type: object required: - name - cfg_type properties: name: type: string example: containerEQU criteria: type: array items: $ref: '#/definitions/RESTCriteriaEntry' cfg_type: type: string enum: [learned, user_created, ground, federal] RESTGroupConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTGroupConfig' RESTGroupExport: type: object required: - groups properties: groups: type: array items: type: string example: demo policy_mode: type: string example: Monitor remote_export_options: $ref: '#/definitions/RESTRemoteExportOptions' RESTHost: type: object required: - name - id - runtime - runtime_version - runtime_api_version - platform - os - kernel - cpus - memory - cgroup_version - containers - interfaces - state - cap_docker_bench - cap_kube_bench - policy_mode - profile_mode - scan_summary - storage_driver - labels - annotations properties: name: type: string example: ubuntu64 id: type: string example: 2AU7:TIEN:O5KX:QK56:LFQP:IJSV:FXBN:QJV7:XPAH runtime: type: string example: docker runtime_version: type: string example: "1.10.2" runtime_api_version: type: string example: "1.22" platform: type: string example: Docker os: type: string example: Ubuntu 14.04.3 LTS kernel: type: string example: 3.19.0-25-generic cpus: type: integer format: int64 example: 1 memory: type: integer format: int64 example: 2089816064 cgroup_version: type: integer example: 1 containers: type: integer example: 107 interfaces: type: object description: map key is string type like "eth0" additionalProperties: type: array items: $ref: '#/definitions/RESTIPAddr' state: type: string example: "" cap_docker_bench: type: boolean example: true cap_kube_bench: type: boolean example: true docker_bench_status: type: string example: running kube_bench_status: type: string example: scheduled policy_mode: type: string example: Discover profile_mode: type: string example: Discover scan_summary: $ref: '#/definitions/RESTScanBrief' storage_driver: type: string example: aufs labels: type: object description: map key is string type additionalProperties: type: string example: beta.kubernetes.io/os: linux annotations: type: object description: map key is string type additionalProperties: type: string example: kubeadm.alpha.kubernetes.io/cri-socket: /var/run/dockershim.sock RESTHostsData: type: object required: - hosts properties: hosts: type: array items: $ref: '#/definitions/RESTHost' RESTHostData: type: object required: - host properties: host: $ref: '#/definitions/RESTHost' RESTIDName: type: object required: - id - display_name - policy_mode - domains properties: id: type: string example: "" display_name: type: string example: "" policy_mode: type: string example: "" domains: type: array items: type: string example: ["domain1", "domain2"] RESTImportTask: type: object required: - tid - ctrler_id - percentage properties: tid: type: string example: c5af897b62a258212ece91c0551d3a4a ctrler_id: type: string example: 6e60452b244b90456f3450c9fed0a50f57f4b849dcb74a5fad289e8116f32f36 last_update_time: type: string format: date-time example: "2022-03-17T17:31:55.832768041Z" percentage: type: integer example: 100 triggered_by: type: string example: admin status: type: string example: done temp_token: type: string example: "" RESTImportTaskData: type: object required: - data properties: data: $ref: '#/definitions/RESTImportTask' RESTIncidentsData: type: object required: - incidents properties: incidents: type: array items: $ref: '#/definitions/Incident' RESTIPAddr: type: object required: - ip - ip_prefix - gateway properties: ip: type: string example: 192.168.209.197 ip_prefix: type: integer example: 32 gateway: type: string example: "" RESTIPPort: type: object required: - ip - port properties: ip: type: string example: 192.168.209.197 port: type: integer format: uint16 example: 80 RESTJfrogXray: type: object required: - url - enable - username properties: url: type: string example: "" enable: type: boolean example: true username: type: string example: "" password: type: string format: password example: "" RESTJfrogXrayConfig: type: object properties: url: type: string example: https://docker-virtual.com enable: type: boolean example: true username: type: string example: myUser password: type: string format: password example: password RESTLicenseInfo: type: object required: - name - email - phone - installation_id properties: name: type: string example: name email: type: string format: email example: user@mail.com phone: type: string example: "" id: type: string example: "" id_type: type: string example: "" installation_id: type: string example: ae2049871b8dd5b002fb7980f3a8c59f RESTLicenseKey: type: object properties: license_key: type: string example: "" RESTLicenseRequest: type: object required: - name - email - phone properties: name: type: string example: name email: type: string format: email example: user@mail.com phone: type: string example: "" RESTLicenseRequestData: type: object required: - license_request properties: license_request: $ref: '#/definitions/RESTLicenseRequest' RESTLicenseShow: type: object required: - info properties: info: $ref: '#/definitions/RESTLicenseInfo' RESTLicenseShowData: type: object required: - license properties: license: $ref: '#/definitions/RESTLicenseShow' RESTMappableRoles: type: object required: - default_roles - group_roles - group_domain_roles properties: default_roles: type: array items: type: string example: - "default_role_1" - "default_role_2" group_roles: type: array items: type: string example: - "group_role_1" - "group_role_2" group_domain_roles: type: array items: type: string example: - "group_domain_role_1" - "group_domain_role_2" RESTMetry: type: object required: - cpu - memory - session_in - session_out - packet_in - packet_out - byte_in - byte_out properties: cpu: type: number format: float64 example: 1 memory: type: integer format: uint64 example: 2089816064 session_in: type: integer format: uint32 example: 0 session_out: type: integer format: uint32 example: 0 cur_session_in: type: integer format: uint32 example: 1 cur_session_out: type: integer format: uint32 example: 1 packet_in: type: integer format: uint64 example: 0 packet_out: type: integer format: uint64 example: 0 byte_in: type: integer format: uint64 example: 0 byte_out: type: integer format: uint64 example: 0 RESTModuleCve: type: object required: - name - status properties: name: type: string example: "" status: type: string example: "" RESTPolicyPromoteRequest: type: object required: - ids properties: ids: type: array items: type: integer format: uint32 example: 12 RESTPolicyPromoteRequestData: type: object required: - request properties: request: $ref: '#/definitions/RESTPolicyPromoteRequest' RESTPolicyRule: type: object required: - id - comment - from - to - ports - action - applications - learned - disable - created_timestamp - last_modified_timestamp - cfg_type - priority properties: id: type: integer format: uint32 example: 10002 comment: type: string example: a rule from: type: string description: group name example: nv.iperfc to: type: string description: group name example: Host:10.2.127.3 ports: type: string description: free-style port list example: any action: type: string example: allow applications: type: array items: type: string example: DNS learned: type: boolean example: true disable: type: boolean example: false created_timestamp: type: integer format: int64 example: 1516563263 last_modified_timestamp: type: integer format: int64 example: 1516573243 cfg_type: type: string enum: [learned, user_created, ground, federal] priority: type: integer format: uint32 example: 0 RESTPolicyRuleActionData: type: object properties: move: $ref: '#/definitions/RESTPolicyRuleMove' insert: $ref: '#/definitions/RESTPolicyRuleInsert' rules: type: array items: $ref: '#/definitions/RESTPolicyRule' delete: type: array items: type: integer format: uint32 example: - 1234 RESTPolicyRuleConfig: type: object required: - id - cfg_type properties: id: type: integer format: uint32 example: 10001 comment: type: string example: a deny rule from: type: string example: nv.iperfclient to: type: string example: external ports: type: string example: any action: type: string example: deny applications: type: array items: type: string example: - "HTTP" - "SSH" disable: type: boolean example: true cfg_type: type: string enum: [learned, user_created, ground, federal] priority: type: integer format: uint32 example: 0 RESTPolicyRuleConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTPolicyRuleConfig' replicate: type: boolean example: true RESTPolicyRuleData: type: object required: - rule properties: rule: $ref: '#/definitions/RESTPolicyRule' RESTPolicyRulesData: type: object required: - rules properties: rules: type: array items: $ref: '#/definitions/RESTPolicyRule' RESTPolicyRuleInsert: type: object required: - rules properties: after: type: integer example: 0 rules: type: array items: $ref: '#/definitions/RESTPolicyRule' RESTPolicyRuleMove: type: object required: - id properties: after: type: integer example: 0 id: type: integer format: uint32 example: 10005 RESTPolicyViolationsData: type: object required: - violations properties: violations: type: array items: $ref: '#/definitions/Violation' RESTPolicyViolationsWLData: type: object required: - violation_workloads properties: violation_workloads: type: array items: $ref: '#/definitions/RESTViolationWorkload' RESTProcessInfo: type: object required: - name - pid - parent - group - session - cmdline - root - user - status - start_timestamp - action properties: name: type: string example: "" pid: type: integer format: uint32 example: 2394 parent: type: integer format: uint32 example: 2379 group: type: integer format: uint32 example: 2394 session: type: integer format: uint32 example: 2394 cmdline: type: string example: /sbin/runsvdir root: type: boolean example: true user: type: string example: root status: type: string example: Sleeping start_timestamp: type: integer format: int64 example: 1516561258 action: type: string example: "" RESTProcessList: type: object required: - processes properties: processes: type: array items: $ref: '#/definitions/RESTProcessInfo' RESTProcessProfileEntry: type: object required: - name - action - cfg_type - uuid - created_timestamp - last_modified_timestamp properties: name: type: string example: name path: type: string example: path user: type: string example: user uid: type: integer format: int32 example: 1273 action: type: string example: allow cfg_type: type: string enum: [learned, user_created, ground, federal, system_defined] uuid: type: string format: uuid example: 5654bfac-0011-4678-8e67-9eda136f18b1 group: type: string example: nodes created_timestamp: type: integer format: int64 example: 1516561258 last_modified_timestamp: type: integer format: int64 example: 1516561268 RESTProcessProfile: type: object required: - group - mode - process_list properties: group: type: string example: admin alert_disabled: type: boolean example: false hash_enabled: type: boolean example: true mode: type: string example: "" process_list: type: array items: $ref: '#/definitions/RESTProcessProfileEntry' RESTProcessProfileData: type: object required: - process_profile properties: process_profile: $ref: '#/definitions/RESTProcessProfile' RESTProcessProfilesData: type: object required: - process_profiles properties: process_profiles: type: array items: $ref: '#/definitions/RESTProcessProfile' RESTProcessProfileConfig: type: object required: - group properties: group: type: string example: myGroup alert_disabled: type: boolean example: false hash_enabled: type: boolean example: true process_change_list: type: array items: $ref: '#/definitions/RESTProcessProfileEntryConfig' process_delete_list: type: array items: $ref: '#/definitions/RESTProcessProfileEntryConfig' RESTProcessProfileConfigData: type: object required: - process_profile_config properties: process_profile_config: $ref: '#/definitions/RESTProcessProfileConfig' RESTProcessRulesResp: type: object properties: process_rules: type: array items: $ref: '#/definitions/RESTProcessUuidEntry' RESTProcessUuidEntry: type: object properties: active: type: integer example: 1 group: type: string example: nodes rule: $ref: '#/definitions/RESTProcessProfileEntry' RESTAWSAccountKey: type: object required: - id - region properties: id: type: string example: "349695068245" access_key_id: type: string example: NSKN3KM0OSN854MZ2LOV90S7DFVCL6 secret_access_key: type: string example: E7B0OS/N3KMVCL6KNMZ2+LOV90S7854NSD84P0BF region: type: string example: us-east-1 RESTProcessProfileEntryConfig: type: object required: - name - path - action - group properties: name: type: string example: myEntryConfig path: type: string example: "" action: type: string example: monitor group: type: string example: myGroup RESTRegistryConfig: type: object required: - name - registry_type properties: name: type: string example: myregistry registry_type: type: string example: docker registry: type: string example: https://registry.hub.docker.com/ filters: type: array items: type: string example: neuvector/*:* username: type: string example: myusername password: type: string format: password example: mypassword auth_token: type: string example: "" auth_with_token: type: boolean example: true rescan_after_db_update: type: boolean example: false scan_layers: type: boolean example: false repo_limit: type: integer example: 1 tag_limit: type: integer example: 1 schedule: $ref: '#/definitions/RESTScanSchedule' aws_key: $ref: '#/definitions/RESTAWSAccountKeyConfig' jfrog_xray: $ref: '#/definitions/RESTJfrogXrayConfig' gcr_key: $ref: '#/definitions/RESTGCRKeyConfig' jfrog_mode: type: string example: "" jfrog_aql: type: boolean example: false gitlab_external_url: type: string example: "" gitlab_private_token: type: string example: "" ibm_cloud_token_url: type: string example: "" ibm_cloud_account: type: string example: "" ignore_proxy: type: boolean example: false RESTRegistryConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTRegistryConfig' RESTRegistryImageSummary: type: object required: - domain - repository - tag - image_id - digest - size - author - run_as_root - envs - labels - layers - status - high - medium - result - scanned_timestamp - scanned_at - created_at - base_os - scanner_version properties: domain: type: string example: "" repository: type: string example: alpine tag: type: string example: latest image_id: type: string example: d572b7ee3511b21a2b78b8915bc03c5786ad01949704c1418624224c4cae2c5f digest: type: string example: bd8ffa77cf1c910b7a90935ca4828472e1c3e303e7cd5260f13d1e09995f173a size: type: integer format: int64 example: 1 author: type: string example: "" run_as_root: type: boolean example: true envs: type: array items: type: string example: ["PATH=/usr/local/sbin", "GOSU_VERSION=1.12", "REDIS_VERSION=6.0.2"] labels: type: object description: map key is string type additionalProperties: type: string example: label1: value1 label2: value2 layers: type: array items: type: string example: - "layer_1" - "layer_2" status: type: string example: scheduled high: type: integer example: 0 medium: type: integer example: 0 result: type: string example: success scanned_timestamp: type: integer format: int64 example: 1516561253 scanned_at: type: string format: date-time example: 2018-01-21T19:00:53Z created_at: type: string format: date-time example: 2018-01-21T19:00:53Z base_os: type: string example: ubuntu:16.04 scanner_version: type: string example: "1.011" cvedb_create_time: type: string format: date-time example: 2018-06-20T19:00:53Z RESTRegistryImageSummaryData: type: object required: - images properties: images: type: array items: $ref: '#/definitions/RESTRegistryImageSummary' RESTRegistryConfigAuth: type: object properties: username: type: string example: myusername password: type: string format: password example: mypassword auth_token: type: string example: "" auth_with_token: type: boolean example: true aws_key: $ref: '#/definitions/RESTAWSAccountKeyConfig' gcr_key: $ref: '#/definitions/RESTGCRKeyConfig' RESTRegistryConfigScan: type: object properties: rescan_after_db_update: type: boolean example: false scan_layers: type: boolean example: false repo_limit: type: integer example: 1 tag_limit: type: integer example: 1 schedule: $ref: '#/definitions/RESTScanSchedule' ignore_proxy: type: boolean example: false RESTRegistryConfigIntegrations: type: object properties: jfrog_mode: type: string example: "" jfrog_aql: type: boolean example: false gitlab_external_url: type: string example: "" gitlab_private_token: type: string example: "" ibm_cloud_token_url: type: string example: "" ibm_cloud_account: type: string example: "" RESTRegistryConfigV2: type: object required: - name - registry_type properties: name: type: string example: myregistry registry_type: type: string example: docker registry: type: string example: https://registry.hub.docker.com/ domains: type: array items: type: string example: "" filters: type: array items: type: string example: neuvector/*:* auth: $ref: '#/definitions/RESTRegistryConfigAuth' scan: $ref: '#/definitions/RESTRegistryConfigScan' integrations: $ref: '#/definitions/RESTRegistryConfigIntegrations' RESTRegistryConfigDataV2: type: object required: - config properties: config: $ref: '#/definitions/RESTRegistryConfigV2' RESTProxy: type: object required: - url - username properties: url: type: string example: "" username: type: string example: username password: type: string format: password example: password RESTSystemConfigAutoscale: type: object required: - strategy - min_pods - max_pods properties: strategy: type: string enum: ["", immediate, delayed] min_pods: type: integer format: uint32 example: 1 max_pods: type: integer format: uint32 example: 3 RESTSystemConfigAutoscaleConfig: type: object properties: strategy: type: string enum: ["", immediate, delayed] min_pods: type: integer format: uint32 example: 1 max_pods: type: integer format: uint32 example: 3 RESTSystemConfigSvcCfgV2: type: object properties: new_service_policy_mode: type: string example: Discover new_service_profile_baseline: type: string example: zero-drift RESTSystemConfigSyslogCfgV2: type: object properties: syslog_ip: type: string example: "" syslog_ip_proto: type: integer format: uint8 example: 6 syslog_port: type: integer format: uint16 example: 514 syslog_level: type: string example: INFO syslog_status: type: boolean example: true syslog_categories: type: array items: type: string example: ["event", "violation", "threat", "incident"] syslog_in_json: type: boolean example: true single_cve_per_syslog: type: boolean example: true syslog_cve_in_layers: type: boolean example: true syslog_server_cert: type: string example: E7B0OS/N3KMVCL6KNMZ2+LOV90S7854NSD84P0BF output_event_to_logs: type: boolean example: true RESTSystemConfigAuthCfgV2: type: object properties: auth_order: type: array items: type: string example: ["local", "ldap"] auth_by_platform: type: boolean example: true rancher_ep: type: string example: https://my-rancher.test:30000 RESTSystemConfigProxyCfgV2: type: object properties: registry_http_proxy_status: type: boolean example: true registry_https_proxy_status: type: boolean example: false registry_http_proxy: $ref: '#/definitions/RESTProxy' registry_https_proxy: $ref: '#/definitions/RESTProxy' RESTSystemConfigIBMSAVCfg2: type: object properties: ibmsa_ep_enabled: type: boolean example: false ibmsa_ep_dashboard_url: type: string RESTSystemConfigMiscCfgV2: type: object properties: unused_group_aging: type: integer format: uint8 example: 30 cluster_name: type: string example: cluster1 controller_debug: type: array items: type: string enum: - cpath - conn - mutex - scan - cluster - k8s_monitor example: ["scan", "k8s_monitor"] monitor_service_mesh: type: boolean example: true xff_enabled: type: boolean example: false no_telemetry_report: type: boolean example: false RESTPwdProfile: type: object required: - name - comment - min_len - min_uppercase_count - min_lowercase_count - min_digit_count - min_special_count - enable_password_expiration - password_expire_after_days - enable_password_history - password_keep_history_count - enable_block_after_failed_login - block_after_failed_login_count - block_minutes - session_timeout properties: name: type: string example: default comment: type: string example: default min_len: type: integer example: 6 min_uppercase_count: type: integer example: 0 min_lowercase_count: type: integer example: 0 min_digit_count: type: integer example: 0 min_special_count: type: integer example: 0 enable_password_expiration: type: boolean example: false password_expire_after_days: type: integer example: 0 enable_password_history: type: integer example: 0 password_keep_history_count: type: integer example: 0 enable_block_after_failed_login: type: boolean example: false block_after_failed_login_count: type: integer example: 0 block_minutes: type: integer example: 0 session_timeout: type: integer example: 300 RESTPwdProfileBasic: type: object required: - min_len - min_uppercase_count - min_lowercase_count - min_digit_count - min_special_count properties: min_len: type: integer example: 6 min_uppercase_count: type: integer example: 0 min_lowercase_count: type: integer example: 0 min_digit_count: type: integer example: 0 min_special_count: type: integer example: 0 RESTPwdProfileConfig: type: object required: - name properties: name: type: string example: default active: type: boolean example: true comment: type: string example: "" min_len: type: integer example: 6 min_uppercase_count: type: integer example: 0 min_lowercase_count: type: integer example: 0 min_digit_count: type: integer example: 0 min_special_count: type: integer example: 0 enable_password_expiration: type: boolean example: false password_expire_after_days: type: integer example: 0 enable_password_history: type: boolean example: true password_keep_history_count: type: integer example: 0 enable_block_after_failed_login: type: boolean example: false block_after_failed_login_count: type: integer example: 0 block_minutes: type: integer example: 0 session_timeout: type: integer example: 300 RESTPwdProfileConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTPwdProfileConfig' RESTPwdProfileData: type: object required: - pwd_profile properties: pwd_profile: $ref: '#/definitions/RESTPwdProfile' RESTPwdProfilesData: type: object required: - pwd_profiles - active_profile_name properties: pwd_profiles: type: array items: $ref: '#/definitions/RESTPwdProfile' active_profile_name: type: string example: default RESTRegistrySummary: type: object required: - name - registry_type - registry - username - auth_with_token - filters - rescan_after_db_update - scan_layers - repo_limit - tag_limit - schedule - jfrog_mode - gitlab_external_url - ibm_cloud_token_url - ibm_cloud_account - status - error_message - error_detail - started_at - scanned - scheduled - scanning - failed - cvedb_version - cvedb_create_time properties: name: type: string example: myregistry registry_type: type: string example: docker registry: type: string example: https://registry.hub.docker.com/ username: type: string example: myusername password: type: string format: password example: mypassword auth_token: type: string example: "" auth_with_token: type: boolean example: true filters: type: array items: type: string example: neuvector/*:* rescan_after_db_update: type: boolean example: false scan_layers: type: boolean example: false repo_limit: type: integer example: 1 tag_limit: type: integer example: 1 schedule: $ref: '#/definitions/RESTScanSchedule' aws_key: $ref: '#/definitions/RESTAWSAccountKey' jfrog_xray: $ref: '#/definitions/RESTJfrogXray' gcr_key: $ref: '#/definitions/RESTGCRKey' jfrog_mode: type: string example: "" gitlab_external_url: type: string example: "" gitlab_private_token: type: string example: "" ibm_cloud_token_url: type: string example: "" ibm_cloud_account: type: string example: "" status: type: string example: finished error_message: type: string example: "" error_detail: type: string example: "" started_at: type: string format: date-time example: 2018-01-18T00:44:02Z scanned: type: integer format: uint32 example: 12 scheduled: type: integer format: uint32 example: 0 scanning: type: integer format: uint32 example: 0 failed: type: integer format: uint32 example: 1 cvedb_version: type: string example: "1.011" cvedb_create_time: type: string format: date-time example: 2018-06-20T19:00:53Z ignore_proxy: type: boolean example: false RESTRegistrySummaryData: type: object required: - summary properties: summary: $ref: '#/definitions/RESTRegistrySummary' RESTRegistrySummaryListData: type: object required: - summarys properties: summarys: type: array items: $ref: '#/definitions/RESTRegistrySummary' RESTResponseRule: type: object required: - id - event - comment - group - conditions - actions - webhooks - disable - cfg_type properties: id: type: integer format: uint32 example: 1001 event: type: string example: "" comment: type: string example: "" group: type: string example: "" conditions: type: array items: $ref: '#/definitions/RESTCLUSEventCondition' actions: type: array items: type: string example: "" webhooks: type: array items: type: string example: "" disable: type: boolean example: false cfg_type: type: string enum: [user_created, ground, federal] RESTResponseRuleData: type: object required: - rule properties: rule: $ref: '#/definitions/RESTResponseRule' RESTResponseRulesData: type: object required: - rules properties: rules: type: array items: $ref: '#/definitions/RESTResponseRule' RESTResponseRuleConfig: type: object required: - id - cfg_type properties: id: type: integer format: uint32 example: 1001 comment: type: string example: "" group: type: string example: "" event: type: string example: "" conditions: type: array items: $ref: '#/definitions/RESTCLUSEventCondition' actions: type: array items: type: string example: "" webhooks: type: array items: type: string example: "" disable: type: boolean example: false cfg_type: type: string enum: [user_created, ground, federal] RESTResponseRuleConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTResponseRuleConfig' RESTResponseRuleInsert: type: object required: - rules properties: after: type: integer example: 0 rules: type: array items: $ref: '#/definitions/RESTResponseRule' RESTResponseRuleActionData: type: object properties: insert: $ref: '#/definitions/RESTResponseRuleInsert' RESTRolePermission: type: object required: - id - read - write properties: id: type: string example: ci_scan read: type: boolean example: false write: type: boolean example: true RESTScanAppPackage: type: object required: - app_name - module_name - version - file_name properties: app_name: type: string example: CVE-2019-1549 module_name: type: string example: openssl version: type: string example: 1.1.1c-r0 file_name: type: string example: OPENSSL_init RESTScanAwsFuncDetail: type: object required: - scan_brief - scan_report properties: scan_brief: $ref: '#/definitions/RESTScanBrief' scan_report: $ref: '#/definitions/RESTScanReport' RESTScanAwsFuncReport: type: object required: - function_id - nv_sec_id - version - scan_result - allowed_resources - req_resources properties: function_id: type: string example: "arn:aws:lambda:us-west-1:831010404316:function:nvnodejs" nv_sec_id: type: string example: "" version: type: string example: "1" scan_result: $ref: '#/definitions/RESTScanAwsFuncDetail' allowed_resources: type: object properties: key: type: string example: AWSLambdaFullAccess value: $ref: '#/definitions/RESTAwsFuncPermission' req_resources: type: object properties: key: type: string example: value: $ref: '#/definitions/RESTAwsFuncPermission' RESTScanBrief: type: object required: - status - high - medium - result - scanned_timestamp - scanned_at - base_os - scanner_version - cvedb_create_time properties: status: type: string example: scheduled high: type: integer example: 0 medium: type: integer example: 0 result: type: string example: success scanned_timestamp: type: integer format: int64 example: 1516561253 scanned_at: type: string format: date-time example: 2018-01-21T19:00:53Z base_os: type: string example: ubuntu:16.04 scanner_version: type: string example: "1.011" cvedb_create_time: type: string format: date-time example: 2018-06-20T19:00:53Z RESTScanConfig: type: object required: - auto_scan properties: auto_scan: type: boolean example: false RESTScanConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTScanConfig' RESTScanImageSummaryData: type: object required: - images properties: images: type: array items: $ref: '#/definitions/RESTScanImageSummary' RESTScanImageSummary: type: object required: - image - image_id - author - status - high - medium - result - scanned_timestamp - scanned_at - created_at - base_os - scanner_version - cvedb_create_time properties: image: type: string example: "calico/node:v3.8.2" image_id: type: string example: 11cd78b9e13d420f93d5d5b2611e803bda012ae5cd8b476d4cc328dc133773ce author: type: string example: "" status: type: string example: finished high: type: integer example: 26 medium: type: integer example: 33 result: type: string example: succeeded scanned_timestamp: type: integer format: int64 example: 1593130227 scanned_at: type: string example: 2020-06-26T00:10:27Z created_at: type: string example: 2020-06-26T00:10:27Z base_os: type: string example: "debian:10" scanner_version: type: string example: "1.938" cvedb_create_time: type: string example: 2020-06-25T10:32:40Z RESTScanLayer: type: object required: - digest - cmds - vulnerabilities - size properties: digest: type: string example: "" cmds: type: string example: "" vulnerabilities: type: array items: $ref: '#/definitions/RESTVulnerability' size: type: integer format: int64 example: 1 RESTScanLayersReport: type: object required: - layers properties: layers: type: array items: $ref: '#/definitions/RESTScanLayer' RESTScanLayersReportData: type: object required: - report properties: report: $ref: '#/definitions/RESTScanLayersReport' RESTScanMeta: type: object required: - source - user - job - workspace - function - region properties: source: type: string example: github user: type: string example: user job: type: string example: scan workspace: type: string example: /local function: type: string example: monitor region: type: string example: West RESTScanModule: type: object required: - name - version - source properties: name: type: string example: scanner version: type: string example: "1.011" source: type: string example: github cves: type: array items: $ref: '#/definitions/RESTModuleCve' cpes: type: array items: type: string example: "" RESTScanner: type: object required: - id - cvedb_version - cvedb_create_time - server - port properties: id: type: string example: github cvedb_version: type: string example: "1.011" cvedb_create_time: type: string format: date-time example: 2018-06-20T19:00:53Z server: type: string example: 10.1.5.1 port: type: integer format: uint16 example: 51764 RESTScannerData: type: object required: - scanners properties: scanners: type: array items: $ref: '#/definitions/RESTScanner' RESTScanPackageReqData: type: object required: - source - user - job - workspace - function - region - application_packages properties: source: type: string example: github user: type: string example: user job: type: string example: scan workspace: type: string example: /local function: type: string example: monitor region: type: string example: West application_packages: type: array items: $ref: '#/definitions/RESTScanAppPackage' RESTScanPkgReport: type: object required: - verdict - message - cvedb_version - cvedb_create_time - vulnerabilities properties: verdict: type: string example: "Scan Report" message: type: string example: "Scan Report" cvedb_version: type: string example: "1.011" cvedb_create_time: type: string format: date-time example: 2018-06-20T19:00:53Z vulnerabilities: type: array items: $ref: '#/definitions/RESTVulnerability' RESTScanPkgReportData: type: object required: - report properties: report: $ref: '#/definitions/RESTScanPkgReport' RESTScanPlatformSummary: type: object required: - platform - kube_version - openshift_version - status - high - medium - result - scanned_timestamp - scanned_at - base_os - scanner_version - cvedb_create_time properties: platform: type: string example: Kubernetes kube_version: type: string example: "1.19.2" openshift_version: type: string example: "" status: type: string example: finished high: type: integer example: 3 medium: type: integer example: 1 result: type: string example: succeeded scanned_timestamp: type: integer format: int64 example: 1593217223 scanned_at: type: string example: "2020-06-27T00:20:23Z" base_os: type: string example: "" scanner_version: type: string example: "1.932" cvedb_create_time: type: string example: "2020-06-19T10:32:18Z" RESTScanPlatformSummaryData: type: object required: - platforms properties: platforms: type: array items: $ref: "#/definitions/RESTScanPlatformSummary" RESTScanReport: type: object required: - vulnerabilities properties: vulnerabilities: type: array items: $ref: '#/definitions/RESTVulnerability' modules: type: array items: $ref: '#/definitions/RESTScanModule' checks: type: array items: $ref: '#/definitions/RESTBenchItem' secrets: type: array items: $ref: '#/definitions/RESTScanSecret' setid_perms: type: array items: $ref: '#/definitions/RESTScanSetIdPerm' envs: type: array items: type: string example: ["PATH=/usr/local/sbin", "GOSU_VERSION=1.12", "REDIS_VERSION=6.0.2"] labels: type: object description: map key is string type additionalProperties: type: string example: label1: value1 label2: value2 cmds: type: array items: type: string example: "" RESTScanReportData: type: object required: - report properties: report: $ref: '#/definitions/RESTScanReport' RESTScanRepoReport: type: object required: - image_id - registry - repository - tag - digest - size - author - base_os - created_at - cvedb_version - cvedb_create_time - layers - vulnerabilities - modules - envs - labels properties: verdict: type: string example: "" image_id: type: string example: d572b7ee3511b21a2b78b8915bc03c5786ad01949704c1418624224c4cae2c5f registry: type: string example: https://registry.hub.docker.com/ repository: type: string example: alpine tag: type: string example: latest digest: type: string example: bd8ffa77cf1c910b7a90935ca4828472e1c3e303e7cd5260f13d1e09995f173a size: type: integer format: int64 example: 1 author: type: string example: "" base_os: type: string example: ubuntu:16.04 created_at: type: string format: date-time example: 2018-01-21T19:00:53Z cvedb_version: type: string example: "1.00" cvedb_create_time: type: string format: date-time example: 2018-06-20T19:00:53Z layers: type: array items: $ref: '#/definitions/RESTScanLayer' vulnerabilities: type: array items: $ref: '#/definitions/RESTVulnerability' modules: type: array items: $ref: '#/definitions/RESTScanModule' envs: type: array items: type: string example: ["PATH=/usr/local/sbin", "GOSU_VERSION=1.12", "REDIS_VERSION=6.0.2"] labels: type: object description: map key is string type additionalProperties: type: string example: label1: value1 label2: value2 RESTScanRepoReportData: type: object required: - report properties: report: $ref: '#/definitions/RESTScanRepoReport' RESTScanRepoReq: type: object required: - metadata - registry - repository - tag - scan_layers - base_image properties: metadata: $ref: '#/definitions/RESTScanMeta' registry: type: string example: https://registry.hub.docker.com/ username: type: string example: myusername password: type: string format: password example: mypassword repository: type: string example: alpine tag: type: string example: latest scan_layers: type: boolean example: false base_image: type: string example: alpine RESTScanRepoReqData: type: object required: - request properties: request: $ref: '#/definitions/RESTScanRepoReq' RESTScanSchedule: type: object required: - schedule - interval properties: schedule: type: string example: manual interval: type: integer example: 5 RESTScanSecret: type: object required: - type - evidence - path - suggestion properties: type: type: string example: "" evidence: type: string example: "" path: type: string example: "" suggestion: type: string example: "" RESTScanSetIdPerm: type: object required: - type - evidence - path properties: type: type: string example: "" evidence: type: string example: "" path: type: string example: "" RESTScanStatus: type: object required: - scanned - scheduled - scanning - failed - cvedb_version - cvedb_create_time properties: scanned: type: integer example: 12 scheduled: type: integer example: 0 scanning: type: integer example: 0 failed: type: integer example: 1 cvedb_version: type: string example: "1.011" cvedb_create_time: type: string format: date-time example: 2018-06-20T19:00:53Z RESTScanSummary: type: object required: - id - name - display_name - image - platform_role - domain - state - service - service_group - cap_sniff - cap_quarantine - cap_change_mode - scan_summary - service_mesh - service_mesh_sidecar - privileged - run_as_root - status - high - medium - result - scanned_timestamp - scanned_at - base_os - scanner_version - host - children properties: id: type: string example: 7304e72fd093155c4cbcd65d07375329b2db82cc679 name: type: string example: k8s_POD.d86c_calico-node-mzhtk_kube-system_0050565a_365c13d display_name: type: string example: calico-node-mzhtk image: type: string example: calico platform_role: type: string example: core domain: type: string example: "" state: type: string example: exit service: type: string example: kafkazookeeper service_group: type: string example: nv.calico share_ns_with: type: string example: cc0709d522749203042e89dba28bf6924a4b0d360648 cap_sniff: type: boolean example: true cap_quarantine: type: boolean example: true cap_change_mode: type: boolean example: true policy_mode: type: string example: Discover scan_summary: $ref: '#/definitions/RESTScanBrief' quarantine_reason: type: string example: violation service_mesh: type: boolean example: true service_mesh_sidecar: type: boolean example: true privileged: type: boolean example: false run_as_root: type: boolean example: true status: type: string example: finished high: type: integer example: 15 medium: type: integer example: 127 result: type: string example: success scanned_timestamp: type: integer format: int64 example: 1516561253 scanned_at: type: string format: date-time example: 2018-01-21T19:00:53Z base_os: type: string example: ubuntu:16.04 scanner_version: type: string example: "1.011" host: type: string example: couchbase-s children: type: array items: $ref: '#/definitions/RESTScanSummary' RESTScanStatusData: type: object required: - status properties: status: $ref: '#/definitions/RESTScanStatus' RESTScanCacheStat: type: object required: - record_count - record_total_size - cache_misses - cache_hits properties: record_count: type: integer format: uint64 example: 0 record_total_size: type: integer format: uint64 example: 0 cache_misses: type: integer format: uint64 example: 0 cache_hits: type: integer format: uint64 example: 0 RESTScanCacheData: type: object required: - cache_records - record_total_size - cache_misses - cache_hits properties: cache_records: type: array items: $ref: '#/definitions/RESTScanCacheRecord' record_total_size: type: integer format: uint64 example: 0 cache_misses: type: integer format: uint64 example: 0 cache_hits: type: integer format: uint64 example: 0 RESTScanCacheRecord: type: object required: - layer_id - size - reference_count - last_referred properties: layer_id: type: string example: "" size: type: integer format: uint64 example: 0 reference_count: type: integer format: uint32 example: 0 last_referred: type: string format: date-time example: "2022-03-17T17:31:55.832768041Z" RESTSecurityData: type: object required: - threats - incidents - violations properties: threats: type: array items: $ref: '#/definitions/Threat' incidents: type: array items: $ref: '#/definitions/Incident' violations: type: array items: $ref: '#/definitions/Violation' RESTServerLDAP: type: object required: - directory - hostname - port - ssl - base_dn - group_dn - bind_dn - group_member_attr - username_attr - enable - default_role properties: directory: type: string example: "" hostname: type: string example: 172.17.0.3 port: type: integer format: uint16 example: 389 ssl: type: boolean example: false base_dn: type: string example: dc=example,dc=org group_dn: type: string example: dc=example,dc=org bind_dn: type: string example: cn=admin,dc=example,dc=org bind_password: type: string example: mypassword group_member_attr: type: string example: "" username_attr: type: string example: "" enable: type: boolean example: false default_role: type: string example: reader role_groups: type: object properties: role: type: string example: admin groups: type: array items: type: string example: [admin1, admin2] group_mapped_roles: type: array items: $ref: '#/definitions/GroupRoleMapping' RESTServerOIDC: type: object required: - issuer - authorization_endpoint - token_endpoint - user_info_endpoint - client_id - group_claim - scopes - enable - default_role properties: issuer: type: string example: https://dev-256438.oktapreview.com authorization_endpoint: type: string example: https://dev-256438.oktapreview.com/oauth2/v1/authorize token_endpoint: type: string example: https://dev-256438.oktapreview.com/oauth2/v1/token user_info_endpoint: type: string example: https://dev-256438.oktapreview.com/oauth2/v1/userinfo client_id: type: string example: 0oai4gal8xXh0itGi0h7 ClientSecret: type: string example: "" group_claim: type: string example: "" scopes: type: array items: type: string example: "" enable: type: boolean example: true default_role: type: string example: admin role_groups: type: object properties: role: type: string example: admin groups: type: array items: type: string example: [admin1, admin2] group_mapped_roles: type: array items: $ref: '#/definitions/GroupRoleMapping' RESTServerOIDCConfig: type: object required: - issuer - client_id - group_claim - enable - default_role properties: issuer: type: string example: https://dev-256438.oktapreview.com client_id: type: string example: 0oai4gcl8xXh2itGi1h7 client_secret: type: string example: QJju4mL1VLU0CAcD05WJ83K0D_e0gQEydowOvVqv group_claim: type: string example: "" scopes: type: array items: type: string example: "" enable: type: boolean example: true default_role: type: string example: admin role_groups: type: object properties: role: type: string example: admin groups: type: array items: type: string example: [admin1, admin2] group_mapped_roles: type: array items: $ref: '#/definitions/GroupRoleMapping' RESTServerSAML: type: object required: - sso_url - issuer - group_claim - enable - default_role properties: sso_url: type: string example: https://dev-2588.oktapreview.com/app/examplesamlapp_1/exjlpo0/sso/saml issuer: type: string example: http://www.okta.com/exkgp9avqo07 x509_cert: type: string example: E7B0OS/N3KMVCL6KNMZ2+LOV90S7854NSD84P0BF group_claim: type: string example: "" enable: type: boolean example: true default_role: type: string example: admin role_groups: type: object properties: role: type: string example: admin groups: type: array items: type: string example: [admin1, admin2] group_mapped_roles: type: array items: $ref: '#/definitions/GroupRoleMapping' x509_certs: type: array items: $ref: '#/definitions/RESTX509CertInfo' slo_enabled: type: boolean example: true slo_url: type: string example: https://dev.oktapreview.com/app/examplesamlapp_1/exjlpo0/slo/saml signing_cert: type: string example: E7B0OS/N3KMVCL6KNMZ2+LOV90S7854NSD84P0BF RESTServer: type: object required: - server_name - server_type properties: server_name: type: string example: iperfserver server_type: type: string example: ldap ldap: $ref: '#/definitions/RESTServerLDAP' saml: $ref: '#/definitions/RESTServerSAML' oidc: $ref: '#/definitions/RESTServerOIDC' RESTServerData: type: object required: - server properties: server: $ref: '#/definitions/RESTServer' RESTServersData: type: object required: - servers properties: servers: type: array items: $ref: '#/definitions/RESTServer' mappable_role: $ref: '#/definitions/RESTMappableRoles' RESTServerLDAPConfig: type: object properties: directory: type: string example: "" hostname: type: string example: 1.2.3.4 port: type: integer format: uint16 example: 1234 ssl: type: boolean example: true base_dn: type: string example: dc=win,dc=nv,dc=com group_dn: type: string example: dc=win,dc=nv,dc=com bind_dn: type: string example: administrator bind_password: type: string example: "2222" group_member_attr: type: string example: "" username_attr: type: string example: "" enable: type: boolean example: true default_role: type: string example: admin role_groups: type: object properties: role: type: string example: admin groups: type: array items: type: string example: [admin1, admin2] group_mapped_roles: type: array items: $ref: '#/definitions/GroupRoleMapping' RESTServerSAMLConfig: type: object required: - sso_url - issuer - group_claim properties: sso_url: type: string example: https://dev-258.oktapreview.com/app/88_examplesamlapp_1/exYKIvqo0h7/sso/saml issuer: type: string example: http://www.okta.com/xkbjKIvo0h x509_cert: type: string example: E7B0OS/N3KMVCL6KNMZ2+LOV90S7854NSD84P0BF group_claim: type: string example: "" enable: type: boolean example: true default_role: type: string example: admin role_groups: type: object properties: role: type: string example: admin groups: type: array items: type: string example: [admin1, admin2] group_mapped_roles: type: array items: $ref: '#/definitions/GroupRoleMapping' x509_cert_extra: type: array items: type: string example: ["E7B0OS/N3KMVCL6KNMZ2+LOV90S7854NSD84P0BF", "E7B0OS/N3KMVCL6KNMZ2+LOV90S7854NSD84P0BF"] slo_enabled: type: boolean example: true slo_url: type: string example: https://dev.oktapreview.com/app/examplesamlapp_1/exjlpo0/slo/saml signing_cert: type: string example: E7B0OS/N3KMVCL6KNMZ2+LOV90S7854NSD84P0BF signing_key: type: string example: E7B0OS/N3KMVCL6KNMZ2+LOV90S7854NSD84P0BF RESTServerConfig: type: object required: - name properties: name: type: string example: ad ldap: $ref: '#/definitions/RESTServerLDAPConfig' saml: $ref: '#/definitions/RESTServerSAMLConfig' oidc: $ref: '#/definitions/RESTServerOIDCConfig' RESTServerConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTServerConfig' RESTServerRoleGroupsConfig: type: object required: - name - role - groups properties: name: type: string example: reader role: type: string example: reader groups: type: array items: type: string example: [reader1, reader2] RESTServerRoleGroupsConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTServerRoleGroupsConfig' RESTService: type: object required: - name - comment - policy_mode - profile_mode - not_scored - domain - platform_role - members - policy_rules - response_rules - ingress_exposure - egress_exposure - baseline_profile properties: name: type: string example: iperfc comment: type: string example: "" policy_mode: type: string example: Learn profile_mode: type: string example: Learn not_scored: type: boolean example: false domain: type: string example: "" platform_role: type: string example: core members: type: array items: $ref: '#/definitions/RESTWorkloadBrief' policy_rules: type: array items: $ref: '#/definitions/RESTPolicyRule' response_rules: type: array items: $ref: '#/definitions/RESTResponseRule' service_addr: $ref: '#/definitions/RESTIPPort' ingress_exposure: type: boolean example: true egress_exposure: type: boolean example: false baseline_profile: type: string example: "" cap_change_mode: type: boolean example: false cap_scorable: type: boolean example: false RESTServiceData: type: object required: - service properties: service: $ref: '#/definitions/RESTService' RESTServicesData: type: object required: - services properties: services: type: array items: $ref: '#/definitions/RESTService' RESTServiceConfig: type: object required: - name - domain - comment properties: name: type: string example: "" domain: type: string example: "" comment: type: string example: "" policy_mode: type: string example: "" baseline_profile: type: string example: "" not_scored: type: boolean example: true RESTServiceConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTServiceConfig' RESTServiceBatchConfig: type: object properties: services: type: array items: type: string example: [iperfserver, iperfclient] policy_mode: type: string example: Monitor baseline_profile: type: string example: "" not_scored: type: boolean example: false RESTServiceBatchConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTServiceBatchConfig' RESTSnifferArgs: type: object properties: file_number: type: integer format: uint32 example: 50 duration: type: integer format: uint32 example: 50 filter: type: string example: "\\ port\\ 1381" RESTSnifferArgsData: type: object required: - sniffer properties: sniffer: $ref: '#/definitions/RESTSnifferArgs' RESTSnifferData: type: object required: - sniffer properties: sniffer: $ref: '#/definitions/RESTSnifferInfo' RESTSniffersData: type: object required: - sniffers properties: sniffers: type: array items: $ref: '#/definitions/RESTSnifferInfo' RESTSnifferInfo: type: object required: - id - enforcer_id - container_id - file_number - size - status - args - start_time - stop_time properties: id: type: string example: e272b888bbb0765d3c172ab8477b78b enforcer_id: type: string example: 479e272bb78b8bbb0765156c9c6cda7b8941692fc container_id: type: string example: 79e82a60d019dba04e8993534c99d1c5b6286247f58 file_number: type: integer format: uint32 example: 1 size: type: integer format: int64 example: 60273 status: type: string example: running args: type: string example: "-C 10 -w /var/cm/pcap/3ccad_ -W 10 ether host 6f:61:35:50:10:0c" start_time: type: integer format: int64 example: 1509410381 stop_time: type: integer format: int64 example: 1509432360 RESTStats: type: object required: - interval - total - span_1 - span_12 - span_60 properties: interval: type: integer format: uint32 example: 5 total: $ref: '#/definitions/RESTMetry' span_1: $ref: '#/definitions/RESTMetry' span_12: $ref: '#/definitions/RESTMetry' span_60: $ref: '#/definitions/RESTMetry' RESTSysAtmoConfigConfig: type: object properties: mode_auto_d2m: type: boolean example: false mode_auto_d2m_duration: type: integer format: int64 example: 1505755716 mode_auto_m2p: type: boolean example: false mode_auto_m2p_duration: type: integer format: int64 example: 1505755716 RESTSysNetConfigConfig: type: object properties: net_service_status: type: boolean example: true net_service_policy_mode: type: string example: "" disable_net_policy: type: boolean example: false detect_unmanaged_wl: type: boolean example: true RESTSystemConfig: type: object required: - new_service_policy_mode - new_service_profile_baseline - unused_group_aging - syslog_ip - syslog_ip_proto - syslog_port - syslog_level - syslog_status - syslog_categories - syslog_in_json - single_cve_per_syslog - syslog_cve_in_layers - output_event_to_logs - auth_order - auth_by_platform - rancher_ep - webhooks - cluster_name - controller_debug - monitor_service_mesh - registry_http_proxy_status - registry_https_proxy_status - registry_http_proxy - registry_https_proxy - ibmsa_ep_enabled - ibmsa_ep_start - ibmsa_ep_dashboard_url - ibmsa_ep_connected_at - xff_enabled - net_service_status - net_service_policy_mode - mode_auto_d2m - mode_auto_d2m_duration - mode_auto_m2p - mode_auto_m2p_duration - scanner_autoscale - no_telemetry_report properties: new_service_policy_mode: type: string example: Discover new_service_profile_baseline: type: string example: zero-drift unused_group_aging: type: integer format: uint8 example: 123 syslog_ip: type: string example: 10.1.0.14 syslog_ip_proto: type: integer format: uint8 example: 6 syslog_port: type: integer format: uint16 example: 514 syslog_level: type: string example: INFO syslog_status: type: boolean example: false syslog_categories: type: array items: type: string example: ["event", "violation", "threat", "incident"] syslog_in_json: type: boolean example: true single_cve_per_syslog: type: boolean example: false syslog_cve_in_layers: type: boolean example: false syslog_server_cert: type: string example: E7B0OS/N3KMVCL6KNMZ2+LOV90S7854NSD84P0BF output_event_to_logs: type: boolean example: true auth_order: type: array items: type: string example: ["local", "ldap"] auth_by_platform: type: boolean example: true rancher_ep: type: string example: "" configured_internal_subnets: type: array items: type: string example: ["69.89.0.0/16", "172.217.5.0/23"] webhooks: type: array items: $ref: '#/definitions/RESTWebhook' cluster_name: type: string example: cluster1 controller_debug: type: array items: type: string enum: - cpath - conn - mutex - scan - cluster - k8s_monitor example: ["cpath", "scan", "k8s_monitor"] csp_type: type: string example: aws monitor_service_mesh: type: boolean example: true registry_http_proxy_status: type: boolean example: true registry_https_proxy_status: type: boolean example: false registry_http_proxy: $ref: '#/definitions/RESTProxy' registry_https_proxy: $ref: '#/definitions/RESTProxy' ibmsa_ep_enabled: type: boolean example: false ibmsa_ep_start: type: integer format: uint32 example: 1 ibmsa_ep_dashboard_url: type: string example: "" ibmsa_ep_connected_at: type: string example: "" xff_enabled: type: boolean example: false net_service_status: type: boolean example: false net_service_policy_mode: type: string example: Monitor mode_auto_d2m: type: boolean example: false mode_auto_d2m_duration: type: integer format: int64 example: 1505755716 mode_auto_m2p: type: boolean example: false mode_auto_m2p_duration: type: integer format: int64 example: 1505755716 scanner_autoscale: $ref: '#/definitions/RESTSystemConfigAutoscale' no_telemetry_report: type: boolean example: false RESTSystemConfigAuthV2: type: object required: - auth_order - auth_by_platform - rancher_ep properties: auth_order: type: array items: type: string example: ["local", "ldap"] auth_by_platform: type: boolean example: true rancher_ep: type: string example: "" RESTSystemConfigIBMSAV2: type: object required: - ibmsa_ep_enabled - ibmsa_ep_start - ibmsa_ep_dashboard_url - ibmsa_ep_connected_at properties: ibmsa_ep_enabled: type: boolean example: false ibmsa_ep_start: type: integer format: uint32 example: 1 ibmsa_ep_dashboard_url: type: string example: "" ibmsa_ep_connected_at: type: string example: "" RESTSystemConfigMiscV2: type: object required: - unused_group_aging - cluster_name - controller_debug - monitor_service_mesh - xff_enabled - no_telemetry_report - cfg_type properties: configured_internal_subnets: type: array items: type: string example: ["69.89.0.0/16", "172.217.5.0/23"] unused_group_aging: type: integer format: uint8 example: 123 cluster_name: type: string example: cluster1 controller_debug: type: array items: type: string enum: - cpath - conn - mutex - scan - cluster - k8s_monitor example: ["scan", "k8s_monitor"] csp_type: type: string example: aws monitor_service_mesh: type: boolean example: true xff_enabled: type: boolean example: false no_telemetry_report: type: boolean example: false cfg_type: type: string enum: [user_created, ground, federal] RESTSystemConfigModeAutoV2: type: object required: - mode_auto_d2m - mode_auto_d2m_duration - mode_auto_m2p - mode_auto_m2p_duration properties: mode_auto_d2m: type: boolean example: false mode_auto_d2m_duration: type: integer format: int64 example: 1505755716 mode_auto_m2p: type: boolean example: false mode_auto_m2p_duration: type: integer format: int64 example: 1505755716 RESTSystemConfigNetSvcV2: type: object required: - net_service_status - new_service_profile_baseline - disable_net_policy - detect_unmanaged_wl properties: net_service_status: type: boolean example: true new_service_profile_baseline: type: string example: zero-drift disable_net_policy: type: boolean example: false detect_unmanaged_wl: type: boolean example: true RESTSystemConfigNewSvcV2: type: object required: - new_service_policy_mode - new_service_profile_baseline properties: new_service_policy_mode: type: string example: Discover new_service_profile_baseline: type: string example: zero-drift RESTSystemConfigProxyV2: type: object required: - registry_http_proxy_status - registry_https_proxy_status - registry_http_proxy - registry_https_proxy properties: registry_http_proxy_status: type: boolean example: true registry_https_proxy_status: type: boolean example: false registry_http_proxy: $ref: '#/definitions/RESTProxy' registry_https_proxy: $ref: '#/definitions/RESTProxy' RESTSystemConfigSyslogV2: type: object required: - syslog_ip - syslog_ip_proto - syslog_port - syslog_level - syslog_status - syslog_categories - syslog_in_json - single_cve_per_syslog - syslog_cve_in_layers - syslog_server_cert - output_event_to_logs properties: syslog_ip: type: string example: 10.1.0.14 syslog_ip_proto: type: integer format: uint8 example: 6 syslog_port: type: integer format: uint16 example: 514 syslog_level: type: string example: INFO syslog_status: type: boolean example: false syslog_categories: type: array items: type: string example: ["event", "violation", "threat", "incident"] syslog_in_json: type: boolean example: true single_cve_per_syslog: type: boolean example: false syslog_cve_in_layers: type: boolean example: false syslog_server_cert: type: string example: "" output_event_to_logs: type: boolean example: true RESTSystemConfigV2: type: object required: - new_svc - syslog - auth - misc - webhooks - proxy - ibmsa - net_svc - mode_auto - scanner_autoscale properties: new_svc: $ref: '#/definitions/RESTSystemConfigNewSvcV2' syslog: $ref: '#/definitions/RESTSystemConfigSyslogV2' auth: $ref: '#/definitions/RESTSystemConfigAuthV2' misc: $ref: '#/definitions/RESTSystemConfigMiscV2' webhooks: type: array items: $ref: '#/definitions/RESTWebhook' proxy: $ref: '#/definitions/RESTSystemConfigProxyV2' ibmsa: $ref: '#/definitions/RESTSystemConfigIBMSAV2' net_svc: $ref: '#/definitions/RESTSystemConfigNetSvcV2' mode_auto: $ref: '#/definitions/RESTSystemConfigModeAutoV2' scanner_autoscale: $ref: '#/definitions/RESTSystemConfigAutoscale' RESTSystemConfigData: type: object properties: config: $ref: '#/definitions/RESTSystemConfig' fed_config: $ref: '#/definitions/RESTFedSystemConfig' RESTSystemConfigDataV2: type: object properties: config: $ref: '#/definitions/RESTSystemConfigV2' fed_config: $ref: '#/definitions/RESTFedSystemConfig' RESTSystemConfigConfig: type: object properties: new_service_policy_mode: type: string example: Discover new_service_profile_baseline: type: string example: zero-drift unused_group_aging: type: integer format: uint8 example: 123 syslog_ip: type: string example: "" syslog_ip_proto: type: integer format: uint8 example: 6 syslog_port: type: integer format: uint16 example: 514 syslog_level: type: string example: INFO syslog_status: type: boolean example: false syslog_categories: type: array items: type: string example: ["event", "violation", "threat", "incident"] syslog_in_json: type: boolean example: true syslog_server_cert: type: string example: E7B0OS/N3KMVCL6KNMZ2+LOV90S7854NSD84P0BF single_cve_per_syslog: type: boolean example: true syslog_cve_in_layers: type: boolean example: true output_event_to_logs: type: boolean example: true auth_order: type: array items: type: string example: "" auth_by_platform: type: boolean example: true rancher_ep: type: string example: "" webhooks: type: array items: $ref: '#/definitions/RESTWebhook' cluster_name: type: string example: cluster1 controller_debug: type: array items: type: string enum: - cpath - conn - mutex - scan - cluster - k8s_monitor example: ["cpath", "scan", "k8s_monitor"] monitor_service_mesh: type: boolean example: true registry_http_proxy_status: type: boolean example: true registry_https_proxy_status: type: boolean example: false registry_http_proxy: $ref: '#/definitions/RESTProxy' registry_https_proxy: $ref: '#/definitions/RESTProxy' ibmsa_ep_enabled: type: boolean example: false ibmsa_ep_dashboard_url: type: string example: "" xff_enabled: type: boolean example: false scanner_autoscale: $ref: '#/definitions/RESTSystemConfigAutoscale' no_telemetry_report: type: boolean example: false remote_repositories: type: array items: $ref: '#/definitions/RESTRemoteRepository' RESTSystemConfigConfigV2: type: object properties: svc_cfg: $ref: '#/definitions/RESTSystemConfigSvcCfgV2' syslog_cfg: $ref: '#/definitions/RESTSystemConfigSyslogCfgV2' auth_cfg: $ref: '#/definitions/RESTSystemConfigAuthCfgV2' proxy_cfg: $ref: '#/definitions/RESTSystemConfigProxyCfgV2' webhooks: type: array items: $ref: '#/definitions/RESTWebhook' ibmsa_cfg: $ref: '#/definitions/RESTSystemConfigIBMSAVCfg2' scanner_autoscale_cfg: $ref: '#/definitions/RESTSystemConfigAutoscaleConfig' remote_repositories: type: array items: $ref: '#/definitions/RESTRemoteRepository' misc_cfg: $ref: '#/definitions/RESTSystemConfigMiscCfgV2' RESTFedSystemConfigConfig: type: object properties: webhooks: type: array items: $ref: '#/definitions/RESTWebhook' RESTSystemConfigConfigData: type: object description: it leverages RESTSystemConfigConfigData in apis.go properties: config: $ref: '#/definitions/RESTSystemConfigConfig' fed_config: $ref: '#/definitions/RESTFedSystemConfigConfig' net_config: $ref: '#/definitions/RESTSysNetConfigConfig' atmo_config: $ref: '#/definitions/RESTSysAtmoConfigConfig' RESTSystemConfigConfigDataV2: type: object description: it leverages RESTSystemConfigConfigData in apis.go properties: config_v2: $ref: '#/definitions/RESTSystemConfigConfigV2' fed_config: $ref: '#/definitions/RESTFedSystemConfigConfig' net_config: $ref: '#/definitions/RESTSysNetConfigConfig' atmo_config: $ref: '#/definitions/RESTSysAtmoConfigConfig' RESTSystemSummary: type: object required: - hosts - controllers - enforcers - disconnected_enforcers - workloads - running_workloads - running_pods - services - policy_rules - scanners - platform - kube_version - openshift_version - cvedb_version - cvedb_create_time - component_versions properties: hosts: type: integer example: 1 controllers: type: integer example: 1 enforcers: type: integer example: 1 disconnected_enforcers: type: integer example: 1 workloads: type: integer example: 0 running_workloads: type: integer example: 100 running_pods: type: integer example: 100 services: type: integer example: 10 policy_rules: type: integer example: 2 scanners: type: integer example: 3 platform: type: string example: Docker kube_version: type: string example: "1.19.2" openshift_version: type: string example: "" cvedb_version: type: string example: "1.011" cvedb_create_time: type: string format: date-time example: 2018-06-20T19:00:53Z component_versions: type: array items: type: string example: "" RESTSystemSummaryData: type: object required: - summary properties: summary: $ref: '#/definitions/RESTSystemSummary' RESTSystemRequest: type: object properties: baseline_profile: type: string example: Zero-Drift policy_mode: type: string example: Discover unquarantine: $ref: '#/definitions/RESTUnquarReq' RESTSystemRequestData: type: object required: - request properties: request: $ref: '#/definitions/RESTSystemRequest' RESTSystemWebhookConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTWebhook' RESTThreatData: type: object required: - threat properties: threat: $ref: '#/definitions/Threat' RESTThreatsData: type: object required: - threats properties: threats: type: array items: $ref: '#/definitions/Threat' RESTToken: type: object required: - token - fullname - server - username - password - email - role - timeout - locale - default_password - modify_password - last_login_timestamp - last_login_at - login_count properties: token: type: string example: 1d3123585728afee5c37d410a2fbad43 fullname: type: string example: admin server: type: string example: server1 username: type: string example: admin password: type: string example: "" email: type: string format: email example: user@email.com role: type: string example: admin timeout: type: integer format: uint32 example: 300 locale: type: string example: en default_password: type: boolean modify_password: type: boolean default: false role_domains: type: object description: Object key is role and value is array of domains additionalProperties: type: array items: type: string example: ["domain1", "domain2"] last_login_timestamp: type: integer format: int64 example: 1505755716 last_login_at: type: string example: "" login_count: type: integer format: uint32 example: 1 RESTTokenData: type: object required: - token - password_days_until_expire - password_hours_until_expire properties: token: $ref: '#/definitions/RESTToken' password_days_until_expire: type: integer example: password_hours_until_expire: type: integer example: need_to_reset_password: type: boolean description: prompt the uer to login again & provide the new password to reset after login default: false RESTUnquarReq: type: object properties: response_rule: type: integer format: uint32 example: 1007 group: type: string example: "" RESTUser: type: object required: - fullname - server - username - email - role - timeout - locale - default_password - modify_password - last_login_timestamp - last_login_at - login_count - blocked_for_failed_login - blocked_for_password_expired - password_resettable properties: fullname: type: string example: admin server: type: string example: server1 username: type: string example: admin password: type: string format: password example: mypassword email: type: string format: email example: user@mail.com role: type: string example: admin timeout: type: integer format: uint32 example: 300 locale: type: string example: en default_password: type: boolean description: If the user is using default password modify_password: type: boolean default: false description: If the password should be modified role_domains: type: object description: Object key is role and value is array of domains additionalProperties: type: array items: type: string example: ["domain1", "domain2"] last_login_timestamp: type: integer format: int64 example: 1505755716 last_login_at: type: string example: "" login_count: type: integer format: uint32 example: 1 blocked_for_failed_login: type: boolean example: false blocked_for_password_expired: type: boolean example: false password_resettable: type: boolean description: whether the user's password can be reset by the current login user example: false RESTUserData: type: object required: - user properties: user: $ref: '#/definitions/RESTUser' RESTUserPwdConfig: type: object required: - fullname properties: fullname: type: string example: admin clear_failed_login: type: boolean example: true new_password: type: string example: "" force_reset_password: type: boolean description: whether to reset password even it's not expired yet example: false reset_password_in_next_login: type: boolean description: whether the target user needs ti reset password in the next login example: true RESTUserPwdConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTUserPwdConfig' RESTUserRole: type: object required: - name - comment - reserved - permissions properties: name: type: string example: ciops comment: type: string example: "CI Integration role" reserved: type: boolean example: true permissions: type: array items: $ref: '#/definitions/RESTRolePermission' RESTUserRoleConfig: type: object required: - name - comment - permissions properties: name: type: string example: customadmin comment: type: string example: "" permissions: type: array items: $ref: '#/definitions/RESTRolePermission' RESTUserRoleConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTUserRoleConfig' RESTUserRoleData: type: object required: - role properties: role: $ref: '#/definitions/RESTUserRole' RESTUserRolesData: type: object required: - roles properties: roles: type: array items: $ref: '#/definitions/RESTUserRole' RESTUsersData: type: object required: - users - global_roles - domain_roles properties: users: type: array items: $ref: '#/definitions/RESTUser' global_roles: type: array items: type: string example: ["admin", "reader"] domain_roles: type: array items: type: string example: ["role1", "role2"] RESTUserConfig: type: object required: - fullname - pwd_profile properties: fullname: type: string example: name password: type: string format: password example: mypassword new_password: type: string example: newpassword pwd_profile: type: string example: email: type: string format: email example: user@mail.com role: type: string example: admin timeout: type: integer format: uint32 example: 300 locale: type: string example: en role_domains: type: object description: Object key is role and value is array of domains additionalProperties: type: array items: type: string example: ["domain1", "domain2"] RESTUserConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTUserConfig' RESTUserRoleDomainsConfig: type: object required: - fullname - role - domains properties: fullname: type: string example: name role: type: string example: myrole domains: type: array items: type: string example: "" RESTUserRoleDomainsConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTUserRoleDomainsConfig' RESTViolationWorkload: type: object required: - workload - count properties: workload: $ref: '#/definitions/RESTWorkloadBrief' count: type: integer example: 2 RESTVulnerability: type: object required: - name - score - severity - vectors - description - file_name - package_name - package_version - fixed_version - link - score_v3 - vectors_v3 - published_timestamp - last_modified_timestamp - feed_rating - in_base_image properties: name: type: string example: CVE-2015-8356 score: type: number format: float32 example: 7.2 severity: type: string example: High vectors: type: string example: "" description: type: string example: "The setup_env function in group.c in sshd in OpenSSH allows local users to gain privileges." file_name: type: string example: "usr/lib/python3.9" package_name: type: string example: openssh package_version: type: string example: 7.2_p2-r0 fixed_version: type: string example: 1:7.2p2-3 link: type: string example: https://security-tracker.debian.org/tracker/CVE-2015-8356 score_v3: type: number format: float32 example: 7.3 vectors_v3: type: string example: "" published_timestamp: type: integer format: int64 example: 1516561260 last_modified_timestamp: type: integer format: int64 example: 1516561253 cpes: type: array items: type: string example: "" cves: type: array items: type: string example: "" feed_rating: type: string example: "" in_base_image: type: boolean example: true tags: type: array items: type: string example: "" RESTVulnerabilityAsset: type: object required: - name - severity - description - package_name - link - score - vectors - score_v3 - vectors_v3 - published_timestamp - last_modified_timestamp - workloads - nodes - images - platforms properties: name: type: string example: "" severity: type: string example: "" description: type: string example: "" packages: type: object description: map key is string type additionalProperties: type: array items: $ref: '#/definitions/RESTVulnPackageVersion' package_name: type: string example: "" link: type: string example: "" score: type: number format: float32 example: 7.2 vectors: type: string example: "" score_v3: type: number format: float32 example: 7.3 vectors_v3: type: string example: "" published_timestamp: type: integer format: int64 example: 1516561260 last_modified_timestamp: type: integer format: int64 example: 1516561253 workloads: type: array items: type: string example: "" nodes: type: array items: type: string example: "" images: type: array items: type: string example: "" platforms: type: array items: type: string example: "" RESTVulnerabilityProfile: type: object required: - name - entries properties: name: type: string example: default entries: type: array items: $ref: '#/definitions/RESTVulnerabilityProfileEntry' cfg_type: type: string enum: [user_created, ground] RESTVulnerabilityProfileConfig: type: object required: - name properties: name: type: string example: default entries: type: array items: $ref: '#/definitions/RESTVulnerabilityProfileEntry' RESTVulnerabilityProfileConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTVulnerabilityProfileConfig' RESTVulnerabilityProfileEntryConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTVulnerabilityProfileEntry' RESTVulnerabilityProfileData: type: object required: - profile properties: profile: $ref: '#/definitions/RESTVulnerabilityProfile' RESTVulnerabilityProfilesData: type: object required: - profiles properties: profiles: type: array items: $ref: '#/definitions/RESTVulnerabilityProfile' RESTVulnerabilityProfileEntry: type: object required: - id - name - comment - days - domains - images properties: id: type: integer format: uint32 example: 1003 name: type: string example: CVE-2020-29661 comment: type: string example: "Accepted by admin at Dec 09, 2021 12:00:02 from Vulnerabilities page" days: type: integer format: uint example: 0 domains: type: array items: type: string example: ["domain1", "domain2"] images: type: array items: type: string example: [] RESTVulnProfilesExport: type: object properties: names: type: array items: type: string example: ["default"] remote_export_options: $ref: '#/definitions/RESTRemoteExportOptions' RESTVulnPackageVersion: type: object required: - package_version - fixed_version properties: package_version: type: string example: "" fixed_version: type: string example: "" RESTWafConfig: type: object required: - name - action properties: name: type: string example: "" action: type: string example: "" comment: type: string example: "" RESTWafCriteriaEntry: type: object required: - key - value - op properties: key: type: string example: pattern value: type: string example: "[0-9]" op: type: string example: regex context: type: string example: packet RESTWafGroupConfig: type: object required: - name properties: name: type: string example: "" status: type: boolean example: false delete: type: array items: type: string example: "" sensors: type: array items: $ref: '#/definitions/RESTWafConfig' replace: type: array items: $ref: '#/definitions/RESTWafConfig' RESTWafGroupConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTWafGroupConfig' RESTWafGroup: type: object required: - name - status - sensors - cfg_type properties: name: type: string example: nv.kube-proxy.kube-system status: type: boolean example: true sensors: type: array items: $ref: '#/definitions/RESTWafSetting' cfg_type: type: string enum: [user_created, ground] RESTWafGroupData: type: object required: - waf_group properties: waf_group: $ref: '#/definitions/RESTWafGroup' RESTWafGroupsData: type: object required: - waf_groups properties: waf_groups: type: array items: $ref: '#/definitions/RESTWafGroup' RESTWafRule: type: object required: - name - id - patterns - cfg_type properties: name: type: string example: test id: type: integer format: uint32 example: 40003 patterns: type: array items: $ref: '#/definitions/RESTWafCriteriaEntry' cfg_type: type: string enum: [user_created, ground] RESTWafRuleData: type: object required: - rule properties: rule: $ref: '#/definitions/RESTWafRuleDetail' RESTWafRuleDetail: type: object required: - sensors - rules properties: sensors: type: array items: type: string example: test rules: type: array items: $ref: '#/definitions/RESTWafRule' RESTWafRulesData: type: object required: - rules properties: rules: type: array items: $ref: '#/definitions/RESTWafRule' RESTWafSensor: type: object required: - name - groups - rules - comment - predefine - cfg_type properties: name: type: string example: test4321546242574254672462572452615362453 groups: type: array items: type: string example: nv.kube-proxy.kube-system rules: type: array items: $ref: '#/definitions/RESTWafRule' comment: type: string example: "" predefine: type: boolean example: false cfg_type: type: string enum: [user_created, ground] RESTWafSensorConfig: type: object required: - name properties: name: type: string example: "" change: type: array items: $ref: '#/definitions/RESTWafRule' delete: type: array items: $ref: '#/definitions/RESTWafRule' rules: type: array items: $ref: '#/definitions/RESTWafRule' comment: type: string example: "" RESTWafSensorConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTWafSensorConfig' RESTWafSensorData: type: object required: - sensor properties: sensor: $ref: '#/definitions/RESTWafSensor' RESTWafSensorExport: type: object required: - names properties: names: type: array items: type: string example: test4321546242574254672462572452615362453 remote_export_options: $ref: '#/definitions/RESTRemoteExportOptions' RESTWafSensorsData: type: object required: - sensors properties: sensors: type: array items: $ref: '#/definitions/RESTWafSensor' RESTWafSetting: type: object required: - name - action - exist - cfg_type properties: name: type: string example: test action: type: string example: deny exist: type: boolean example: true comment: type: string example: "" cfg_type: type: string enum: [user_created, ground] RESTWebhook: type: object required: - name - url - enable - use_proxy - type - cfg_type properties: name: type: string example: slack-webhook url: type: string example: https://neuvector.slack.com/archives/C8AU75GKE enable: type: boolean example: true use_proxy: type: boolean example: false type: type: string enum: ["", Slack, JSON, Teams] cfg_type: type: string enum: [user_created, ground, federal] RESTWorkload: type: object required: - id - name - display_name - pod_name - image - image_id - platform_role - domain - state - service - author - service_group - cap_sniff - cap_quarantine - cap_change_mode - scan_summary - service_mesh - service_mesh_sidecar - privileged - run_as_root - host_name - host_id - enforcer_id - enforcer_name - network_mode - created_at - started_at - finished_at - running - secured_at - exit_code - interfaces - ports - labels - applications - memory_limit - cpus - children - service_account properties: id: type: string example: 7304e72fd093155c4cbcd65d07375329b2db82cc679 name: type: string example: k8s_POD.d86c_calico-node-mzhtk_kube-system_0050565a_365c13d display_name: type: string example: calico-node-mzhtk pod_name: type: string example: istio-policy-5cdbc47674-t67p4 image: type: string example: "istio/mixer:1.4.3" image_id: type: string example: 5b7b52f8e75898efe2b7b258322e623c280d856b9f5a527fbbdc25689adf6e95 platform_role: type: string example: core domain: type: string example: istio-system state: type: string example: exit service: type: string example: kafka.zookeeper author: type: string example: "" service_group: type: string example: nv.calico share_ns_with: type: string example: cc0709d522749203042e89dba28bf6924a4b0d360648 cap_sniff: type: boolean example: true cap_quarantine: type: boolean example: false cap_change_mode: type: boolean example: true policy_mode: type: string example: Discover scan_summary: $ref: '#/definitions/RESTScanBrief' quarantine_reason: type: string example: "" service_mesh: type: boolean example: false service_mesh_sidecar: type: boolean example: false privileged: type: boolean example: false run_as_root: type: boolean example: false host_name: type: string example: ubuntu1604-k8worker1-calico host_id: type: string example: GRSW:3RCY:YL6O:TIGT:666B:OW22:XYQF:YHGI:JB3L enforcer_id: type: string example: 002a4f71d9dbdb40db81c31484ac25564fe80574dfbe enforcer_name: type: string example: allinone network_mode: type: string example: host created_at: type: string format: date-time example: 2018-01-18T00:44:02Z started_at: type: string format: date-time example: 2018-01-18T00:44:02Z finished_at: type: string format: date-time example: 2018-01-18T01:20:02Z running: type: boolean example: false secured_at: type: string format: date-time example: 2018-01-18T01:20:02Z exit_code: type: integer example: 0 interfaces: type: object description: map key is string type like "eth0" additionalProperties: type: array items: $ref: '#/definitions/RESTIPAddr' ports: type: array items: $ref: '#/definitions/RESTWorkloadPorts' labels: type: object description: map key is string type additionalProperties: type: string example: io.kubernetes.pod.name: calico-node-mzhtk applications: type: array items: type: string example: TCP/9999 memory_limit: type: integer format: int64 example: 0 cpus: type: string example: "" service_account: type: string example: "" children: type: array items: $ref: '#/definitions/RESTWorkload' RESTWorkloadV2: type: object required: - brief - security - rt_attributes - children - enforcer_id - enforcer_name - platform_role - created_at - started_at - finished_at - running - secured_at - exit_code properties: brief: $ref: '#/definitions/RESTWorkloadBriefV2' security: $ref: '#/definitions/RESTWorkloadSecurityV2' rt_attributes: $ref: '#/definitions/RESTWorkloadRtAttribesV2' children: type: array items: $ref: '#/definitions/RESTWorkloadV2' enforcer_id: type: string example: 002a4f71d9dbdb40db81c31484ac25564fe80574dfbe enforcer_name: type: string example: allinone platform_role: type: string example: core created_at: type: string format: date-time example: 2018-01-18T00:44:02Z started_at: type: string format: date-time example: 2018-01-18T00:44:02Z finished_at: type: string format: date-time example: 2018-01-18T01:20:02Z running: type: boolean example: false secured_at: type: string format: date-time example: 2018-01-18T01:20:02Z exit_code: type: integer example: 0 RESTWorkloadsData: type: object required: - workloads properties: workloads: type: array items: $ref: '#/definitions/RESTWorkload' RESTWorkloadsDataV2: type: object required: - workloads properties: workloads: type: array items: $ref: '#/definitions/RESTWorkloadV2' RESTWorkloadRtAttribesV2: type: object required: - pod_name - privileged - run_as_root - labels - memory_limit - cpus - service_account - network_mode - interfaces - ports - applications properties: pod_name: type: string example: istio-policy-5cdbc47674-t67p4 share_ns_with: type: string example: cc0709d522749203042e89dba28bf6924a4b0d360648 privileged: type: boolean example: false run_as_root: type: boolean example: false labels: type: object description: map key is string type additionalProperties: type: string example: io.kubernetes.pod.name: calico-node-mzhtk memory_limit: type: integer format: int64 example: 0 cpus: type: string example: "" service_account: type: string example: "" network_mode: type: string example: host interfaces: type: object description: map key is string type like "eth0" additionalProperties: type: array items: $ref: '#/definitions/RESTIPAddr' ports: type: array items: $ref: '#/definitions/RESTWorkloadPorts' applications: type: array items: type: string example: TCP/9999 RESTWorkloadSecurityV2: type: object required: - cap_sniff - cap_quarantine - cap_change_mode - service_mesh - service_mesh_sidecar - policy_mode - profile_mode - baseline_profile - scan_summary properties: cap_sniff: type: boolean example: true cap_quarantine: type: boolean example: true cap_change_mode: type: boolean example: true service_mesh: type: boolean example: true service_mesh_sidecar: type: boolean example: true policy_mode: type: string example: Discover profile_mode: type: string example: Discover baseline_profile: type: string example: "" quarantine_reason: type: string example: violation scan_summary: $ref: '#/definitions/RESTScanBrief' RESTWorkloadBrief: type: object required: - id - name - display_name - pod_name - image - image_id - image_created_at - platform_role - domain - state - service - author - service_group - cap_sniff - cap_quarantine - cap_change_mode - policy_mode - profile_mode - scan_summary - children - service_mesh - service_mesh_sidecar - privileged - run_as_root - baseline_profile properties: id: type: string example: 7304e72fd093155c4cbcd65d07375329b2db82cc679 name: type: string example: k8s_POD.d86c_calico-node-mzhtk_kube-system_0050565a_365c13d display_name: type: string example: calico-node-mzhtk pod_name: type: string example: istio-policy-5cdbc47674-t67p4 image: type: string example: calico image_id: type: string example: d572b7ee3511b21a2b78b8915bc03c5786ad01949704c1418624224c4cae2c5f image_created_at: type: string format: date-time example: 2018-01-18T00:44:02Z image_reg_scanned: type: boolean example: false platform_role: type: string example: core domain: type: string example: "" state: type: string example: exit service: type: string example: kafkazookeeper author: type: string example: "" service_group: type: string example: nv.calico share_ns_with: type: string example: cc0709d522749203042e89dba28bf6924a4b0d360648 cap_sniff: type: boolean example: true cap_quarantine: type: boolean example: true cap_change_mode: type: boolean example: true policy_mode: type: string example: Discover profile_mode: type: string example: Discover scan_summary: $ref: '#/definitions/RESTScanBrief' children: type: array items: $ref: '#/definitions/RESTWorkloadBrief' quarantine_reason: type: string example: violation service_mesh: type: boolean example: true service_mesh_sidecar: type: boolean example: true privileged: type: boolean example: true run_as_root: type: boolean example: true baseline_profile: type: string example: "" RESTWorkloadBriefV2: type: object required: - id - name - display_name - host_name - host_id - image - image_id - image_created_at - domain - state - service - author - service_group properties: id: type: string example: 7304e72fd093155c4cbcd65d07375329b2db82cc679 name: type: string example: k8s_POD.d86c_calico-node-mzhtk_kube-system_0050565a_365c13d display_name: type: string example: calico-node-mzhtk host_name: type: string example: ubuntu1604-k8worker1-calico host_id: type: string example: GRSW:3RCY:YL6O:TIGT:666B:OW22:XYQF:YHGI:JB3L image: type: string example: calico image_id: type: string example: d572b7ee3511b21a2b78b8915bc03c5786ad01949704c1418624224c4cae2c5f image_created_at: type: string format: date-time example: 2018-01-18T00:44:02Z image_reg_scanned: type: boolean example: false domain: type: string example: "" state: type: string example: exit service: type: string example: kafkazookeeper author: type: string example: "" service_group: type: string example: nv.calico RESTWorkloadConfig: type: object required: - quarantine properties: wire: type: string example: default quarantine: type: boolean example: true quarantine_reason: type: string example: violation RESTWorkloadConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTWorkloadConfig' RESTWorkloadDetail: type: object required: - id - name - display_name - platform_role - domain - state - service - service_group - host_name - host_id - enforcer_id - image - network_mode - privileged - cap_quarantine - created_at - started_at - finished_at - running - secured_at - exit_code - interfaces - ports - labels - applications - memory_limit - cpus - groups - app_ports - children properties: id: type: string example: 7304e72fd093155c4cbcd65d07375329b2db82cc679 name: type: string example: k8s_POD.d86c_calico-node-mzhtk_kube-system_0050565a_365c13d display_name: type: string example: calico-node-mzhtk platform_role: type: string example: core domain: type: string example: "" state: type: string example: exit service: type: string example: kafka.zookeeper service_group: type: string example: nv.calico share_ns_with: type: string example: cc0709d522749203042e89dba28bf6924a4b0d360648 policy_mode: type: string example: Discover scan_summary: $ref: '#/definitions/RESTScanBrief' host_name: type: string example: ubuntu1604-k8worker1-calico host_id: type: string example: GRSW:3RCY:YL6O:TIGT:666B:OW22:XYQF:YHGI:JB3L enforcer_id: type: string example: 002a4f71d9dbdb40db81c31484ac25564fe80574dfbe image: type: string example: gcr.io/google_containers/pause-amd24:3.0 network_mode: type: string example: host privileged: type: boolean example: false cap_quarantine: type: boolean example: true created_at: type: string format: date-time example: 2018-01-18T00:44:02Z started_at: type: string format: date-time example: 2018-01-18T00:44:02Z finished_at: type: string format: date-time example: 2018-01-18T01:20:02Z running: type: boolean example: false secured_at: type: string format: date-time example: 2018-01-18T01:20:02Z exit_code: type: integer example: 0 interfaces: type: object description: map key is string type like "eth0" additionalProperties: type: array items: $ref: '#/definitions/RESTIPAddr' ports: type: array items: $ref: '#/definitions/RESTWorkloadPorts' labels: type: object description: map key is string type additionalProperties: type: string example: io.kubernetes.pod.name: calico-node-mzhtk applications: type: array items: type: string example: TCP/9999 memory_limit: type: integer format: int64 example: 0 cpus: type: string example: "" groups: type: array items: type: string example: ["nv.iperfclient-pod", "nv.pod"] app_ports: type: object description: map key is string type additionalProperties: type: string example: TCP: "9999" children: type: array items: $ref: '#/definitions/RESTWorkloadDetail' RESTWorkloadDetailV2: type: object required: - brief - security - rt_attributes - children - enforcer_id - enforcer_name - platform_role - created_at - started_at - finished_at - running - secured_at - exit_code - misc properties: brief: $ref: '#/definitions/RESTWorkloadBriefV2' security: $ref: '#/definitions/RESTWorkloadSecurityV2' rt_attributes: $ref: '#/definitions/RESTWorkloadRtAttribesV2' children: type: array items: $ref: '#/definitions/RESTWorkloadV2' enforcer_id: type: string example: 002a4f71d9dbdb40db81c31484ac25564fe80574dfbe enforcer_name: type: string example: allinone platform_role: type: string example: core created_at: type: string format: date-time example: 2018-01-18T00:44:02Z started_at: type: string format: date-time example: 2018-01-18T00:44:02Z finished_at: type: string format: date-time example: 2018-01-18T01:20:02Z running: type: boolean example: false secured_at: type: string format: date-time example: 2018-01-18T01:20:02Z exit_code: type: integer example: 0 misc: $ref: '#/definitions/RESTWorkloadDetailMiscV2' RESTWorkloadDetailData: type: object required: - workload properties: workload: $ref: '#/definitions/RESTWorkloadDetail' RESTWorkloadDetailDataV2: type: object required: - workload properties: workload: $ref: '#/definitions/RESTWorkloadDetailV2' RESTWorkloadDetailMiscV2: type: object required: - groups - app_ports - children properties: groups: type: array items: type: string example: ["nv.iperfclient-pod", "nv.pod"] app_ports: type: object description: map key is string type additionalProperties: type: string example: TCP: "9999" children: type: array items: $ref: '#/definitions/RESTWorkloadDetailV2' RESTWorkloadPorts: type: object required: - ip_proto - port - host_ip - host_port properties: ip_proto: type: integer format: uint8 example: 6 port: type: integer format: uint16 example: 51764 host_ip: type: string example: 10.1.5.1 host_port: type: integer format: uint16 example: 5000 RESTWorkloadRequest: type: object properties: command: type: string example: "uname -r" RESTWorkloadRequestData: type: object required: - request properties: request: $ref: '#/definitions/RESTWorkloadRequest' RESTWorkloadStatsData: type: object required: - id - read_at - stats properties: id: type: string example: 0fdf601ddc3ab541386aa8e36fe113593c read_at: type: string format: date-time example: 2018-01-21T06:25:15Z stats: $ref: '#/definitions/RESTStats' Threat: type: object required: - level - reported_timestamp - reported_at - cluster_name - host_id - host_name - enforcer_id - enforcer_name - id - threat_id - client_workload_id - client_workload_name - server_workload_id - server_workload_name - severity - action - count - ether_type - client_port - server_port - server_conn_port - icmp_code - icmp_type - ip_proto - client_ip - server_ip - application - sensor - group - target - monitor - message properties: name: type: string example: HTTP.Request.Slowloris level: type: string example: CRIT reported_timestamp: type: integer format: int64 example: 1505755712 reported_at: type: string example: "2017-09-18T17:28:32Z" cluster_name: type: string example: cluster1 response_rule_id: type: integer example: 10005 host_id: type: string example: ubuntu64:ZYA3:NPGZ:IU64:XJ3P:SUU3:QYEF:SLVT host_name: type: string example: ubuntu64 enforcer_id: type: string example: 2fdc03e027d6483633376609 enforcer_name: type: string example: allinone id: type: string example: 999-9c96-11e7-83c1-17580b threat_id: type: integer format: uint32 example: 2017 client_workload_id: type: string example: 7e31a2a4d4074ba459f8c22ee90 client_workload_name: type: string example: iperfclient client_workload_domain: type: string example: "" client_workload_image: type: string example: "" client_workload_service: type: string example: "" server_workload_id: type: string example: 2cbab37b43efe049e583924a73a764b096ce8f15ea server_workload_name: type: string example: iperfserver server_workload_domain: type: string example: "" server_workload_image: type: string example: "" server_workload_service: type: string example: "" severity: type: string example: critical action: type: string example: monitor count: type: integer format: uint32 example: 1 ether_type: type: integer format: uint16 example: 2048 client_port: type: integer format: uint16 example: 53825 server_port: type: integer format: uint16 example: 5000 server_conn_port: type: integer format: uint16 example: 5000 icmp_code: type: integer format: uint8 example: 0 icmp_type: type: integer format: uint8 example: 0 ip_proto: type: integer format: uint8 example: 6 client_ip: type: string example: 172.17.0.4 server_ip: type: string example: 172.17.0.3 application: type: string example: HTTP sensor: type: string example: "" group: type: string example: "" target: type: string example: "true" monitor: type: boolean example: true cap_len: type: integer format: uint16 example: 32043 packet: type: string example: base64string message: type: string example: Header duration=3s, threshold=3s Violation: type: object required: - level - reported_timestamp - reported_at - cluster_name - host_id - host_name - enforcer_id - enforcer_name - id - client_id - client_name - server_id - server_name - server_port - ip_proto - applications - servers - sessions - policy_action - policy_id - client_ip - server_ip - fqdn properties: name: type: string example: "" level: type: string example: WARNING reported_timestamp: type: integer format: int64 example: 1516160219 reported_at: type: string format: date-time example: 2018-01-17T03:36:59Z cluster_name: type: string example: cluster1 response_rule_id: type: integer example: 10008 host_id: type: string example: "2AU7:TIEN:O5KX:QK56:LFQP:IJSV:FXBN:QJV7" host_name: type: string example: ubuntu64 enforcer_id: type: string example: bced57295eefbd3f3bd0cf798b6184fa789 enforcer_name: type: string example: allinone id: type: string example: e6e19591-75a0-43e9-bebb-145d588e6718 client_id: type: string example: 25f773945fff1d8880b9eb67d26be22f5321d client_name: type: string example: iperfclient client_domain: type: string example: "" client_image: type: string example: "" client_service: type: string example: "" server_id: type: string example: 0350077d87164505597268494acbc8a25109e3 server_name: type: string example: iperfserver server_domain: type: string example: "" server_image: type: string example: "" server_service: type: string example: "" server_port: type: integer format: uint16 example: 5000 ip_proto: type: integer format: uint8 example: 6 applications: type: array items: type: string example: HTTP servers: type: array items: type: string example: ["server1", "server2"] sessions: type: integer format: uint32 example: 0 policy_action: type: string example: violate policy_id: type: integer format: uint32 example: 9999 client_ip: type: string example: 172.17.0.4 server_ip: type: string example: 172.17.0.3 fqdn: type: string example: www.suse.com RESTAdminCustomCriteriaOptions: type: object required: - ops - valuetype properties: ops: type: array items: type: string example: ["exist","notExist"] values: type: array items: type: string example: ["true", "false"] valuetype: type: string example: key RESTAdminCriteriaTemplate: type: object required: - kind - rawjson properties: kind: type: string example: podTemplate rawjson: type: string example: "{\"key\": \"value\"}" RESTX509CertInfo: type: object properties: x509_cert: type: string example: E7B0OS/N3KMVCL6KNMZ2+LOV90S7854NSD84P0BF issuer_cn: type: string example: dev-11563853 subject_cn: type: string example: dev-11563853 subject_notafter: type: integer format: uint64 example: 1988147822 RESTApikey: type: object required: - expiration_type - apikey_name - role properties: expiration_type: type: string example: never expiration_hours: type: integer format: uint32 example: 1 apikey_name: type: string example: token-cicd-scan apikey_secret: type: string example: 0u+tVOWNPRfpCK7p9qz description: type: string example: "cicd image scanning" role: type: string example: admin role_domains: type: object description: Object key is role and value is array of domains additionalProperties: type: array items: type: string example: ["domain1", "domain2"] expiration_timestamp: type: integer format: int64 example: 11515020888 created_timestamp: type: integer format: int64 example: 11515020888 created_by_entity: type: string example: admin RESTApikeyData: type: object required: - apikey properties: apikey: $ref: '#/definitions/RESTApikey' RESTApikeysData: type: object required: - apikeys - global_roles - domain_roles properties: apikeys: type: array items: $ref: '#/definitions/RESTApikey' global_roles: type: array items: type: string example: ["admin", "reader"] domain_roles: type: array items: type: string example: ["role1", "role2"] RESTApikeyCreationData: type: object required: - apikey properties: apikey: $ref: '#/definitions/RESTApikeyCreation' RESTApikeyCreation: type: object required: - expiration_type - apikey_name - role properties: expiration_type: type: string example: never expiration_hours: type: integer format: uint32 example: 1 apikey_name: type: string example: token-cicd-scan description: type: string example: cicd image scanning role: type: string example: admin role_domains: type: object description: Object key is role and value is array of domains additionalProperties: type: array items: type: string example: ["domain1", "domain2"] RESTApikeyGeneratedData: type: object required: - apikey properties: apikey: $ref: '#/definitions/RESTApikeyGenerated' RESTApikeyGenerated: type: object required: - apikey_name - apikey_secret properties: apikey_name: type: string example: token-cicd-scan apikey_secret: type: string example: 0u+tVOWNPRfpCK7p9qz REST_SigstoreRootOfTrustCollection: type: array items: $ref: '#/definitions/REST_SigstoreRootOfTrust_GET' REST_SigstoreRootOfTrust_GET: type: object properties: name: type: string example: example_name is_private: type: boolean example: true rootless_keypairs_only: type: boolean description: it overrides is_private attribute example: true rekor_public_key: type: string example: -----BEGIN PUBLIC KEY-----XXXXXXXXXX-----END PUBLIC KEY----- root_cert: type: string example: -----BEGIN CERTIFICATE-----XXXXXXXXXX-----END CERTIFICATE----- sct_public_key: type: string example: -----BEGIN PUBLIC KEY-----XXXXXXXXXX-----END PUBLIC KEY----- verifiers: type: array items: $ref: '#/definitions/REST_SigstoreVerifier' cfg_type: type: string enum: [user_created, ground, federal] comment: type: string example: example comment REST_SigstoreRootOfTrust_POST: type: object required: - name properties: name: type: string example: example_name is_private: type: boolean example: true rootless_keypairs_only: type: boolean description: it overrides is_private attribute example: true rekor_public_key: type: string example: -----BEGIN PUBLIC KEY-----XXXXXXXXXX-----END PUBLIC KEY----- root_cert: type: string example: -----BEGIN CERTIFICATE-----XXXXXXXXXX-----END CERTIFICATE----- sct_public_key: type: string example: -----BEGIN PUBLIC KEY-----XXXXXXXXXX-----END PUBLIC KEY----- comment: type: string example: example comment REST_SigstoreRootOfTrust_PATCH: type: object properties: rekor_public_key: type: string example: -----BEGIN PUBLIC KEY-----XXXXXXXXXX-----END PUBLIC KEY----- root_cert: type: string example: -----BEGIN CERTIFICATE-----XXXXXXXXXX-----END CERTIFICATE----- sct_public_key: type: string example: -----BEGIN PUBLIC KEY-----XXXXXXXXXX-----END PUBLIC KEY----- comment: type: string example: example comment REST_SigstoreVerifierCollection: type: array items: $ref: '#/definitions/REST_SigstoreVerifier' REST_SigstoreVerifier: type: object required: - name - verifier_type properties: name: type: string example: example name verifier_type: type: string enum: [keypair, keyless] public_key: type: string example: -----BEGIN PUBLIC KEY-----XXXXXXXXXX-----END PUBLIC KEY----- cert_issuer: type: string example: https://github.com/login/oauth cert_subject: type: string example: cert.subject@example.com comment: type: string example: example comment REST_SigstoreVerifier_PATCH: type: object properties: verifier_type: type: string enum: [keypair, keyless] public_key: type: string example: -----BEGIN PUBLIC KEY-----XXXXXXXXXX-----END PUBLIC KEY----- cert_issuer: type: string example: https://github.com/login/oauth cert_subject: type: string example: cert.subject@example.com comment: type: string example: example comment RESTRemoteRepo_GitHubConfig: type: object required: - repository_owner_username - repository_name - repository_branch_name - personal_access_token - personal_access_token_committer_name - personal_access_token_committer_email properties: repository_owner_username: type: string example: myuser repository_name: type: string example: myrepo repository_branch_name: type: string example: main personal_access_token: type: string example: ghp_Agk4DedP5SOHGo8WxSuXCmCcldLyBP0I7CN6 personal_access_token_committer_name: type: string example: myuser personal_access_token_committer_email: type: string example: myuser@example.com RESTRemoteRepository: type: object required: - nickname - provider - github_configuration properties: nickname: type: string example: default provider: type: string description: currently only github is supported example: github comment: type: string enable: type: boolean example: true github_configuration: $ref: '#/definitions/RESTRemoteRepo_GitHubConfig' RESTRemoteRepository_GitHubConfigConfig: type: object properties: repository_owner_username: type: string example: myuser repository_name: type: string example: myrepo repository_branch_name: type: string example: main personal_access_token: type: string example: ghp_Agk4DedP5SOHGo8WxSuXCmCcldLyBP0I7CN6 personal_access_token_committer_name: type: string example: myuser personal_access_token_committer_email: type: string example: myuser@example.com RESTRemoteRepositoryConfig: type: object required: - nickname properties: nickname: type: string example: default comment: type: string enable: type: boolean example: true github_configuration: $ref: '#/definitions/RESTRemoteRepository_GitHubConfigConfig' RESTRemoteRepositoryConfigData: type: object required: - config properties: config: $ref: '#/definitions/RESTRemoteRepositoryConfig' RESTRemoteExportOptions: type: object required: - file_path - remote_repository_nickname properties: file_path: type: string example: my_exports/example.yaml comment: type: string description: commit message example: commit for poc remote_repository_nickname: type: string example: default