Merge pull request #826 from zdaniel86/auto-update-1643643414

Definitions Update assets_manager

Author: ptrakhtman

alsdkdefs/apis/assets_manager/assets_manager.v1.yaml

@@ -0,0 +1,156 @@
+openapi: 3.0.1
+info:
+  title: Assets Manager API
+  contact:
+    email: [email protected]
+    name: Alert Logic Support
+    url: https://support.alertlogic.com
+  x-alertlogic-iws-service:
+    type: public
+  description: |-
+    The assets management service. The service provides additional validation
+    layer in front of assets to ensure the user supplied configuration is consistent.
+    The service also provides different utility functions.
+  version: 1.0.0
+servers:
+  - url: https://api.cloudinsight.alertlogic.com
+    x-alertlogic-session-endpoint: true
+    description: production (US)
+  - url: https://api.cloudinsight.alertlogic.co.uk
+    description: production (UK)
+    x-alertlogic-session-endpoint: true
+  - url: https://api.product.dev.alertlogic.com
+    description: integration
+components:
+  securitySchemes:
+    x-aims-auth-token:
+      name: x-aims-auth-token
+      type: apiKey
+      in: header
+      description: AIMS Authentication Token
+paths:
+  /assets_manager/v1/{account_id}/deployments/{deployment_id}/scope/export:
+    post:
+      operationId: export_scope
+      tags:
+        - Protection Scope Management
+      summary: Export protection scope
+      description: |-
+        Endpoint for exporting the protection scope of a deployment along with
+        asset metadata. By default the endpoints returns data in `CSV` format
+        if no `Accept` header specified.
+        cURL example:
+      parameters:
+        - $ref: 'parameters.yaml#/UrlParamAccountId'
+        - $ref: 'parameters.yaml#/UrlParamDeploymentId'
+      security:
+        - x-aims-auth-token: []
+      x-codeSamples:
+        - lang: Shell
+          label: alcli
+          source: |
+            alcli assets_manager export_scope \
+            --account_id 134235158 \
+            --deployment_id 843BD5F3-583D-48D7-B929-616B100D6B7B \
+            > scope.csv
+        - lang: cURL
+          label: cURL
+          source: |
+            curl -X POST \
+            https://api.product.dev.alertlogic.com/assets_manager/v1/134235158/deployments/843BD5F3-583D-48D7-B929-616B100D6B7B/scope/export \
+            > scope.csv
+      responses:
+        '200':
+          description: OK
+          content:
+            text/csv:
+              schema:
+                $ref: 'schemas.yaml#/AssetsProtection'
+              examples:
+                CSV:
+                  $ref: 'examples.yaml#/ScopeCSV'
+            application/json:
+              schema:
+                $ref: 'schemas.yaml#/AssetsProtection'
+              examples:
+                JSON:
+                  $ref: 'examples.yaml#/ScopeJSON'
+        '401':
+          $ref: 'responses.yaml#/Unauthorized'
+        '403':
+          $ref: 'responses.yaml#/Forbidden'
+        '404':
+          $ref: 'responses.yaml#/DeploymentNotFound'
+  /assets_manager/v1/{account_id}/deployments/{deployment_id}/scope/import:
+    post:
+      operationId: import_scope
+      tags:
+        - Protection Scope Management
+      requestBody:
+        description: |-
+          By default If no `Content-Type` header specified the `CSV` format assumed.
+          The data format is the same as returned by the export endpoint.
+          The required fields are: `type`, `key` and `protection_level`.
+          All other fields are ignored. Any invalid items are ignored.
+          The protection scope policy id to `protection_level` mapping:
+          * `D12D5E67-166C-474F-87AA-6F86FC9FB9BC` - professional
+          * `A8E8B104-8F45-411D-A240-A30EA5FE25B0` - essentials
+          * `EC735B49-2517-4D98-BB9D-BEBC1E75D56D` - enterprise
+          * `A562D3E4-ECBE-426E-B2CF-78D2336E5D63` - lm_essentials
+          * `7E184449-FB15-4693-807F-C01A1ECD7E66` - lmpro
+          * `D2A589A9-EA56-456C-844E-65843B483D68` - tmpro
+        required: true
+        content:
+          text/csv:
+            examples:
+              CSV:
+                $ref: 'examples.yaml#/ScopeCSV'
+            schema:
+              $ref: 'schemas.yaml#/AssetsProtection'
+          application/json:
+            examples:
+              JSON:
+                $ref: 'examples.yaml#/ScopeJSON'
+            schema:
+              $ref: 'schemas.yaml#/AssetsProtection'
+      summary: Import protection scope
+      description: |-
+        Endpoint for importing the protection scope of a deployment.
+      parameters:
+        - $ref: 'parameters.yaml#/UrlParamAccountId'
+        - $ref: 'parameters.yaml#/UrlParamDeploymentId'
+        - $ref: 'parameters.yaml#/WriteOption'
+      security:
+        - x-aims-auth-token: []
+      x-codeSamples:
+        - lang: Shell
+          label: alcli
+          source: |
+            alcli assets_manager import_scope \
+            --account_id 134235158 \
+            --deployment_id 843BD5F3-583D-48D7-B929-616B100D6B7B \
+            --content_type=text/csv \
+            --write true \
+            --data file://scope.csv
+        - lang: cURL
+          label: cURL
+          source: |
+            curl -X POST \
+            https://api.product.dev.alertlogic.com/assets_manager/v1/134235158/deployments/843BD5F3-583D-48D7-B929-616B100D6B7B/scope/import?write=true \
+            --data-binary @scope.csv
+      responses:
+        '200':
+          description: OK
+          content:
+            application/json:
+              examples:
+                JSON:
+                  $ref: 'examples.yaml#/ImportSummary'
+              schema:
+                $ref: 'schemas.yaml#/ImportSummary'
+        '401':
+          $ref: 'responses.yaml#/Unauthorized'
+        '403':
+          $ref: 'responses.yaml#/Forbidden'
+        '404':
+          $ref: 'responses.yaml#/DeploymentNotFound'

alsdkdefs/apis/assets_manager/examples.yaml

@@ -0,0 +1,48 @@
+ScopeJSON:
+  value:
+    - deployment_id: 843BD5F3-583D-48D7-B929-616B100D6B7B
+      vpc: vpc-43f82c3a
+      type: subnet
+      region: us-west-2
+      protection_level: inherited
+      name: subnet-974c78df
+      key: /aws/us-west-2/subnet/subnet-974c78df
+      account_id: 12345678
+      cidr_block: 172.31.32.0/20
+
+ScopeCSV:
+  value: |
+    type,key,name,protection_level,cidr_block,region,network,subnet,cidr_ranges
+    vpc,/aws/us-west-2/vpc/vpc-43f82c3a,vpc-43f82c3a,inherited,172.31.0.0/16,us-west-2,,,"[""172.31.0.0/16""]"
+    subnet,/aws/us-west-2/subnet/subnet-094f8853,subnet-094f8853,inherited,172.31.0.0/20,us-west-2,,,
+    subnet,/aws/us-west-2/subnet/subnet-78f2e71e,subnet-78f2e71e,inherited,172.31.16.0/20,us-west-2,,,
+    subnet,/aws/us-west-2/subnet/subnet-94ccb0bc,subnet-94ccb0bc,inherited,172.31.48.0/20,us-west-2,,,
+    subnet,/aws/us-west-2/subnet/subnet-974c78df,subnet-974c78df,inherited,172.31.32.0/20,us-west-2,,,
+
+ImportSummary:
+  value:
+    new_scope:
+      include:
+        - type: vpc
+          policy:
+            id: D12D5E67-166C-474F-87AA-6F86FC9FB9BC
+          key: "/aws/ca-central-1/vpc/vpc-e0a0a689"
+      exclude:
+        - type: host
+          key: "/aws/ca-central-1/host/i-031b312d8b6472247"
+    included:
+      - type: vpc
+        policy:
+          id: D12D5E67-166C-474F-87AA-6F86FC9FB9BC
+        key: "/aws/ca-central-1/vpc/vpc-e0a0a689"
+    excluded:
+      - type: region
+        policy:
+          id: D12D5E67-166C-474F-87AA-6F86FC9FB9BC
+        key: "/aws/us-east-1"
+      - type: host
+        policy:
+          id: D12D5E67-166C-474F-87AA-6F86FC9FB9BC
+        key: "/aws/eu-west-2/host/i-0e36e01a0efd53cbf"
+      - type: host
+        key: "/aws/ca-central-1/host/i-031b312d8b6472247"

alsdkdefs/apis/assets_manager/parameters.yaml

@@ -0,0 +1,28 @@
+WriteOption:
+  schema:
+    type: boolean
+    default: false
+  description: |-
+    The option is used to perform write operation if specified as `true`.
+    Otherwise the endpoint works in dry-run mode.
+    If no option specified the `false` is assumed.
+  name: write
+  in: query
+  required: false
+UrlParamAccountId:
+  schema:
+    type: string
+  name: account_id
+  in: path
+  required: true
+  description: |-
+    The AIMS account ID whose assets are being accessed. Only valid account IDs are acceptable.
+    Invalid account IDs result in an `HTTP 404 Not Found` or `HTTP 403 Forbidden`, depending on
+    the client's access level.
+UrlParamDeploymentId:
+  schema:
+    type: string
+  name: deployment_id
+  in: path
+  required: true
+  description: The ID of the deployment source as represented in the deployments service (uppercase UUID).

alsdkdefs/apis/assets_manager/responses.yaml

@@ -0,0 +1,6 @@
+DeploymentNotFound:
+  description: '`deployment not found`'
+Unauthorized:
+  description: '`Unauthorized`. The provided `x-aims-auth-token` header could not be authenticated.'
+Forbidden:
+  description: '`Forbidden`. Insufficient permissions.'

alsdkdefs/apis/assets_manager/schemas.yaml

@@ -0,0 +1,100 @@
+ImportSummary:
+  description: 'Import result summary'
+  type: object
+  properties:
+    included:
+      description: Scope items protected by the request
+      type: array
+      items:
+        $ref: '#/ScopeItem'
+    excluded:
+      description: Scope items unprotected by the request
+      type: array
+      items:
+        $ref: '#/ScopeItem'
+    new_scope:
+      description: The new requested protection scope
+      type: array
+      items:
+        $ref: '#/ScopeItem'
+
+AssetsProtection:
+  description: 'The list of assets with protection level'
+  type: array
+  items:
+    $ref: '#/AssetProtection'
+
+AssetProtection:
+  type: object
+  properties:
+    type:
+      $ref: '#/AssetType'
+    key:
+      $ref: '#/AssetKey'
+    protection_level:
+      $ref: '#/ProtectionLevel'
+    name:
+      $ref: '#/AssetName'
+    cidr_block:
+      $ref: '#/CidrBlock'
+    region:
+      description: The region asset name containing the asset. Informational only.
+      type: string
+    network:
+      description: The vpc/network asset name containing the asset. Informational only.
+      type: string
+    cidr_ranges: 
+      description: The network list of CIDRs
+      type: array
+      items:
+        $ref: '#/CidrBlock'
+  required:
+    - type
+    - key
+    - protection_level
+
+CidrBlock:
+  type: string
+  description: The subnet cidr_block
+
+ProtectionLevel:
+  type: string
+  enum:
+    - professional
+    - essentials
+    - enterprise
+    - lm_essentials
+    - lmpro
+    - tmpro
+    - excluded
+    - inherited
+
+ScopeItem:
+  type: object
+  properties:
+    type:
+      $ref: '#/AssetType'
+    key:
+      $ref: '#/AssetKey'
+    policy:
+      description: Protection level policy
+      type: object
+      properties:
+        id:
+          type: string
+          enum:
+            - D12D5E67-166C-474F-87AA-6F86FC9FB9BC
+            - A8E8B104-8F45-411D-A240-A30EA5FE25B0
+            - EC735B49-2517-4D98-BB9D-BEBC1E75D56D
+            - A562D3E4-ECBE-426E-B2CF-78D2336E5D63
+            - 7E184449-FB15-4693-807F-C01A1ECD7E66
+            - D2A589A9-EA56-456C-844E-65843B483D68
+AssetKey:
+  type: string
+  description: Asset key
+AssetType:
+  type: string
+  description: Asset type
+AssetName:
+  type: string
+  description: Asset Name