Skip to content

Commit 9eef012

Browse files
author
cibot
committed
Definitions Update remediations
1 parent 669c4a9 commit 9eef012

File tree

4 files changed

+271
-9
lines changed

4 files changed

+271
-9
lines changed

alsdkdefs/apis/remediations/assets_query.v1.yaml

Lines changed: 66 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1086,6 +1086,7 @@ paths:
10861086
- $ref: 'parameters.yaml#/ParamIncludeExposuresQRI'
10871087
- $ref: 'parameters.yaml#/ParamIncludeFilters'
10881088
- $ref: 'parameters.yaml#/ParamQueryRemediationItemsDetails'
1089+
- $ref: 'parameters.yaml#/ParamQueryRemediationItemsGroupByAuditId'
10891090
responses:
10901091
"200":
10911092
description: OK
@@ -1104,6 +1105,8 @@ paths:
11041105
$ref: 'examples.yaml#/QueryRemediationItemsMultipleDeploymentsDetailsExample'
11051106
Default Response (single deployment, detailed_filters=true):
11061107
$ref: 'examples.yaml#/QueryRemediationItemsSingleDeploymentsDetailedFiltersExample'
1108+
Default Response (multiple deployments, group_by_audit_id=true):
1109+
$ref: 'examples.yaml#/QueryRemediationItemsMultipleDeploymentsGroupByAuditIdExample'
11071110
"401":
11081111
$ref: 'responses.yaml#/Unauthorized'
11091112
"403":
@@ -1502,10 +1505,14 @@ paths:
15021505
examples:
15031506
Dispose a single remediation:
15041507
$ref: 'examples.yaml#/DisposeSingleRemediationExample'
1508+
Dispose a single remediation for 2 hosts with a filters set:
1509+
$ref: 'examples.yaml#/DisposeSingleRemediationFiltersSetExample'
15051510
Dispose a single vulnerability:
15061511
$ref: 'examples.yaml#/DisposeSingleVulnerabilityExample'
15071512
Conclude a single remediation:
15081513
$ref: 'examples.yaml#/ConcludeSingleRemediationExample'
1514+
Conclude a single remediation for 2 hosts with a filters set:
1515+
$ref: 'examples.yaml#/ConcludeSingleRemediationFiltersSetExample'
15091516
Conclude a single vulnerability:
15101517
$ref: 'examples.yaml#/ConcludeSingleVulnerabilityExample'
15111518
"400":
@@ -1560,6 +1567,28 @@ paths:
15601567
]
15611568
}
15621569
EOF
1570+
- lang: Shell
1571+
label: Dispose a single remediation for 2 hosts with a filters set (all deployments)
1572+
source: |-
1573+
curl "https://api.cloudinsight.alertlogic.com/assets_query/v2/12345678/remediations" \
1574+
-X PUT -H "x-aims-auth-token: $TOKEN" -H "accept: application/json" -d@- << EOF
1575+
{
1576+
"operation": "dispose_remediations",
1577+
"comment": "Vulnerable database contains automated test data, not customer records.",
1578+
"filters": [
1579+
[
1580+
"host:host:/aws/us-west-2/host/i-1e272a96c803bf6e1"
1581+
],
1582+
[
1583+
"host:host:/aws/us-west-2/host/i-03bf219df1d75f14a"
1584+
]
1585+
],
1586+
"reason": "acceptable_risk",
1587+
"remediation_ids": [
1588+
"45af6dc636774a4d822b9eff57b99ae8"
1589+
]
1590+
}
1591+
EOF
15631592
- lang: Shell
15641593
label: Dispose a single vulnerability (all deployments)
15651594
source: |-
@@ -1614,6 +1643,29 @@ paths:
16141643
]
16151644
}
16161645
EOF
1646+
- lang: Shell
1647+
label: Conclude a single remediation for 2 hosts with a filters set (all deployments)
1648+
source: |-
1649+
curl "https://api.cloudinsight.alertlogic.com/assets_query/v2/12345678/remediations" \
1650+
-X PUT -H "x-aims-auth-token: $TOKEN" -H "accept: application/json" -d@- << EOF
1651+
{
1652+
"operation": "conclude_remediations",
1653+
"deployment_ids": [
1654+
"AF044FD4-5A6E-4EAE-B7A1-0B304034CC34"
1655+
],
1656+
"filters": [
1657+
[
1658+
"host:host:/aws/us-west-2/host/i-1e272a96c803bf6e1"
1659+
],
1660+
[
1661+
"host:host:/aws/us-west-2/host/i-03bf219df1d75f14a"
1662+
]
1663+
],
1664+
"remediation_ids": [
1665+
"45af6dc636774a4d822b9eff57b99ae8"
1666+
]
1667+
}
1668+
EOF
16171669
- lang: Shell
16181670
label: Conclude a single vulnerability (all deployments)
16191671
source: |-
@@ -1644,9 +1696,18 @@ paths:
16441696
(that is, their `concluded` and `disposed` properties will be set to `false`).
16451697
*Note* that if `deployment_ids` query parameter is not set, the remediation item(s) will be removed
16461698
from all deployments where they exist.
1699+
1700+
Note that exactly one of `remediation_item_ids` or `audit_ids` may be provided. If `audit_ids` is passed,
1701+
all `remediation-item`s with any of the given `audit_id`s will be undisposed/unconcluded. Additionally, if
1702+
`audit_ids` is passed, either `remediation_ids` or `vulnerability_ids` may be passed. If one of those is also
1703+
given, `remediation-item`s with one of the given `audit_id`s and one of the given `remediation_id`s or
1704+
`vulnerability_id`s will be undisposed/unconcluded.
16471705
parameters:
1706+
- $ref: 'parameters.yaml#/ParamAuditIds'
16481707
- $ref: 'parameters.yaml#/ParamDeploymentIds'
1708+
- $ref: 'parameters.yaml#/ParamRemediationIds'
16491709
- $ref: 'parameters.yaml#/ParamRemediationItemIds'
1710+
- $ref: 'parameters.yaml#/ParamVulnerabilityIds'
16501711
x-codeSamples:
16511712
- lang: Shell
16521713
label: Undispose a single remediation-item
@@ -1658,6 +1719,11 @@ paths:
16581719
source: |-
16591720
curl "https://api.cloudinsight.alertlogic.com/assets_query/v2/12345678/remediations?remediation_item_ids=0536575B914C32C8A5D28415D02E4545&deployment_ids=AF044FD4-5A6E-4EAE-B7A1-0B304034CC34,FCCA4E48-598A-4946-B2A7-64DBF9E4CCAC" \
16601721
-X PUT -H "x-aims-auth-token: $TOKEN" -H "accept: application/json"
1722+
- lang: Shell
1723+
label: Undispose a remediation-item by audit_id/vulnerability_id
1724+
source: |-
1725+
curl "https://api.cloudinsight.alertlogic.com/assets_query/v2/12345678/remediations?audit_ids=37CA08E6-9CC7-4575-BA9B-B6F961976E8D&vulnerability_ids=b9890b5c62d542c4830b43b53dabcc15" \
1726+
-X DELETE -H "x-aims-auth-token: $TOKEN" -H "accept: application/json"
16611727
responses:
16621728
"204":
16631729
description: No Content

0 commit comments

Comments
 (0)