This API path is to retrieve the list of assets deployed by CloudInsight in my active environments.
", + "examples": [ + { + "title": "Get list of assets deployed in an account:", + "content": "curl -v -X GET https://api.cloudinsight.alertlogic.com/launcher/v1/00000000/resources", + "type": "json" + } + ], + "success": { + "examples": [ + { + "title": "200 Success:", + "content": "{\n \"environments\": [\n {\n \"environment_id\": \"1086B0A8-A0D6-4CCC-B8C3-78AA82826606\",\n \"account_id\": \"00000000\",\n \"vpcs\": [\n {\n \"vpc_key\": \"/aws/us-east-1/vpc/vpc-103f4e74\" ,\n \"region\": \"us-east-1\",\n \"route_table\": {\n \"resource_id\":\"rtb-12e8d276\",\n \"resource_key\":\"/aws/us-east-1/route/rtb-12e8d276\"\n },\n \"launch_configuration\": {\n \"resource_key\":\"/aws/us-east-1/launch-config/Alert Logic Security Launch Configuration_00000000_1086B0A8-A0D6-4CCC-B8C3-78AA82826606_vpc-103f4e74\",\n \"resource_id\":\"Alert Logic Security Launch Configuration_67002091_1086B0A8-A0D6-4CCC-B8C3-78AA82826606_vpc-103f4e74\"\n },\n \"security_group\": {\n \"resource_key\":\"/aws/us-east-1/sg/sg-a73c75de\",\n \"resource_id\":\"sg-a73c75de\"\n },\n \"subnet\": {\n \"resource_key\":\"/aws/us-east-1/subnet/subnet-1d9b6437\",\n \"resource_id\":\"subnet-1d9b6437\"\n },\n \"auto_scaling_group\": {\n \"resource_key\":\"/aws/us-east-1/auto-scaling-group/Alert Logic Security Auto Scaling Group_00000000_1086B0A8-A0D6-4CCC-B8C3-78AA82826606_vpc-103f4e74\",\n \"resource_id\":\"Alert Logic Security Auto Scaling Group_67002091_1086B0A8-A0D6-4CCC-B8C3-78AA82826606_vpc-103f4e74\"\n }\n },\n {\n \"vpc_key\": \"/aws/us-east-1/vpc/vpc-11074375\",\n \"region\": \"us-west-1\",\n \"route_table\": {\n \"resource_id\":\"rtb-282e2f4c\",\n \"resource_key\":\"/aws/us-east-1/route/rtb-282e2f4c\"\n },\n \"launch_configuration\": {\n \"resource_key\":\"/aws/us-east-1/launch-config/Alert Logic Security Launch Configuration_00000000_1086B0A8-A0D6-4CCC-B8C3-78AA82826606_vpc-11074375\",\n \"resource_id\":\"Alert Logic Security Launch Configuration_00000000_1086B0A8-A0D6-4CCC-B8C3-78AA82826606_vpc-11074375\"\n },\n \"security_group\": {\n \"resource_key\":\"/aws/us-east-1/sg/sg-094d6870\",\n \"resource_id\":\"sg-094d6870\"\n },\n \"subnet\": {\n \"resource_key\":\"/aws/us-east-1/subnet/subnet-de3ff386\",\n \"resource_id\":\"subnet-de3ff386\"\n },\n \"auto_scaling_group\": {\n \"resource_key\":\"/aws/us-east-1/auto-scaling-group/Alert Logic Security Auto Scaling Group_00000000_1086B0A8-A0D6-4CCC-B8C3-78AA82826606_vpc-11074375\",\n \"resource_id\":\"Alert Logic Security Auto Scaling Group_00000000_1086B0A8-A0D6-4CCC-B8C3-78AA82826606_vpc-11074375\"\n }\n }\n ]\n },\n {\n \"environment_id\": \"6135DF79-AE64-4616-9151-6E80DEC93086\",\n \"account_id\": \"00000000\",\n \"vpcs\": [\n {\n \"vpc_key\": \"/aws/ap-northeast-1/vpc/vpc-2f9d1f4a\",\n \"region\": \"ap-northeast-1\",\n \"route_table\": {\n \"resource_id\":\"rtb-618bd604\",\n \"resource_key\":\"/aws/ap-northeast-1/route/rtb-618bd604\"\n }\n }\n ]\n }\n ]\n}", + "type": "String" + } + ] + }, + "error": { + "fields": { + "401 Unauthorized": [ + { + "group": "401", + "optional": false, + "field": "notAuthorizedError", + "description": "AuthenticationToken passed could not be authenticated.
Insufficient permissions.
" + } + ] + }, + "examples": [ + { + "title": "Error-Response:", + "content": "HTTP/1.1 401 Unauthorized", + "type": "json" + }, + { + "title": "Error-Response:", + "content": "HTTP/1.1 403 Forbidden", + "type": "json" + } + ] + }, + "groupTitle": "Launcher_Operations", + "header": { + "fields": { + "Header": [ + { + "group": "Header", + "type": "String", + "optional": false, + "field": "x-aims-auth-token", + "description": "AuthenticationToken returned by AIMS service.
This API path is to retrieve the list of assets deployed by CloudInsight in an environment.
", + "examples": [ + { + "title": "Get list of assets deployed in an environment.", + "content": "curl -v -X GET https://api.cloudinsight.alertlogic.com/launcher/v1/00000000/1086B0A8-A0D6-4CCC-B8C3-78AA82826606/resources", + "type": "json" + } + ], + "success": { + "examples": [ + { + "title": "200 Success:", + "content": "{\n \"environment_id\": \"1086B0A8-A0D6-4CCC-B8C3-78AA82826606\",\n \"account_id\": \"00000000\",\n \"vpcs\": [\n {\n \"vpc_key\": \"/aws/us-east-1/vpc/vpc-103f4e74\" ,\n \"region\": \"us-east-1\",\n \"route_table\": {\n \"resource_id\":\"rtb-12e8d276\",\n \"resource_key\":\"/aws/us-east-1/route/rtb-12e8d276\"\n },\n \"launch_configuration\": {\n \"resource_key\":\"/aws/us-east-1/launch-config/Alert Logic Security Launch Configuration_00000000_1086B0A8-A0D6-4CCC-B8C3-78AA82826606_vpc-103f4e74\",\n \"resource_id\":\"Alert Logic Security Launch Configuration_00000000_1086B0A8-A0D6-4CCC-B8C3-78AA82826606_vpc-103f4e74\"\n },\n \"security_group\": {\n \"resource_key\":\"/aws/us-east-1/sg/sg-a73c75de\",\n \"resource_id\":\"sg-a73c75de\"\n },\n \"subnet\": {\n \"resource_key\":\"/aws/us-east-1/subnet/subnet-1d9b6437\",\n \"resource_id\":\"subnet-1d9b6437\"\n },\n \"auto_scaling_group\": {\n \"resource_key\":\"/aws/us-east-1/auto-scaling-group/Alert Logic Security Auto Scaling Group_00000000_1086B0A8-A0D6-4CCC-B8C3-78AA82826606_vpc-103f4e74\",\n \"resource_id\":\"Alert Logic Security Auto Scaling Group_00000000_1086B0A8-A0D6-4CCC-B8C3-78AA82826606_vpc-103f4e74\"\n }\n },\n {\n \"vpc_key\": \"/aws/us-east-1/vpc/vpc-11074375\",\n \"region\": \"us-west-1\",\n \"route_table\": {\n \"resource_id\":\"rtb-282e2f4c\",\n \"resource_key\":\"/aws/us-east-1/route/rtb-282e2f4c\"\n },\n \"launch_configuration\": {\n \"resource_key\":\"/aws/us-east-1/launch-config/Alert Logic Security Launch Configuration_00000000_1086B0A8-A0D6-4CCC-B8C3-78AA82826606_vpc-11074375\",\n \"resource_id\":\"Alert Logic Security Launch Configuration_00000000_1086B0A8-A0D6-4CCC-B8C3-78AA82826606_vpc-11074375\"\n },\n \"security_group\": {\n \"resource_key\":\"/aws/us-east-1/sg/sg-094d6870\",\n \"resource_id\":\"sg-094d6870\"\n },\n \"subnet\": {\n \"resource_key\":\"/aws/us-east-1/subnet/subnet-de3ff386\",\n \"resource_id\":\"subnet-de3ff386\"\n },\n \"auto_scaling_group\": {\n \"resource_key\":\"/aws/us-east-1/auto-scaling-group/Alert Logic Security Auto Scaling Group_00000000_1086B0A8-A0D6-4CCC-B8C3-78AA82826606_vpc-11074375\",\n \"resource_id\":\"Alert Logic Security Auto Scaling Group_00000000_1086B0A8-A0D6-4CCC-B8C3-78AA82826606_vpc-11074375\"\n }\n }\n ]\n}", + "type": "String" + } + ] + }, + "error": { + "fields": { + "401 Unauthorized": [ + { + "group": "401", + "optional": false, + "field": "notAuthorizedError", + "description": "AuthenticationToken passed could not be authenticated.
Insufficient permissions.
" + } + ] + }, + "examples": [ + { + "title": "Error-Response:", + "content": "HTTP/1.1 401 Unauthorized", + "type": "json" + }, + { + "title": "Error-Response:", + "content": "HTTP/1.1 403 Forbidden", + "type": "json" + } + ] + }, + "groupTitle": "Launcher_Operations", + "header": { + "fields": { + "Header": [ + { + "group": "Header", + "type": "String", + "optional": false, + "field": "x-aims-auth-token", + "description": "AuthenticationToken returned by AIMS service.
Customer's account id.
" + }, + { + "group": "Parameter", + "type": "String", + "optional": false, + "field": "environment_id", + "description": "Customer's environment id to request deployment status for.
" + } + ] + } + }, + "success": { + "fields": { + "Success 200": [ + { + "group": "Success 200", + "type": "List", + "optional": false, + "field": "messages", + "description": "List of protected environments.
" + } + ] + }, + "examples": [ + { + "title": "200 Success:", + "content": "{\n\"type\": \"aws\",\n\"scope\": [\n{\n\"type\": \"vpc\",\n\"protection_state\": \"completed\",\n\"key\": \"/aws/us-west-1/vpc/vpc-31a74354\",\n\"deployment_set\": {\n\"share_image\": {\n\"status\": \"completed\",\n\"description\": \"Share Alert Logic's security appliance ami\"\n},\n\"security_subnet_setup\": {\n\"status\": \"completed\",\n\"description\": \"Create Alert Logic's security subnet\"\n},\n\"security_group_setup\": {\n\"status\": \"completed\",\n\"description\": \"Create AlertLogic security group\"\n},\n\"security_appliance_deployment\": {\n\"status\": \"completed\",\n\"description\": \"Deploy Alert Logic's security appliance\"\n},\n\"route_table_setup\": {\n\"status\": \"completed\",\n\"description\": \"Create routing table for Alert Logic's security subnet\"\n},\n\"network_visibility_setup\": {\n\"status\": \"completed\",\n\"description\": \"Ensure network visibility for Alert Logic's security subnet\"\n},\n\"get_cidr_range\": {\n\"status\": \"completed\",\n\"description\": \"Getting available CIDR range for Alert Logic's security subnet.\"\n}\n}\n},\n{\n\"type\": \"region\",\n\"scope\": [],\n\"protection_state\": \"completed\",\n\"key\": \"/aws/sa-east-1\"\n},\n{\n\"type\": \"region\",\n\"scope\": [\n{\n\"type\": \"vpc\",\n\"protection_state\": \"completed\",\n\"key\": \"/aws/eu-west-1/vpc/vpc-0bc01000001e6e\",\n\"deployment_set\": {\n\"share_image\": {\n\"status\": \"completed\",\n\"description\": \"Share Alert Logic's security appliance ami\"\n},\n\"security_subnet_setup\": {\n\"status\": \"completed\",\n\"description\": \"Create Alert Logic's security subnet\"\n},\n\"security_group_setup\": {\n\"status\": \"completed\",\n\"description\": \"Create AlertLogic security group\"\n},\n\"security_appliance_deployment\": {\n\"status\": \"completed\",\n\"description\": \"Deploy Alert Logic's security appliance\"\n},\n\"route_table_setup\": {\n\"status\": \"completed\",\n\"description\": \"Create routing table for Alert Logic's security subnet\"\n},\n\"network_visibility_setup\": {\n\"status\": \"completed\",\n\"description\": \"Ensure network visibility for Alert Logic's security subnet\"\n},\n\"get_cidr_range\": {\n\"status\": \"completed\",\n\"description\": \"Getting available CIDR range for Alert Logic's security subnet.\"\n}\n}\n}\n],\n\"protection_state\": \"completed\",\n\"key\": \"/aws/eu-west-1\"\n}\n],\n\"environment_id\": \"7573E365-0B2A-1005-B049-7831C1BE64D2\",\n\"account_id\": \"01000001\"\n}", + "type": "json" + } + ] + }, + "error": { + "fields": { + "401 Unauthorized": [ + { + "group": "401", + "optional": false, + "field": "notAuthorizedError", + "description": "AuthenticationToken passed could not be authenticated.
Insufficient permissions.
" + } + ] + }, + "examples": [ + { + "title": "Error-Response:", + "content": "HTTP/1.1 401 Unauthorized", + "type": "json" + }, + { + "title": "Error-Response:", + "content": "HTTP/1.1 403 Forbidden", + "type": "json" + } + ] + }, + "groupTitle": "Launcher_Operations", + "header": { + "fields": { + "Header": [ + { + "group": "Header", + "type": "String", + "optional": false, + "field": "x-aims-auth-token", + "description": "AuthenticationToken returned by AIMS service.
The GetProvisioningDocument API returns a MIME multi-part document containing everything required to bootstrap an Alert Logic appliance.
The deployment token is a hexadecimal representation of the SHA1 hash of a concatenated string containing the AWS account ID (accountId), region (region), instance ID (instanceId), and the launch time (pendingTime) of the instance. This information can be retrieved from the instance identity document available from the AWS metadata URL: http://169.254.169.254/latest/dynamic/instance-identity/document
For an instance with account ID 481746159046, region us-east-1, instance ID i-d755c626, and launch time 2015-01-30T23:37:08Z, the raw deployment token would be '481746159046us-east-1i-d755c6262015-01-30T23:37:08Z', resulting in a hexadecimal SHA1 hash of 'A94B48FBCDCE82B031D40F2E00DF498CD50B1720'.
The document that is returned for a deployment token is a MIME multi-part document containing parts with the following content types, in the order they should be processed:
text/tags: A JSON representation of the instance's AWS tags
text/identity: The agent's SSL identity
text/vaporator-host: The IP address or hostname of the YABB instance
text/repositories: Yum repositories that should be installed on the instance
text/packages: Packages that should be installed on the instance
text/commands: Shell commands that should be run on the instance
Appliance deployment token
" + } + ] + } + }, + "success": { + "fields": { + "Success 200": [ + { + "group": "Success 200", + "type": "String", + "optional": false, + "field": "document", + "description": "Appliance deployment document
" + } + ] + }, + "examples": [ + { + "title": "200 Success:", + "content": "Content-Type: multipart/mixed; boundary=5b87da8a2b36468e\nMIME-Version: 1.0\n--5b87da8a2b36468e\n...\n--5b87da8a2b36468e--", + "type": "String" + } + ] + }, + "error": { + "fields": { + "401 Unauthorized": [ + { + "group": "401", + "optional": false, + "field": "notAuthorizedError", + "description": "AuthenticationToken passed could not be authenticated.
Insufficient permissions.
" + } + ] + }, + "examples": [ + { + "title": "Error-Response:", + "content": "HTTP/1.1 401 Unauthorized", + "type": "json" + }, + { + "title": "Error-Response:", + "content": "HTTP/1.1 403 Forbidden", + "type": "json" + } + ] + }, + "groupTitle": "Launcher_Operations", + "header": { + "fields": { + "Header": [ + { + "group": "Header", + "type": "String", + "optional": false, + "field": "x-aims-auth-token", + "description": "AuthenticationToken returned by AIMS service.
This API path is to be used by other microservices for determitaion if an instance is spun up from one of the returned AMI ids and is Alertlogic scan appliance. e.g. scanscheduler excludes such instances from continuous scan rotation.
", + "examples": [ + { + "title": "Get region to AMI id mapping:", + "content": "curl -v -X GET https://api.cloudinsight.alertlogic.com/launcher/v1/amis/scan", + "type": "json" + } + ], + "success": { + "fields": { + "Success 200": [ + { + "group": "Success 200", + "type": "JSON", + "optional": false, + "field": "ami-map", + "description": "region to ami map document
" + } + ] + }, + "examples": [ + { + "title": "200 Success:", + "content": "{\n\"eu-west-1\": [{\n\"ami-id\": \"ami-53b80e20\",\n\"description\": \"Cloud Insight US v1\"\n},\n{\n\"ami-id\": \"ami-87654321\",\n\"description\": \"Cloud Insight US v0\"\n}],\n\"ap-southeast-1\": [{\n\"ami-id\": \"ami-87654321\"\n}],\n\"eu-central-1\": [{\n\"ami-id\": \"ami-3dc4dc51\"\n}],\n\"ap-northeast-2\": [{\n\"ami-id\": \"ami-cc0fc1a2\"\n}],\n\"ap-northeast-1\": [{\n\"ami-id\": \"ami-9e8ab1f0\"\n}],\n\"us-east-1\": [{\n\"ami-id\": \"ami-10557a7a\"\n}],\n\"sa-east-1\": [{\n\"ami-id\": \"ami-1013937c\"\n}],\n\"us-west-1\": [{\n\"ami-id\": \"ami-13324473\"\n}],\n\"us-west-2\": [{\n\"ami-id\": \"ami-c59e78a5\"\n}],\n\"ap-southeast-2\": [{\n\"ami-id\": \"ami-edd7f38e\"\n}]\n}", + "type": "String" + } + ] + }, + "error": { + "fields": { + "401 Unauthorized": [ + { + "group": "401", + "optional": false, + "field": "notAuthorizedError", + "description": "AuthenticationToken passed could not be authenticated.
Insufficient permissions.
" + } + ] + }, + "examples": [ + { + "title": "Error-Response:", + "content": "HTTP/1.1 401 Unauthorized", + "type": "json" + }, + { + "title": "Error-Response:", + "content": "HTTP/1.1 403 Forbidden", + "type": "json" + } + ] + }, + "groupTitle": "Launcher_Operations", + "header": { + "fields": { + "Header": [ + { + "group": "Header", + "type": "String", + "optional": false, + "field": "x-aims-auth-token", + "description": "AuthenticationToken returned by AIMS service.
DEPRECATED: has no effect.
A new process for the account will be spawned, and a cache of all assets will be populated from the asset service.
", + "examples": [ + { + "title": "Add an account to the scheduler:", + "content": "curl -X PUT https://api.cloudinsight.alertlogic.com/scheduler/v1/12345678/add/BA395435-551B-4250-B52E-71FCCFF73124", + "type": "curl" + } + ], + "success": { + "examples": [ + { + "title": "200 Ok:", + "content": "ok", + "type": "json" + } + ] + }, + "filename": "deps/scan_scheduler/doc/apidoc.erl", + "groupTitle": "DEPRECATED", + "header": { + "fields": { + "Header": [ + { + "group": "Header", + "type": "String", + "optional": false, + "field": "x-aims-auth-token", + "description": "AuthenticationToken returned by AIMS service.
AIMS Account ID
" + }, + { + "group": "Parameter", + "type": "String", + "optional": false, + "field": "environment_id", + "description": "AL Environment ID
" + } + ] + } + } + }, + { + "type": "put", + "url": "/scheduler/v1/:account_id/:environment_id/add?asset=:asset_key", + "title": "Add an asset to the scheduler", + "name": "AddScanAsset", + "group": "DEPRECATED", + "version": "1.0.0", + "description": "DEPRECATED: has no effect.
Assets are typically added to the cache via RabbitMQ notifications, however assets can also be added manually via the HTTP API.
", + "examples": [ + { + "title": "Add an asset to the scheduler:", + "content": "curl -X PUT https://api.cloudinsight.alertlogic.com/scheduler/v1/12345678/BA395435-551B-4250-B52E-71FCCFF73124/add?asset=/aws/us-east-1/host/i-023c7629", + "type": "curl" + } + ], + "success": { + "examples": [ + { + "title": "200 Ok:", + "content": "ok", + "type": "json" + } + ] + }, + "filename": "deps/scan_scheduler/doc/apidoc.erl", + "groupTitle": "DEPRECATED", + "header": { + "fields": { + "Header": [ + { + "group": "Header", + "type": "String", + "optional": false, + "field": "x-aims-auth-token", + "description": "AuthenticationToken returned by AIMS service.
AIMS Account ID
" + }, + { + "group": "Parameter", + "type": "String", + "optional": false, + "field": "environment_id", + "description": "AL Environment ID
" + }, + { + "group": "Parameter", + "type": "String", + "optional": false, + "field": "asset_key", + "description": "Asset Key
" + } + ] + } + } + }, + { + "type": "put", + "url": "/scheduler/v1/:account_id/:environment_id/:appliance_id/dequeue_tasks/:count", + "title": "Dequeue scan tasks for an appliance", + "name": "GetScanApplianceTasks", + "group": "DEPRECATED", + "version": "1.0.0", + "description": "DEPRECATED: For internal use only.
The scheduler uses the dequeue_tasks API to dequeue the next count items from the top of the scan queue.
", + "parameter": { + "fields": { + "Parameter": [ + { + "group": "Parameter", + "type": "String", + "optional": false, + "field": "appliance_id", + "description": "The appliance uuid
" + }, + { + "group": "Parameter", + "type": "Integer", + "optional": false, + "field": "count", + "description": "The number of tasks to include
" + }, + { + "group": "Parameter", + "type": "String", + "optional": false, + "field": "account_id", + "description": "AIMS Account ID
" + }, + { + "group": "Parameter", + "type": "String", + "optional": false, + "field": "environment_id", + "description": "AL Environment ID
" + } + ] + } + }, + "examples": [ + { + "title": "Retrieving scan tasks for an appliance:", + "content": "curl -X PUT https://api.cloudinsight.alertlogic.com/scheduler/v1/01000002/BA395435-551B-4250-B52E-71FCCFF73124/DD9B1328-0100-1005-8562-7831C1BAC182/dequeue_tasks/1", + "type": "curl" + } + ], + "success": { + "examples": [ + { + "title": "200 Ok:", + "content": "{\n \"requests\": [\n {\n \"metadata\": {\n \"request_id\": \"D895CF3B-03F9-1005-96FA-7831C1BAEAE6\",\n \"status\": \"queued\",\n \"last_scan\": 0,\n \"priority\": 3\n },\n \"policy\": {\n \"credentials\": [],\n \"ports\": [\n [\n 1,\n 65535\n ]\n ]\n },\n \"address\": \"10.0.4.20\",\n \"name\": \"ip-10-0-4-20.ec2.internal\",\n \"subnet\": \"subnet-339b6244\",\n \"vpc\": \"vpc-f134ed94\",\n \"id\": \"/aws/us-east-1/host/i-023c7629\"\n }\n ]\n}", + "type": "json" + } + ] + }, + "filename": "deps/scan_scheduler/doc/apidoc.erl", + "groupTitle": "DEPRECATED", + "header": { + "fields": { + "Header": [ + { + "group": "Header", + "type": "String", + "optional": false, + "field": "x-aims-auth-token", + "description": "AuthenticationToken returned by AIMS service.
DEPRECATED: has no effect.
Some metadata fields can be modified via the HTTP API
", + "parameter": { + "fields": { + "Parameter": [ + { + "group": "Parameter", + "type": "String", + "optional": false, + "field": "key", + "description": "Metadata key to update, one of:
Value to set
" + }, + { + "group": "Parameter", + "type": "String", + "optional": false, + "field": "account_id", + "description": "AIMS Account ID
" + }, + { + "group": "Parameter", + "type": "String", + "optional": false, + "field": "environment_id", + "description": "AL Environment ID
" + }, + { + "group": "Parameter", + "type": "String", + "optional": false, + "field": "asset_key", + "description": "Asset Key
" + } + ] + } + }, + "examples": [ + { + "title": "Update asset metadata:", + "content": "curl -X PUT https://api.cloudinsight.alertlogic.com/scheduler/v1/12345678/BA395435-551B-4250-B52E-71FCCFF73124/update/aws/us-east-1/host/i-023c7629/last_scan/1411748046", + "type": "curl" + } + ], + "success": { + "examples": [ + { + "title": "200 Ok:", + "content": "ok", + "type": "json" + } + ] + }, + "filename": "deps/scan_scheduler/doc/apidoc.erl", + "groupTitle": "DEPRECATED", + "header": { + "fields": { + "Header": [ + { + "group": "Header", + "type": "String", + "optional": false, + "field": "x-aims-auth-token", + "description": "AuthenticationToken returned by AIMS service.
The scheduler provides the summary API to retrieve a summary of scan progress for an environment.
", + "examples": [ + { + "title": "Retrieving scan summary for an environment:", + "content": "curl -X GET https://api.cloudinsight.alertlogic.com/scheduler/v1/01000002/BA395435-551B-4250-B52E-71FCCFF73124/summary", + "type": "curl" + }, + { + "title": "Retrieving scan summary for an environment for a given VPC key:", + "content": "curl -X GET https://api.cloudinsight.alertlogic.com/scheduler/v1/01000002/BA395435-551B-4250-B52E-71FCCFF73124/summary?vpc_key=/aws/us-east-1/vpc/vpc-123", + "type": "curl" + } + ], + "success": { + "examples": [ + { + "title": "200 Success:", + "content": "HTTP/1.1 200\n{\n \"summary\": {\n \"total\": 20,\n \"in_scope\": 17,\n \"running\": 5,\n \"scanned\": 10,\n \"scannable\": 16\n }\n}", + "type": "json" + } + ] + }, + "filename": "deps/scan_scheduler/doc/apidoc.erl", + "groupTitle": "Scheduler_Resources", + "header": { + "fields": { + "Header": [ + { + "group": "Header", + "type": "String", + "optional": false, + "field": "x-aims-auth-token", + "description": "AuthenticationToken returned by AIMS service.
AIMS Account ID
" + }, + { + "group": "Parameter", + "type": "String", + "optional": false, + "field": "environment_id", + "description": "AL Environment ID
" + } + ] + } + } + }, + { + "type": "get", + "url": "/scheduler/v1/:account_id/:environment_id/list", + "title": "Retrieve a list of assets", + "name": "ListScanAssets", + "group": "Scheduler_Resources", + "version": "1.0.0", + "description": "Lists of assets is returned, in the order they will be scanned. The first list, immediate, is composed of assets to be scanned immediately, out of the regular order. The second, assets, lists assets in their regular scan order.
Each entry in the queue contains:
The metadata object includes:
The policy object includes:
AuthenticationToken returned by AIMS service.
AIMS Account ID
" + }, + { + "group": "Parameter", + "type": "String", + "optional": false, + "field": "environment_id", + "description": "AL Environment ID
" + } + ] + } + } + }, + { + "type": "put", + "url": "/scheduler/v1/:account_id/:environment_id/scan?asset=:asset_key", + "title": "Immediately scan an asset", + "name": "ScanAsset", + "group": "Scheduler_Resources", + "version": "1.0.0", + "description": "Move an asset to the top of the scan queue.
", + "examples": [ + { + "title": "Immediately scanning an asset:", + "content": "curl -X PUT https://api.cloudinsight.alertlogic.com/scheduler/v1/12345678/BA395435-551B-4250-B52E-71FCCFF73124/scan?asset=/aws/us-east-1/host/i-023c7629", + "type": "curl" + } + ], + "success": { + "examples": [ + { + "title": "200 Ok:", + "content": "ok", + "type": "json" + } + ] + }, + "filename": "deps/scan_scheduler/doc/apidoc.erl", + "groupTitle": "Scheduler_Resources", + "header": { + "fields": { + "Header": [ + { + "group": "Header", + "type": "String", + "optional": false, + "field": "x-aims-auth-token", + "description": "AuthenticationToken returned by AIMS service.
AIMS Account ID
" + }, + { + "group": "Parameter", + "type": "String", + "optional": false, + "field": "environment_id", + "description": "AL Environment ID
" + }, + { + "group": "Parameter", + "type": "String", + "optional": false, + "field": "asset_key", + "description": "Asset Key
" + } + ] + } + } + }, + { + "type": "post", + "url": "/whitelist/v1/:account_id/:environment_id", + "title": "Designate a tag as white-listed", + "name": "DesignateTag", + "group": "Whitelist", + "version": "1.0.0", + "description": "The client can use this method to designate a tag as white-listed for an environment.
", + "examples": [ + { + "title": "Designating a tag as white-listed:", + "content": "curl -H \"x-aims-auth-token: ${TOKEN}\" -X POST -d '{\"type\":\"tag\", \"tag_key\":\"Host Role\", \"tag_value\":\"Fragile Web Server\"}' https://api.cloudinsight.alertlogic.com/whitelist/v1/12345678/BA395435-551B-4250-B52E-71FCCFF73124", + "type": "curl" + } + ], + "success": { + "examples": [ + { + "title": "Success-Response", + "content": "204 OK", + "type": "json" + } + ] + }, + "error": { + "examples": [ + { + "title": "Error-Response", + "content": "404 Object Not Found", + "type": "json" + } + ] + }, + "filename": "deps/scan_scheduler/doc/apidoc.erl", + "groupTitle": "Whitelist", + "header": { + "fields": { + "Header": [ + { + "group": "Header", + "type": "String", + "optional": false, + "field": "x-aims-auth-token", + "description": "AuthenticationToken returned by AIMS service.
AIMS Account ID
" + }, + { + "group": "Parameter", + "type": "String", + "optional": false, + "field": "environment_id", + "description": "AL Environment ID
" + } + ] + } + } + }, + { + "type": "get", + "url": "/whitelist/v1/:account_id/:environment_id/assets?type=:type&tag_key=:tag_key&tag_value=:tag_value", + "title": "Retrieve all white-listed hosts", + "name": "ListHosts", + "group": "Whitelist", + "version": "1.0.0", + "description": "The client can use this method to retrieve a list of hosts white-listed by tags.
", + "examples": [ + { + "title": "Listing all white-listed hosts:", + "content": "curl -H \"x-aims-auth-token: ${TOKEN}\" -X GET https://api.cloudinsight.alertlogic.com/whitelist/v1/12345678/BA395435-551B-4250-B52E-71FCCFF73124/assets?type=tag&tag_key=\"Host Role\"&tag_value=\"Fragile Web Server\"", + "type": "curl" + } + ], + "success": { + "examples": [ + { + "title": "Success-Response", + "content": "HTTP/1.1 200 OK\n[\n \"/aws/us-west-1/host/i-12345678\",\n \"/aws/us-west-2/host/i-45678901\"\n]", + "type": "json" + }, + { + "title": "Success-Response(tag, environment or account does not exist)", + "content": "HTTP/1.1 200 OK\n[]", + "type": "json" + } + ] + }, + "error": { + "examples": [ + { + "title": "Type parameter is missing in URL", + "content": "404 Object not found", + "type": "json" + } + ] + }, + "filename": "deps/scan_scheduler/doc/apidoc.erl", + "groupTitle": "Whitelist", + "header": { + "fields": { + "Header": [ + { + "group": "Header", + "type": "String", + "optional": false, + "field": "x-aims-auth-token", + "description": "AuthenticationToken returned by AIMS service.
AIMS Account ID
" + }, + { + "group": "Parameter", + "type": "String", + "optional": false, + "field": "environment_id", + "description": "AL Environment ID
" + }, + { + "group": "Parameter", + "type": "String", + "optional": false, + "field": "type", + "description": "Type of entity targeted by the operation
" + }, + { + "group": "Parameter", + "type": "String", + "optional": false, + "field": "tag_key", + "description": "Tag key
" + }, + { + "group": "Parameter", + "type": "String", + "optional": false, + "field": "tag_value", + "description": "Tag value
" + } + ] + } + } + }, + { + "type": "get", + "url": "/whitelist/v1/:account_id/:environment_id", + "title": "Retrieve all white-listed tags", + "name": "ListTags", + "group": "Whitelist", + "version": "1.0.0", + "description": "The client can use this method to retrieve a list of tags designated as white-listed.
", + "examples": [ + { + "title": "Listing all tags designated as white-listed:", + "content": "curl -H \"x-aims-auth-token: ${TOKEN}\" -X GET https://api.cloudinsight.alertlogic.com/whitelist/v1/12345678/BA395435-551B-4250-B52E-71FCCFF73124", + "type": "curl" + } + ], + "success": { + "examples": [ + { + "title": "Success-Response", + "content": "HTTP/1.1 200 OK\n[\n {\n \"type\": \"tag\",\n \"tag_key\": \"Host Role\",\n \"tag_value\": \"Fragile Web Server\"\n }\n]", + "type": "json" + } + ] + }, + "filename": "deps/scan_scheduler/doc/apidoc.erl", + "groupTitle": "Whitelist", + "header": { + "fields": { + "Header": [ + { + "group": "Header", + "type": "String", + "optional": false, + "field": "x-aims-auth-token", + "description": "AuthenticationToken returned by AIMS service.
AIMS Account ID
" + }, + { + "group": "Parameter", + "type": "String", + "optional": false, + "field": "environment_id", + "description": "AL Environment ID
" + } + ] + } + } + }, + { + "type": "delete", + "url": "/whitelist/v1/:account_id/:environment_id", + "title": "Undesignate a tag as white-listed", + "name": "UndesignateTag", + "group": "Whitelist", + "version": "1.0.0", + "description": "The client can use this method to undesignate a tag as white-listed for an environment.
", + "examples": [ + { + "title": "Undesignating a tag as white-listed:", + "content": "curl -H \"x-aims-auth-token: ${TOKEN}\" -X DELETE -d '{\"type\":\"tag\", \"tag_key\":\"Host Role\", \"tag_value\":\"Fragile Web Server\"}' https://api.cloudinsight.alertlogic.com/whitelist/v1/12345678/BA395435-551B-4250-B52E-71FCCFF73124", + "type": "curl" + } + ], + "success": { + "examples": [ + { + "title": "Success-Response", + "content": "204 OK", + "type": "json" + } + ] + }, + "filename": "deps/scan_scheduler/doc/apidoc.erl", + "groupTitle": "Whitelist", + "header": { + "fields": { + "Header": [ + { + "group": "Header", + "type": "String", + "optional": false, + "field": "x-aims-auth-token", + "description": "AuthenticationToken returned by AIMS service.
AIMS Account ID
" + }, + { + "group": "Parameter", + "type": "String", + "optional": false, + "field": "environment_id", + "description": "AL Environment ID
" + } + ] + } + } + } +] \ No newline at end of file diff --git a/alertlogic/api_data/update.sh b/alertlogic/api_data/update.sh old mode 100755 new mode 100644 index 19dc057..c06f31c --- a/alertlogic/api_data/update.sh +++ b/alertlogic/api_data/update.sh @@ -1,10 +1,10 @@ #! /bin/bash # space separted list of services -APIS="sources" +APIS="sources scan_scheduler launcher" URL="https://console.cloudinsight.alertlogic.com/api" -for api in $APIS; do +for api in $APIS; do echo -ne "fetching api_data: ${api} ... " dest="$(dirname $0)/${api}.json" curl -s ${URL}/${api}/api_data.json -o ${dest}.tmp diff --git a/alertlogic/dynapi.py b/alertlogic/dynapi.py index 6e3aff7..1f31c00 100644 --- a/alertlogic/dynapi.py +++ b/alertlogic/dynapi.py @@ -9,10 +9,11 @@ import json import logging import os.path +import urllib, urlparse API_DATA_DIR = os.path.abspath(os.path.dirname(__file__)+"/api_data") -API_SERVICES = ["sources"] +API_SERVICES = ["sources", "scan_scheduler", "launcher"] log = logging.getLogger() @@ -133,18 +134,10 @@ def parse_url(self, url_args): "/scheduler/v1/12345678/BA395435-551B-4250-B52E-71FCCFF73124/scan?asset=/aws/us-east-1/host/i-023c7629" :param url_args: dict with values to replace url parameters """ - parts = [part for part in self.url.lower().split("/") if len(part) > 0] - parsed_url = "" - for part in parts: - if part.startswith(":"): - required_arg = part[1:] # removes ":" at the beginning of the string - if required_arg in url_args: - parsed_url += "/"+url_args[required_arg] - else: - raise InvalidEndpointCall("missing required url argument {}".format(required_arg)) - else: - parsed_url += "/"+part - return parsed_url + parsed = list(urlparse.urlparse(self.url.lower())) + parsed[2] = substitute_path_args(parsed[2], url_args) + parsed[4] = substitute_query_args(parsed[4], url_args) + return urlparse.urlunparse(parsed) def call(self, session, url_args, json=None): """parses the url (see parse_url()), and makes an http call, uses session as requests auth plugin @@ -155,3 +148,31 @@ def call(self, session, url_args, json=None): parsed_url = session.api_endpoint + self.parse_url(url_args) log.debug("calling requests: operation={} url={} json={}".format(self.operation, parsed_url, json)) return requests.request(self.operation, parsed_url, json=json, auth=session) + +def substitute_path_args(path, args): + parts = [part for part in path.lower().split("/") if len(part) > 0] + substituted = "" + for part in parts: + if part.startswith(":"): + required_arg = part[1:] # removes ":" at the beginning of the string + if required_arg in args: + substituted += "/" + args[required_arg] + else: + raise InvalidEndpointCall("missing required url argument {}".format(required_arg)) + else: + substituted += "/" + part + return substituted + +def substitute_query_args(query, args): + parsed = urlparse.parse_qs(query) + for key in parsed: + value = parsed[key][0] + if value.startswith(":"): + required_arg = value[1:] # removes ":" at the beginning of the string + if required_arg in args: + parsed[key] = args[required_arg] + else: + raise InvalidEndpointCall("missing required url argument {}".format(required_arg)) + substituted = urllib.urlencode(parsed) + substituted = urllib.unquote_plus(substituted) + return substituted diff --git a/alertlogiccli/commands/__init__.py b/alertlogiccli/commands/__init__.py index f4d4b5f..8351bf4 100644 --- a/alertlogiccli/commands/__init__.py +++ b/alertlogiccli/commands/__init__.py @@ -5,6 +5,7 @@ import inspect from abc import ABCMeta, abstractmethod + class CLIModule: """Base class to represent comamnd line interface module At the moment each command belongs to a module defining scope of command. diff --git a/alertlogiccli/commands/environment/__init__.py b/alertlogiccli/commands/environment/__init__.py index f486239..5ec27d2 100644 --- a/alertlogiccli/commands/environment/__init__.py +++ b/alertlogiccli/commands/environment/__init__.py @@ -8,7 +8,6 @@ class Environments(CLIModule): @classmethod def get_parser(cls, subparsers): - parser_environment = subparsers.add_parser(cls.command, help="environment specific actions") - subparsers_environment = parser_environment.add_subparsers(dest="subcommand") - - return subparsers_environment + parser = subparsers.add_parser(cls.command, help="environment specific actions") + parser.add_argument("-e", "--environment_id", help="environment id (uuid)") + return parser.add_subparsers(dest="subcommand") diff --git a/alertlogiccli/commands/environment/deployment.py b/alertlogiccli/commands/environment/deployment.py new file mode 100644 index 0000000..b0b3c50 --- /dev/null +++ b/alertlogiccli/commands/environment/deployment.py @@ -0,0 +1,46 @@ +# This module defines commands to manipulate scheduler queues for a given environment + +from alertlogiccli.commands import CLICommand +from alertlogiccli.commands import InvalidHTTPResponse, InvalidParameter, InvalidServiceResponse +import requests +import json + +class ListDeployedResourcesCommand(CLICommand): + """Command to list security infrastructure resources deployed to a given environment""" + command = "list_deployed_resources" + def __init__(self, services): + CLICommand.__init__(self, services) + + @classmethod + def get_parser(cls, subparsers): + cmd_help = "lists security infrastructure resources deployed to a given environment" + parser = subparsers.add_parser(cls.command, help=cmd_help) + + def execute(self, environment_id, **kwargs): + try: + response = self.services.launcher.getawsresourcesbyenvironment(environment_id=environment_id) + response.raise_for_status() + except requests.exceptions.HTTPError as e: + raise InvalidHTTPResponse(self.command, e.message) + content = response.json() + return json.dumps(content, sort_keys=True, indent=4) + +class GetDeploymentStatusCommand(CLICommand): + """Command to get deployment status for a given environment""" + command = "get_deployment_status" + def __init__(self, services): + CLICommand.__init__(self, services) + + @classmethod + def get_parser(cls, subparsers): + cmd_help = "gets deployment status for a given environment" + parser = subparsers.add_parser(cls.command, help=cmd_help) + + def execute(self, environment_id, **kwargs): + try: + response = self.services.launcher.getdeploymentstatus(environment_id=environment_id) + response.raise_for_status() + except requests.exceptions.HTTPError as e: + raise InvalidHTTPResponse(self.command, e.message) + content = response.json() + return json.dumps(content, sort_keys=True, indent=4) diff --git a/alertlogiccli/commands/environment/deployment_mode.py b/alertlogiccli/commands/environment/deployment_mode.py index 2d457dc..586e168 100644 --- a/alertlogiccli/commands/environment/deployment_mode.py +++ b/alertlogiccli/commands/environment/deployment_mode.py @@ -31,8 +31,6 @@ def __init__(self, services): @classmethod def get_parser(cls, subparsers): parser_get_deployment_mode = subparsers.add_parser(cls.command, help="gets environment deployment mode") - parser_get_deployment_mode.add_argument("-e", "--environment_id", help="environment id (uuid)") - def execute(self, environment_id=None, **kwargs): response = self.validate_environment(self.services, environment_id) @@ -56,17 +54,14 @@ def __init__(self, services): @classmethod def get_parser(cls, subparsers): parser_set_deployment_mode = subparsers.add_parser(cls.command, help="sets environment deployment mode") - parser_set_deployment_mode.add_argument("-e", "--environment_id", help="environment id (uuid)") - parser_set_deployment_mode.add_argument("-m", "--deployment_mode", required=True, - choices=["readonly", "automatic"]) + parser_set_deployment_mode.add_argument("-m", "--mode", required=True, choices=["readonly", "automatic"]) - def execute(self, environment_id=None, deployment_mode=None, **kwargs): + def execute(self, environment_id=None, mode=None, **kwargs): response = self.validate_environment(self.services, environment_id) try: - new_config = { "source": { "config": { "deployment_mode": deployment_mode } } } + new_config = { "source": { "config": { "deployment_mode": mode } } } response = self.services.sources.merge_source(id=environment_id, json=new_config) response.raise_for_status() except requests.exceptions.HTTPError as e: - raise InvalidHTTPResponse("update deployment mode", e.message) - - return "ok" \ No newline at end of file + raise InvalidHTTPResponse("set_deployment_mode", e.message) + return "ok" diff --git a/alertlogiccli/commands/environment/scan_queue.py b/alertlogiccli/commands/environment/scan_queue.py new file mode 100644 index 0000000..9acdc19 --- /dev/null +++ b/alertlogiccli/commands/environment/scan_queue.py @@ -0,0 +1,60 @@ +# This module defines commands to manipulate scheduler queues for a given environment + +from alertlogiccli.commands import CLICommand +from alertlogiccli.commands import InvalidHTTPResponse, InvalidParameter, InvalidServiceResponse +import requests +import json + +class ListScanQueuesCommand(CLICommand): + """List hosts in scan queues for a given environment""" + command = "list_scan_queues" + def __init__(self, services): + CLICommand.__init__(self, services) + + @classmethod + def get_parser(cls, subparsers): + cmd_help = "lists hosts in scan queues for a given environment" + parser = subparsers.add_parser(cls.command, help=cmd_help) + parser.add_argument("--vpc_key", help="filter hosts for a given VPC") + + def execute(self, environment_id, vpc_key=None, **kwargs): + try: + response = self.services.scan_scheduler.listscanassets(environment_id=environment_id) + response.raise_for_status() + except requests.exceptions.HTTPError as e: + raise InvalidHTTPResponse(self.command, e.message) + content = response.json() + regular = group_by_vpc(content["assets"], vpc_key) + immediate = group_by_vpc(content["immediate"], vpc_key) + result = {"regular": regular, "immediate": immediate} + return json.dumps(result, sort_keys=True, indent=4) + +class ScanHostCommand(CLICommand): + """Puts a host to the immediate scan queue""" + command = "scan_host" + def __init__(self, services): + CLICommand.__init__(self, services) + + @classmethod + def get_parser(cls, subparsers): + cmd_help = "puts a host in the immediate scan queue" + parser = subparsers.add_parser(cls.command, help=cmd_help) + parser.add_argument("--host_key", required=True, help="a host key to put in the queue") + + def execute(self, environment_id, host_key, **kwargs): + try: + response = self.services.scan_scheduler.scanasset(environment_id=environment_id, asset_key=host_key) + response.raise_for_status() + except requests.exceptions.HTTPError as e: + raise InvalidHTTPResponse(self.command, e.message) + return "ok" + +def group_by_vpc(assets, filter_vpc_key): + acc = {} + for asset in assets: + vpc_key = asset["vpc"] + if not filter_vpc_key or filter_vpc_key == vpc_key: + group = acc.get(vpc_key, {"vpc": vpc_key, "hosts": []}) + group["hosts"].append(asset) + acc[vpc_key] = group + return acc.values() diff --git a/share/README.md b/share/README.md index c440712..46d42fd 100644 --- a/share/README.md +++ b/share/README.md @@ -37,20 +37,68 @@ datacenter = us ## Usage -alertlogic-cli currently supports the following commands and subcommands: - -### `environment`: - * `set_deployment_mode`: for a given environment changes deployment mode between readonly or manual, usage: - ``` set_deployment_mode