Assets Manager API (1.0.0)

Download OpenAPI specification:Download

Alert Logic Support: support@alertlogic.com URL: https://support.alertlogic.com

The assets management service. The service provides additional validation layer in front of assets to ensure the user supplied configuration is consistent. The service also provides different utility functions.

Authentication

x-aims-auth-token

AIMS Authentication Token

Security Scheme Type	API Key
Header parameter name:	x-aims-auth-token

Protection Scope Management

Export protection scope

Endpoint for exporting the protection scope of a deployment along with asset metadata. By default the endpoints returns data in CSV format if no Accept header specified. cURL example:

Authorizations:

x-aims-auth-token

path Parameters

account_id required	string The AIMS account ID whose assets are being accessed. Only valid account IDs are acceptable. Invalid account IDs result in an `HTTP 404 Not Found` or `HTTP 403 Forbidden`, depending on the client's access level.
deployment_id required	string The ID of the deployment source as represented in the deployments service (uppercase UUID).

Responses

Request samples

alcli
cURL

alcli assets_manager export_scope \
--account_id 134235158 \
--deployment_id 843BD5F3-583D-48D7-B929-616B100D6B7B \
> scope.csv

Response samples

200

Content type

type,key,name,protection_level,cidr_block,region,network,subnet,cidr_ranges
vpc,/aws/us-west-2/vpc/vpc-43f82c3a,vpc-43f82c3a,inherited,172.31.0.0/16,us-west-2,,,"[""172.31.0.0/16""]"
subnet,/aws/us-west-2/subnet/subnet-094f8853,subnet-094f8853,inherited,172.31.0.0/20,us-west-2,,,
subnet,/aws/us-west-2/subnet/subnet-78f2e71e,subnet-78f2e71e,inherited,172.31.16.0/20,us-west-2,,,
subnet,/aws/us-west-2/subnet/subnet-94ccb0bc,subnet-94ccb0bc,inherited,172.31.48.0/20,us-west-2,,,
subnet,/aws/us-west-2/subnet/subnet-974c78df,subnet-974c78df,inherited,172.31.32.0/20,us-west-2,,,

Import protection scope

Endpoint for importing the protection scope of a deployment.

Authorizations:

x-aims-auth-token

path Parameters

account_id required	string The AIMS account ID whose assets are being accessed. Only valid account IDs are acceptable. Invalid account IDs result in an `HTTP 404 Not Found` or `HTTP 403 Forbidden`, depending on the client's access level.
deployment_id required	string The ID of the deployment source as represented in the deployments service (uppercase UUID).

query Parameters

write

boolean

Default: false

The option is used to perform write operation if specified as true. Otherwise the endpoint works in dry-run mode. If no option specified the false is assumed.

Request Body schema:
text/csv
text/csv
application/json

By default If no Content-Type header specified the CSV format assumed. The data format is the same as returned by the export endpoint. The required fields are: type, key and protection_level. All other fields are ignored. Any invalid items are ignored. The protection scope policy id to protection_level mapping:

D12D5E67-166C-474F-87AA-6F86FC9FB9BC - professional
A8E8B104-8F45-411D-A240-A30EA5FE25B0 - essentials
EC735B49-2517-4D98-BB9D-BEBC1E75D56D - enterprise
A562D3E4-ECBE-426E-B2CF-78D2336E5D63 - lm_essentials
7E184449-FB15-4693-807F-C01A1ECD7E66 - lmpro
D2A589A9-EA56-456C-844E-65843B483D68 - tmpro

Array

type required	string (AssetType) Asset type
key required	string (AssetKey) Asset key
protection_level required	string (ProtectionLevel) Enum: "professional" "essentials" "enterprise" "lm_essentials" "lmpro" "tmpro" "excluded" "inherited"
name	string (AssetName) Asset Name
cidr_block	string (CidrBlock) The subnet cidr_block
region	string The region asset name containing the asset. Informational only.
network	string The vpc/network asset name containing the asset. Informational only.
cidr_ranges	Array of strings (CidrBlock) The network list of CIDRs

Responses

Request samples

Payload
alcli
cURL

Content type

type,key,name,protection_level,cidr_block,region,network,subnet,cidr_ranges
vpc,/aws/us-west-2/vpc/vpc-43f82c3a,vpc-43f82c3a,inherited,172.31.0.0/16,us-west-2,,,"[""172.31.0.0/16""]"
subnet,/aws/us-west-2/subnet/subnet-094f8853,subnet-094f8853,inherited,172.31.0.0/20,us-west-2,,,
subnet,/aws/us-west-2/subnet/subnet-78f2e71e,subnet-78f2e71e,inherited,172.31.16.0/20,us-west-2,,,
subnet,/aws/us-west-2/subnet/subnet-94ccb0bc,subnet-94ccb0bc,inherited,172.31.48.0/20,us-west-2,,,
subnet,/aws/us-west-2/subnet/subnet-974c78df,subnet-974c78df,inherited,172.31.32.0/20,us-west-2,,,

Response samples

200

Content type

application/json

{"new_scope": {"include": [{"type": "vpc",
"policy": {"id": "D12D5E67-166C-474F-87AA-6F86FC9FB9BC"
},
"key": "/aws/ca-central-1/vpc/vpc-e0a0a689"
}
],
"exclude": [{"type": "host",
"key": "/aws/ca-central-1/host/i-031b312d8b6472247"
}
]
},
"included": [{"type": "vpc",
"policy": {"id": "D12D5E67-166C-474F-87AA-6F86FC9FB9BC"
},
"key": "/aws/ca-central-1/vpc/vpc-e0a0a689"
}
],
"excluded": [{"type": "region",
"policy": {"id": "D12D5E67-166C-474F-87AA-6F86FC9FB9BC"
},
"key": "/aws/us-east-1"
},
{"type": "host",
"policy": {"id": "D12D5E67-166C-474F-87AA-6F86FC9FB9BC"
},
"key": "/aws/eu-west-2/host/i-0e36e01a0efd53cbf"
},
{"type": "host",
"key": "/aws/ca-central-1/host/i-031b312d8b6472247"
}
]
}

Network Operations

Create Network

Create network

Authorizations:

x-aims-auth-token

path Parameters

account_id required	string The AIMS account ID whose assets are being accessed. Only valid account IDs are acceptable. Invalid account IDs result in an `HTTP 404 Not Found` or `HTTP 403 Forbidden`, depending on the client's access level.
deployment_id required	string The ID of the deployment source as represented in the deployments service (uppercase UUID).

query Parameters

force_large_network

boolean

Default: false

The option is used to suppress the network size validation if specified as true. By default the service checks if the number of IP addresses is that big for a typical appliance to complete network discovery scans within a reasonable time.

Request Body schema: application/json

network_name required	string (AssetName) Asset Name
cidr_ranges required	Array of strings (CidrBlock)
public_cidr_ranges	Array of strings (CidrBlock)
span_port_enabled	boolean (SpanPortEnabled) Default: false

Responses

Request samples

Payload

Content type

application/json

{"network_name": "Network",
"cidr_ranges": ["10.0.0.0/16"
]
}

Response samples

200
400

Content type

application/json

{"key": "/dc/network/2C6B298D-B6C6-4798-B498-2180FC1F4996",
"network_name": "Network",
"network_uuid": "88FCC8F6-EEE8-EE07-6AC5-3E88E85AE310",
"cidr_ranges": ["10.0.0.0/16"
],
"claim_key": "e318c8e213d3accf26aa07fc33e6154b055135862c49b8c5e1",
"span_port_enabled": false
}

Update Network

Update network

Authorizations:

x-aims-auth-token

path Parameters

account_id required	string The AIMS account ID whose assets are being accessed. Only valid account IDs are acceptable. Invalid account IDs result in an `HTTP 404 Not Found` or `HTTP 403 Forbidden`, depending on the client's access level.
deployment_id required	string The ID of the deployment source as represented in the deployments service (uppercase UUID).
network_uuid required	string The UUID of the network asset as represented in the assets service (uppercase UUID).

query Parameters

force_large_network

boolean

Default: false

The option is used to suppress the network size validation if specified as true. By default the service checks if the number of IP addresses is that big for a typical appliance to complete network discovery scans within a reasonable time.

Request Body schema: application/json

network_name	string (AssetName) Asset Name
cidr_ranges	Array of strings (CidrBlock)
public_cidr_ranges	Array of strings (CidrBlock)
span_port_enabled	boolean (SpanPortEnabled) Default: false

Responses

production (US)

https://api.cloudinsight.alertlogic.com/assets_manager/v1/{account_id}/deployments/{deployment_id}/networks/{network_uuid}

production (UK)

https://api.cloudinsight.alertlogic.co.uk/assets_manager/v1/{account_id}/deployments/{deployment_id}/networks/{network_uuid}

integration

https://api.product.dev.alertlogic.com/assets_manager/v1/{account_id}/deployments/{deployment_id}/networks/{network_uuid}

Request samples

Payload

Content type

application/json

{"cidr_ranges": ["10.0.0.0/16",
"10.1.0.0/16"
]
}

Response samples

200
400

Content type

application/json

{"key": "/dc/network/2C6B298D-B6C6-4798-B498-2180FC1F4996",
"network_name": "Network",
"network_uuid": "88FCC8F6-EEE8-EE07-6AC5-3E88E85AE310",
"cidr_ranges": ["10.0.0.0/16"
],
"claim_key": "e318c8e213d3accf26aa07fc33e6154b055135862c49b8c5e1",
"span_port_enabled": false
}

Assets Manager API (1.0.0)

Authentication

x-aims-auth-token

Protection Scope Management

Export protection scope

Authorizations:

path Parameters

Responses

Request samples

Response samples

Import protection scope

Authorizations:

path Parameters

query Parameters

Request Body schema: text/csvtext/csvapplication/json

Responses

Request samples

Response samples

Network Operations

Create Network

Authorizations:

path Parameters

query Parameters

Request Body schema: application/json

Responses

Request samples

Response samples

Update Network

Authorizations:

path Parameters

query Parameters

Request Body schema: application/json

Responses

Request samples

Response samples

Request Body schema:
text/csv
text/csv
application/json