Documentation Powered by Redocly

Assets Manager API (1.0.0)

Download OpenAPI specification:Download

Alert Logic Support: support@alertlogic.com URL: https://support.alertlogic.com

The assets management service. The service provides additional validation layer in front of assets to ensure the user supplied configuration is consistent. The service also provides different utility functions.

Authentication

x-aims-auth-token

AIMS Authentication Token

Security Scheme Type API Key
Header parameter name: x-aims-auth-token

Protection Scope Management

Export protection scope

Endpoint for exporting the protection scope of a deployment along with asset metadata. By default the endpoints returns data in CSV format if no Accept header specified. cURL example:

Authorizations:
x-aims-auth-token
    path Parameters
    account_id
    required
    string

    The AIMS account ID whose assets are being accessed. Only valid account IDs are acceptable. Invalid account IDs result in an HTTP 404 Not Found or HTTP 403 Forbidden, depending on the client's access level.

    deployment_id
    required
    string

    The ID of the deployment source as represented in the deployments service (uppercase UUID).

    Responses

    Request samples 

    alcli assets_manager export_scope \
--account_id 134235158 \
--deployment_id 843BD5F3-583D-48D7-B929-616B100D6B7B \
> scope.csv

    Response samples

    Content type
    text/csv
    text/csv
    application/json
    type,key,name,protection_level,cidr_block,region,network,subnet,cidr_ranges
vpc,/aws/us-west-2/vpc/vpc-43f82c3a,vpc-43f82c3a,inherited,172.31.0.0/16,us-west-2,,,"[""172.31.0.0/16""]"
subnet,/aws/us-west-2/subnet/subnet-094f8853,subnet-094f8853,inherited,172.31.0.0/20,us-west-2,,,
subnet,/aws/us-west-2/subnet/subnet-78f2e71e,subnet-78f2e71e,inherited,172.31.16.0/20,us-west-2,,,
subnet,/aws/us-west-2/subnet/subnet-94ccb0bc,subnet-94ccb0bc,inherited,172.31.48.0/20,us-west-2,,,
subnet,/aws/us-west-2/subnet/subnet-974c78df,subnet-974c78df,inherited,172.31.32.0/20,us-west-2,,,

    Import protection scope

    Endpoint for importing the protection scope of a deployment.

    Authorizations:
    x-aims-auth-token
      path Parameters
      account_id
      required
      string

      The AIMS account ID whose assets are being accessed. Only valid account IDs are acceptable. Invalid account IDs result in an HTTP 404 Not Found or HTTP 403 Forbidden, depending on the client's access level.

      deployment_id
      required
      string

      The ID of the deployment source as represented in the deployments service (uppercase UUID).

      query Parameters
      write
      boolean
      Default: false

      The option is used to perform write operation if specified as true. Otherwise the endpoint works in dry-run mode. If no option specified the false is assumed.

      Request Body schema:
      text/csv
      text/csv
      application/json

      By default If no Content-Type header specified the CSV format assumed. The data format is the same as returned by the export endpoint. The required fields are: type, key and protection_level. All other fields are ignored. Any invalid items are ignored. The protection scope policy id to protection_level mapping:

      • D12D5E67-166C-474F-87AA-6F86FC9FB9BC - professional
      • A8E8B104-8F45-411D-A240-A30EA5FE25B0 - essentials
      • EC735B49-2517-4D98-BB9D-BEBC1E75D56D - enterprise
      • A562D3E4-ECBE-426E-B2CF-78D2336E5D63 - lm_essentials
      • 7E184449-FB15-4693-807F-C01A1ECD7E66 - lmpro
      • D2A589A9-EA56-456C-844E-65843B483D68 - tmpro
      Array
      type
      required
      string (AssetType)

      Asset type

      key
      required
      string (AssetKey)

      Asset key

      protection_level
      required
      string (ProtectionLevel)
      Enum: "professional" "essentials" "enterprise" "lm_essentials" "lmpro" "tmpro" "excluded" "inherited"
      name
      string (AssetName)

      Asset Name

      cidr_block
      string (CidrBlock)

      The subnet cidr_block

      region
      string

      The region asset name containing the asset. Informational only.

      network
      string

      The vpc/network asset name containing the asset. Informational only.

      cidr_ranges
      Array of strings (CidrBlock)

      The network list of CIDRs

      Responses

      Request samples

      Content type
      text/csv
      text/csv
      application/json
      type,key,name,protection_level,cidr_block,region,network,subnet,cidr_ranges
vpc,/aws/us-west-2/vpc/vpc-43f82c3a,vpc-43f82c3a,inherited,172.31.0.0/16,us-west-2,,,"[""172.31.0.0/16""]"
subnet,/aws/us-west-2/subnet/subnet-094f8853,subnet-094f8853,inherited,172.31.0.0/20,us-west-2,,,
subnet,/aws/us-west-2/subnet/subnet-78f2e71e,subnet-78f2e71e,inherited,172.31.16.0/20,us-west-2,,,
subnet,/aws/us-west-2/subnet/subnet-94ccb0bc,subnet-94ccb0bc,inherited,172.31.48.0/20,us-west-2,,,
subnet,/aws/us-west-2/subnet/subnet-974c78df,subnet-974c78df,inherited,172.31.32.0/20,us-west-2,,,

      Response samples

      Content type
      application/json
      {
      • "new_scope": {
        },
      • "included": [
        ],
      • "excluded": [
        ]
      }

      Network Operations

      Create Network

      Create network

      Authorizations:
      x-aims-auth-token
        path Parameters
        account_id
        required
        string

        The AIMS account ID whose assets are being accessed. Only valid account IDs are acceptable. Invalid account IDs result in an HTTP 404 Not Found or HTTP 403 Forbidden, depending on the client's access level.

        deployment_id
        required
        string

        The ID of the deployment source as represented in the deployments service (uppercase UUID).

        query Parameters
        force_large_network
        boolean
        Default: false

        The option is used to suppress the network size validation if specified as true. By default the service checks if the number of IP addresses is that big for a typical appliance to complete network discovery scans within a reasonable time.

        Request Body schema: application/json
        network_name
        required
        string (AssetName)

        Asset Name

        cidr_ranges
        required
        Array of strings (CidrBlock)
        public_cidr_ranges
        Array of strings (CidrBlock)
        span_port_enabled
        boolean (SpanPortEnabled)
        Default: false

        Responses

        Request samples

        Content type
        application/json
        {
        • "network_name": "Network",
        • "cidr_ranges": [
          ]
        }

        Response samples

        Content type
        application/json
        {
        • "key": "/dc/network/2C6B298D-B6C6-4798-B498-2180FC1F4996",
        • "network_name": "Network",
        • "network_uuid": "88FCC8F6-EEE8-EE07-6AC5-3E88E85AE310",
        • "cidr_ranges": [
          ],
        • "claim_key": "e318c8e213d3accf26aa07fc33e6154b055135862c49b8c5e1",
        • "span_port_enabled": false
        }

        Update Network

        Update network

        Authorizations:
        x-aims-auth-token
          path Parameters
          account_id
          required
          string

          The AIMS account ID whose assets are being accessed. Only valid account IDs are acceptable. Invalid account IDs result in an HTTP 404 Not Found or HTTP 403 Forbidden, depending on the client's access level.

          deployment_id
          required
          string

          The ID of the deployment source as represented in the deployments service (uppercase UUID).

          network_uuid
          required
          string

          The UUID of the network asset as represented in the assets service (uppercase UUID).

          query Parameters
          force_large_network
          boolean
          Default: false

          The option is used to suppress the network size validation if specified as true. By default the service checks if the number of IP addresses is that big for a typical appliance to complete network discovery scans within a reasonable time.

          Request Body schema: application/json
          network_name
          string (AssetName)

          Asset Name

          cidr_ranges
          Array of strings (CidrBlock)
          public_cidr_ranges
          Array of strings (CidrBlock)
          span_port_enabled
          boolean (SpanPortEnabled)
          Default: false

          Responses

          Request samples

          Content type
          application/json
          {
          • "cidr_ranges": [
            ]
          }

          Response samples

          Content type
          application/json
          {
          • "key": "/dc/network/2C6B298D-B6C6-4798-B498-2180FC1F4996",
          • "network_name": "Network",
          • "network_uuid": "88FCC8F6-EEE8-EE07-6AC5-3E88E85AE310",
          • "cidr_ranges": [
            ],
          • "claim_key": "e318c8e213d3accf26aa07fc33e6154b055135862c49b8c5e1",
          • "span_port_enabled": false
          }