Cloud Optix
Cloud Optix provides a REST API based request-response system to communicate with the platform. The platform’s API interface can be used for different functionalities as listed below:
Every API calls requires authentication. The way to authenticate with Cloud Optix API server is the API key.
API key: Generate the API key from the Sophos Cloud Optix console. Keeping your API key safe is your responsibility.
The API key can be generated by following the steps as listed below:
<Settings>
via the left navigation menu<Integrations><Sophos Cloud Optix API>
option<Generate new key>The API endpoint accepts the API key in a custom HTTP header. The API key should be specified in the HTTP header in the following format:
Authorization: ApiKey <API_KEY_VALUE>|
1. Alerts |
These APIs can be used to get alerts count and alert details |
|
2. Search |
These APIs can be used to get data based on a searchKey. |
|
These APIs can be used to scan your docker images and integrate your CICD pipelines |
|
|
These APIs can be used to scan your Infrastructure-as-Code (IaC) templates |
|
|
These APIs can be used to get outgoing traffic at an instance or vpc level |
|
|
Add IPs to generate alerts when Cloud Optix sees outbound traffic to specific destinations. |
|
|
7. IP Whitelist |
This API can be used to add whitelisted IPs and IP ranges |
|
This API can be used to get details of instances/virtual machines |
|
|
This API can be used to get details of cloud environments (e.g. AWS accounts) |
|
|
10. Inventory: Users |
This API can be used to get details of users of your cloud environments |
|
This API can be used to get details of Serverless services such as Lambda's for AWS and Function's for Azure. |
|
|
This API can be used to get details of Containers and their types |
Purpose: These APIs can be used to get alerts count and alert details.
URL: GET api/v1/alerts/count
Supported Media Types: Produces: application/json
Mandatory HTTP headers:
Authorization: ApiKey <API_KEY_VALUE>Query Params:
| Key | Description |
|---|---|
| days |
Integer. Optional. Number of days for which alerts would be fetched. Cannot be less than 1 or more than 365. Value not specified means querying for 365 days |
| alertType |
String. Optional. Valid Values - Policy, Anomaly, GuardDuty Value not specified means ALL |
| providerList |
String. Optional. Valid Values - AWS, Azure Value not specified means ALL |
| policyTagList |
String. Optional. Valid Values - Avid, CIS, FFIEC, HIPAA, ISO 27001, PCI, SOC2, SOC2-TSP, FEDRAMP-LOW, FEDRAMP-MODERATE, FEDRAMP-HIGH, EBU R143 Value not specified means ALL |
| accountIds |
String. Optional. The Id of the accounts that you want to fetch data for |
| lastSeenFrom |
String. Optional. Valid values should comply follow ISO 8601 format [date-element] 'T' [time-element] [offset] where date-element = yyyy-MM-dd and time-element(optional) = HH:mm:ss and offset(optional) = [+/-]hh:mm NOTE: If offset is not mentioned then it will consider UTC(00:00) by default |
| lastSeenTo |
String. Optional. Valid values should comply follow ISO 8601 format [date-element] 'T' [time-element] [offset] where date-element = yyyy-MM-dd and time-element(optional) = HH:mm:ss and offset(optional) = [+/-]hh:mm NOTE: If offset is not mentioned then it will consider UTC(00:00) by default |
| states |
String. Optional. Valid Values - OPEN, SUPPRESS Value not specified means ALL |
Success Response:
HTTP status code: 200Failures:
| HTTP Status Code | Cause/Message |
|---|---|
400 |
ApiKey not provided |
400 |
Date in 'lastSeenTo' is not in proper format It accepts formats described by the following syntax: [date-element] 'T' [time-element] [offset] where date-element = yyyy-MM-dd and time-element(optional) = HH:mm:ss and offset(optional) = [+/-]hh:mm |
400 |
Date in 'lastSeenFrom' is not in proper format It accepts formats described by the following syntax: [date-element] 'T' [time-element] [offset] where date-element = yyyy-MM-dd and time-element(optional) = HH:mm:ss and offset(optional) = [+/-]hh:mm |
400 |
Alert Type not supported |
400 |
Provider Type not supported |
400 |
Account Ids <<ids>> not found |
400 |
Can only set one of the filters: set 'days' or else set lastSeenFrom/lastSeenTo
|
400 |
Days cannot be less than 1 and greater than 365 |
400 |
Invalid Date format for both lastSeenFrom/lastSeenTo |
400 |
Parameter ‘lastSeenTo’ should come after ‘lastSeenFrom’ |
401 |
Unauthorized access or ApiKey expired |
404 |
No message available (Api resource could not be found) |
Response Json Data:
{
"critical": "int",
"high": "int",
"medium": "int",
"low": "int",
"total": "int"
}URL: GET api/v1/alerts
Note: This api is paginated.
Supported Media Types: Produces: application/json
Mandatory HTTP headers:
Authorization: ApiKey <API_KEY_VALUE>Query Params:
| Key | Description |
|---|---|
| days |
Integer. Optional. Number of days for which alerts would be fetched. Cannot be less than 1 or more than 365. Value not specified means querying for 365 days |
| alertType |
String. Optional. Valid Values - Policy, Anomaly, GuardDuty Value not specified means ALL |
| providerList |
String. Optional. Valid Values - AWS, Azure Value not specified means ALL |
| policyTagList |
String. Optional. Valid Values - Avid, CIS, FFIEC, HIPAA, ISO 27001, PCI, SOC2, SOC2-TSP, FEDRAMP-LOW, FEDRAMP-MODERATE, FEDRAMP-HIGH, EBU R143 Value not specified means ALL |
| accountIds |
String. Optional. The Id of the accounts that you want to fetch data for |
| lastSeenFrom |
String. Optional. Valid values should comply follow ISO 8601 format [date-element] 'T' [time-element] [offset] where date-element = yyyy-MM-dd and time-element(optional) = HH:mm:ss and offset(optional) = [+/-]hh:mm NOTE: If offset is not mentioned then it will consider UTC(00:00) by default |
| lastSeenTo |
String. Optional. Valid values should comply follow ISO 8601 format [date-element] 'T' [time-element] [offset] where date-element = yyyy-MM-dd and time-element(optional) = HH:mm:ss and offset(optional) = [+/-]hh:mm NOTE: If offset is not mentioned then it will consider UTC(00:00) by default |
| states |
String. Optional. Valid Values - OPEN, SUPPRESS Value not specified means ALL |
| severity |
String. Optional. Valid Values - low, medium, high, critical Value not specified means ALL |
| page |
Integer. Mandatory. Page to be retrieved. Should start with 1. |
| size |
Integer. Optional. Number of records on a page. Should not be more than 50. Default : 20 |
Success Response:
HTTP status code: 200Failures:
| HTTP Status Code | Cause/Message |
|---|---|
400 |
ApiKey not provided |
400 |
Date in 'lastSeenTo' is not in proper format It accepts formats described by the following syntax: [date-element] 'T' [time-element] [offset] where date-element = yyyy-MM-dd and time-element(optional) = HH:mm:ss and offset(optional) = [+/-]hh:mm |
400 |
Date in 'lastSeenFrom' is not in proper format It accepts formats described by the following syntax: [date-element] 'T' [time-element] [offset] where date-element = yyyy-MM-dd and time-element(optional) = HH:mm:ss and offset(optional) = [+/-]hh:mm |
400 |
Alert Type not supported |
400 |
Provider Type not supported |
400 |
Account Ids <<ids>> not found |
400 |
Can only set one of the filters: set 'days' or else set lastSeenFrom/lastSeenTo
|
400 |
Days cannot be less than 1 and greater than 365 |
400 |
Invalid Date format for both lastSeenFrom/lastSeenTo |
400 |
Parameter ‘lastSeenTo’ should come after ‘lastSeenFrom’ |
400 |
Pageable size cannot be greater than 50 |
400 |
Alert Type not supported |
401 |
Unauthorized access or ApiKey expired |
404 |
No message available (Api resource could not be found) |
Response Json Data:
{
"data": [
{
"id": "number",
"accountId": "string",
"accountName": "string",
"alertType": "string",
"alertSummary": "string",
"criticalLevel": "string",
"url": "string",
"alertId": "string",
"policyLabel": "string",
"alertDetails": "string",
"firstSeen": "number",
"lastSeen": "number",
"score": "int",
"state": "string",
"lastAction": "string",
"lastActionTime": "string",
"jiraId": "string",
"provider": "string",
"ruleResult": {
"affectedResources": [
{
"id": "number",
"affectedResource": "string",
"dataMap": "Object",
"remediateDate": "date",
"status": "string",
"failureReason": "string",
"Comment": "string",
"affectedResourceJSON": "object",
"rawAffectedResourceOutput": "object",
"state": "string",
"suppressionType": "string",
"firstSeen": "number",
"clickableResources": "number",
"resourceInfoList": "object"
}
],
"severity": "string",
"resultprefix": null,
"displayOrder": "int",
"controlId": "number",
"controlIdDesc": "string"
}
}
],
"currentPage": "int",
"hasNext": boolean,
"hasPrevious": boolean,
"totalPages": "int",
"size": "int"
}URL: GET /api/v1/search/{searchKey}
For possible values for searchKey, see Supported Search Keys in the table below.
Supported Media Types: Produces:application/json
Mandatory HTTP headers:
Authorization: ApiKey <API_KEY_VALUE>
Query Params:
| Key | Description |
|---|---|
| searchTerm |
Any URIEncoded string that follows the format described in https://docs.sophos.com/pcg/optix/help/en-us/MonitorAlerts/Search/index.html Example: searchTerm=tags.name:test* or isPublic:true |
| filters |
Key value combinations for filtering data. Keys are search field names as described in https://docs.sophos.com/pcg/optix/help/en-us/MonitorAlerts/Search/FieldNames/index.html. Multiple values can be specified using comma "," as a delimiter. Multiple filters can be specified using semicolon ";" as a delimiter. Example: instanceId=i-exampleId,i-secondId;isPublic=true |
| page |
Page to be retrieved. Starts with 1. Example: page=1 |
| size |
Integer. Mandatory. Number of records per page. Max supported value is 10000. Example:size=50 |
Supported Search Keys:
|
Search Key |
Provider |
Returned Data |
|---|---|---|
|
ALERT |
- |
Alerts |
|
AWS_ACTIVITY_LOG |
AWS |
Activity Logs |
|
AWS_AMI |
AWS |
EC2 AMIs |
|
AWS_CLUSTER |
AWS |
EKS Clusters |
|
AWS_CONTAINER |
AWS |
EKS Containers |
|
AWS_CONTAINER_FARGATE |
AWS |
ECS Fargate Container Definitions |
|
AWS_EBS_VOLUME |
AWS |
EBS Volumes |
|
AWS_ES |
AWS |
Elasticsearch (OpenSearch) |
|
AWS_EXTERNAL_ACCESS |
AWS |
Citadel Findings |
|
AWS_GROUP |
AWS |
IAM Groups |
|
AWS_HIGHRISK_ANOMALY |
AWS |
Anomaly Findings in Activity Logs |
|
AWS_HOST |
AWS |
EC2 instances |
|
AWS_INCOMING_TRAFFIC |
AWS |
Inbound Traffic |
|
AWS_INGRESS |
AWS |
EKS Ingresses |
|
AWS_LAMBDA |
AWS |
Lambda Functions |
|
AWS_NETWORK_POLICY |
AWS |
EKS Network Policies |
|
AWS_NODE |
AWS |
EKS Nodes |
|
AWS_NODE_GROUP |
AWS |
EKS Node Groups |
|
AWS_OUTGOING_TRAFFIC |
AWS |
Outbound Traffic |
|
AWS_POD |
AWS |
EKS Pods |
|
AWS_RBAC_ROLE |
AWS |
EKS RBAC Rolles |
|
AWS_RDS |
AWS |
RDS |
|
AWS_REDSHIFT_CLUSTER |
AWS |
RedShift Clusters |
|
AWS_ROLE |
AWS |
IAM Roles |
|
AWS_S3 |
AWS |
S3 Buckets |
|
AWS_SECURITY_GROUP |
AWS |
Security Groups |
|
AWS_SERVICE |
AWS |
EKS Services |
|
AWS_SSO_USER |
AWS |
IAM SSO Users |
|
AWS_TASK_DEFINITION |
AWS |
ECS Fargate Task Definitions |
|
AWS_USER |
AWS |
IAM User |
|
AWS_VPC |
AWS |
VPCs |
|
AZURE_ACTIVITY_LOG |
Azure |
Activity Logs |
|
AZURE_APP_SERVICE |
Azure |
App Services |
|
AZURE_CLUSTER |
Azure |
AKS Clusters |
|
AZURE_CONTAINER |
Azure |
AKS Containers |
|
AZURE_COSMOS_DB |
Azure |
Cosmos DBs |
|
AZURE_DB |
Azure |
DB Server |
|
AZURE_FUNCTION |
Azure |
Functions |
|
AZURE_GROUP |
Azure |
RBAC Groups |
|
AZURE_HOST |
Azure |
VMs |
|
AZURE_INCOMING_TRAFFIC |
Azure |
Inbound Traffic |
|
AZURE_INGRESS |
Azure |
AKS Ingresses |
|
AZURE_IOT_HUB |
Azure |
IoT Hubs |
|
AZURE_LOGIC_APP |
Azure |
Logic Apps |
|
AZURE_NETWORK_POLICY |
Azure |
AKS Network Policies |
|
AZURE_NETWORK_SECURITY_GROUP |
Azure |
Network Security Groups |
|
AZURE_NODE |
Azure |
AKS Nodes |
|
AZURE_NODE_GROUP |
Azure |
AKS Node Groups |
|
AZURE_OUTGOING_TRAFFIC |
Azure |
Outbound Traffic |
|
AZURE_POD |
Azure |
AKS Pods |
|
AZURE_RBAC_ROLE |
Azure |
AKS RBAC Role |
|
AZURE_RESOURCE_GROUP |
Azure |
Resource Groups |
|
AZURE_SERVICE |
Azure |
AKS Services |
|
AZURE_SQL_SERVER |
Azure |
SQL Servers |
|
AZURE_STORAGE_ACCOUNT |
Azure |
Storage Accounts |
|
AZURE_USER |
Azure |
RBAC Users |
|
AZURE_VIRTUAL_NETWORK |
Azure |
Virtual Networks |
|
GCP_ACTIVITY_LOG |
GCP |
Activity Logs |
|
GCP_BUCKET |
GCP |
Buckets |
|
GCP_CLUSTER |
GCP |
GKE Clusters |
|
GCP_CONTAINER |
GCP |
GKE Containers |
|
GCP_FIREWALL |
GCP |
Firewalls |
|
GCP_GROUP |
GCP |
IAM Groups |
|
GCP_HOST |
GCP |
VMs |
|
GCP_INCOMING_TRAFFIC |
GCP |
Inbound Traffic |
|
GCP_INGRESS |
GCP |
GKE Ingresses |
|
GCP_NETWORK_POLICY |
GCP |
GKE Network Policies |
|
GCP_NODE |
GCP |
GKE Nodes |
|
GCP_NODEPOOL |
GCP |
GKE Nodepools |
|
GCP_OUTGOING_TRAFFIC |
GCP |
Outbound Traffic |
|
GCP_POD |
GCP |
GKE Pods |
|
GCP_RBAC_ROLE |
GCP |
GKE RBAC Roles |
|
GCP_ROLE_BINDING |
GCP |
IAM Role Bindings |
|
GCP_SERVICE |
GCP |
GKE Services |
|
GCP_SQL |
GCP |
DBs |
|
GCP_USER |
GCP |
IAM Users |
|
GCP_VPC |
GCP |
VPCs |
|
NATIVE_CONTAINER |
Kubernetes |
Containers |
|
NATIVE_INGRESS |
Kubernetes |
Ingresses |
|
NATIVE_NETWORK_POLICY |
Kubernetes |
Network Policies |
|
NATIVE_NODE |
Kubernetes |
Nodes |
|
NATIVE_POD |
Kubernetes |
Pods |
|
NATIVE_RBAC_ROLE |
Kubernetes |
RBAC Roles |
|
NATIVE_SERVICE |
Kubernetes |
Services |
|
IMAGE_SCAN_DETAILS |
Container Image |
Scanned Images |
|
IMAGE_REGISTRY |
AWS, Azure, Docker |
Image Registries |
Purpose: These APIs can be used to submit docker images for scan and get vulnerability details. You can integrate apis in your build pipeline to scan docker images before deployment
URL: POST api/v1/image-scanning/submit-for-scan
Supported Media Types: Produces: application/json
Mandatory HTTP headers:
Authorization: ApiKey <API_KEY_VALUE>Query Params:
Other Query Params:
| Key | Description |
|---|---|
| files |
MultipartFile[]. Mandatory. The array of files to be scanned for dockerfiles. |
| repo_url |
String. Mandatory. The repoURL to be associated with the files. Required to save results to console. |
| branch |
String. Mandatory. The branch to be associated with the files. Required if you wish to save results to console. |
| committer_name |
String. Optional. The name of the person making the commits to be associated with the files. Required if you wish to save results to console. |
| committer_email |
String. Optional. The email of the person making the commits to be associated with the files. Required if you wish to save results to console. |
Success Response:
HTTP status code: 200A successful response will provide a taskId. The taskId can be used to make further requests, to query for the status of the scan task/results. Response will have "duplicate = true" if task for the same repo & branch is already submitted and is in processing state. Response will retrun "quotaFull = true" if the task contains more images to scan than the avaialble quota. For example value will be true if task contains 6 images to scan and quota left is 5.
Response Json Data:
{
"taskId":"string",
"duplicate":boolean,
"quotaFull":boolean
}
Failures:
| HTTP Status Code | Cause/Message |
|---|---|
400 |
ApiKey not provided |
400 |
Unable to retrieve user (When API key cannot be linked to a customer) |
400 |
Proper arguments not provided (When one/more of the mandatory params is not provided properly)
|
401 |
Unauthorized access or ApiKey expired |
404 |
No message available (Api resource could not be found) |
URL: POST api/v1/image-scanning/submit-for-scan/by-image-name
Supported Media Types: Produces: application/json
Mandatory HTTP headers:
Authorization: ApiKey <API_KEY_VALUE>Query Params:
| Key | Description |
|---|---|
| repoURL |
String. Mandatory. The repoURL to be associated with the files. Required to save results to console. |
| imageNames |
String. Mandatory. Comma separated list of image full names to be scanned |
Success Response:
HTTP status code: 200A successful response will provide a taskId. The taskId can be used to make further requests, to query for the status of the scan task/results. Response will have "duplicate = true" if task for the same repo & images is already submitted and is in processing state. Response will retrun "quotaFull = true" if the task contains more images to scan than the avaialble quota. For example value will be true if task contains 6 images to scan and quota left is 5.
Response Json Data:
{
"taskId":"string",
"duplicate":boolean,
"quotaFull":boolean
}
Failures:
| HTTP Status Code | Cause/Message |
|---|---|
400 |
ApiKey not provided |
400 |
Unable to retrieve user (When API key cannot be linked to a customer) |
400 |
Proper arguments not provided (When one/more of the mandatory params is not provided properly)
|
401 |
Unauthorized access or ApiKey expired |
404 |
No message available (Api resource could not be found) |
URL:
GET api/v1/image-scanning/get-scan-result
Supported Media Types: Produces: application/json
Mandatory HTTP headers:
Authorization: ApiKey <API_KEY_VALUE>
Other Query Params:
| Key | Description |
|---|---|
| taskId |
String. Mandatory. The ID of the task that you are requesting the status for. This is provided in the response when you upload files for scanning. |
Success Response:
HTTP status code: 200A successful response will provide scanResult containing all vulneraibily details, taskId, status ( "submitted, complete or failed"), createdAt (UTC timestamp), completedAt if task is finished, branch name submitted in task, filesScanned count of final images scanned.
Response Json Data:
{
"taskId":"string",
"status":"string",
"createdAt":time (UTC),
"completedAt":time (UTC),
"branch":"string",
"filesScanned":integer,
"scanResult":[...
{
"fullTag":"string",
"registry":"string",
"vulnerabilities":{
"critical":integer,
"high":integer,
"medium":integer,
"low":integer
..
},
"files":"List.string",
"isPublic":"Boolean",
"isSecure":"Boolean"
}
]
}
Param description:
| Param | Description |
|---|---|
taskId |
Unique Id for the task |
status |
Current status of the task. Value would be one of these "submitted, complete or failed"
|
createdAt |
UTC time the task was created at |
completedAt |
UTC time the task completed at |
branch |
Value of branch submitted during task creation |
filesScanned |
List of files successfuly scannned |
scanResult |
Scan results for the images |
fullTag |
Full image tag |
registry |
Registry of the image |
vulnerabilities |
Vulnerability counts for all criticality level |
files |
List of files where the image mention is present |
isPublic |
Is the image public |
isSecure |
Is the image secure |
Failures:
| HTTP Status Code | Cause/Message |
|---|---|
400 |
ApiKey not provided |
400 |
Unable to retrieve user (When API key cannot be linked to a customer) |
400 |
Proper arguments not provided (When one/more of the mandatory params is not provided properly)
|
401 |
Unauthorized access or ApiKey expired |
404 |
No message available (Api resource could not be found) |
URL:
GET api/v1/image-scanning/container-scan-result
Supported Media Types: Produces: application/json
Mandatory HTTP headers:
Authorization: ApiKey <API_KEY_VALUE>
Other Query Params:
| Key | Description |
|---|---|
| container |
String. Mandatory. Full image name with registry. e.g. docker.io/bkaimal0/redis:6.2.0 |
Success Response:
HTTP status code: 200A successful response will provide scanResult containing all vulneraibily details, if the image is analyzed. It will fail otherwise. Check Scan Result API for status
Response Json Data:
{
"success": boolean,
"status": "String",
"message": "String",
"code": "String",
"data":
{
"fullTag":"string",
"registry":"string",
"vulnerabilities":{
"critical":integer,
"high":integer,
"medium":integer,
"low":integer
..
},
"files":"List.string",
"isPublic":"boolean",
"isSecure":"boolean"
}
}
Param description:
| Param | Description |
|---|---|
fullTag |
Full image tag |
registry |
Registry of the image |
vulnerabilities |
Vulnerability counts for all criticality level |
isPublic |
Is the image public |
isSecure |
Is the image secure |
Failures:
| HTTP Status Code | Cause/Message |
|---|---|
400 |
ApiKey not provided |
400 |
Unable to retrieve user (When API key cannot be linked to a customer) |
400 |
Proper arguments not provided (When one/more of the mandatory params is not provided properly)
|
401 |
Unauthorized access or ApiKey expired |
404 |
No message available (Api resource could not be found) |
Purpose: Scan your Infrastructure-as-Code (IaC) templates for potential misconfigurations, before deploying infrastructure to your cloud environment, or as part of your CI/CD pipeline.
URL:
POST api/v1/iac/scan
Supported Media Types: Produces: application/json
Mandatory HTTP headers:
Authorization: ApiKey <API_KEY_VALUE>Other Query Params:
| Key | Description |
|---|---|
| files |
MultipartFile[]. Mandatory. The array of files to be scanned. For better results, please include helper files such as those carrying values of variables used in the templates. |
| repo_url |
String. Optional. The repoURL to be associated with the files. Required if you wish to save results to console. |
| branch |
String. Optional. The branch to be associated with the files. Required if you wish to save results to console. |
| committer_name |
String. Optional. The name of the person making the commits to be associated with the files. Required if you wish to save results to console. |
| committer_email |
String. Optional. The email of the person making the commits to be associated with the files. Required if you wish to save results to console. |
| async |
Boolean. Optional. By default, your IaC template files will be processed asynchronously. However, if you have a small number of files and only require summary information (count of alerts for each severity level) you can choose to process files synchronously, by changing 'async' to false. Default: true |
| save_results_to_account |
Boolean. Optional. By default, scan results will not be reported in your Cloud Optix console as alerts and in compliance reports. If you only want to see the results not only in the API response, but in the console as well, change this setting to true. Default: false |
| policy_name |
String. Optional. By default, your IaC template files will be scanned against all IaC policies in your Cloud Optix account. To scan files against a specific IaC policy only, provide the name of the policy |
Success Response:
HTTP status code: 200A successful response will provide a scan_id and a summary of the number of issues detected, by severity level. The scan_id is used to make further requests, as detailed below. The scan summary is only provided when async is set to false.
Response Json Data:
{
"scan_id":"string",
"summary":{
"num_critical_alerts":integer,
"num_high_alerts":integer,
"num_medium_alerts":integer,
"num_low_alerts":integer
}
}
Failures:
| HTTP Status Code | Cause/Message |
|---|---|
400 |
ApiKey not provided |
400 |
Unable to retrieve user (When API key cannot be linked to a customer) |
400 |
Proper arguments not provided (When one/more of the mandatory params is not provided properly)
|
401 |
Unauthorized access or ApiKey expired |
404 |
No message available (Api resource could not be found) |
URL:
GET api/v1/iac/scan/status
Supported Media Types: Produces: application/json
Mandatory HTTP headers:
Authorization: ApiKey <API_KEY_VALUE>
Other Query Params:
| Key | Description |
|---|---|
| scan_id |
String. Mandatory. The ID of the scan that you are requesting the status for. This is provided in the response when you upload files for scanning. |
Success Response:
HTTP status code: 200
Response Json Data:
{
"processing_ongoing":boolean,
"success":boolean,
"error":"string"
}
Failures:
| HTTP Status Code | Cause/Message |
|---|---|
400 |
ApiKey not provided |
400 |
Unable to find the scan you requested |
401 |
Unauthorized access or ApiKey expired |
404 |
No message available (Api resource could not be found) |
Note: Once the Scan Status API returns success as true and process_ongoing as false, you can then retrieve a detailed report of the scan.
URL:
GET api/v1/iac/scan/detailedReport
Supported Media Types: Produces: application/json
Mandatory HTTP headers:
Authorization: ApiKey <API_KEY_VALUE>
Other Query Params:
| Key | Description |
|---|---|
| scan_id |
String. Mandatory. The ID of the scan that you are requesting the detailed report for. This is provided in the response when you upload files for scanning |
Success Response:
HTTP status code: 200
Response Json Data:
{
"alerts":[
{
"scanID":"string",
"alertSummary":"string",
"criticalLevel":"string (CRITICAL, HIGH, LOW or MEDIUM)",
"alertDetails":"string",
}
]
}
Failures:
| HTTP Status Code | Cause/Message |
|---|---|
400 |
ApiKey not provided |
400 |
Unable to find the scan you requested |
401 |
Unauthorized access or ApiKey expired |
404 |
No message available (Api resource could not be found) |
Purpose: These api’s can be used to get outgoing traffic at a instance or vpc level.
URL:
GET api/v1/outgoingtraffic/vpc
Note: This api is paginated.
Supported Media Types: Produces: application/json
Mandatory HTTP headers:
Authorization: ApiKey <API_KEY_VALUE>Query Params:
| Key | Description |
|---|---|
| accountId |
String. Mandatory. The Id of the account that you want to fetch data for |
| vpcId |
String. Mandatory. The Id of the VPC |
| page |
Integer. Optional if isPageable is false else Mandatory. Page to be retrieved. Should start with 1. |
| size |
Integer. Optional. Number of records on a page. Should not be more than 50. Default: 20 |
| isPageable |
Boolean. Optional. If true, result will be paginated, else non paginated. |
| timeFrom |
String. Optional. Valid values should comply follow ISO 8601 format [date-element] 'T' [time-element] [offset] where date-element = yyyy-MM-dd and time-element(optional) = HH:mm:ss and offset(optional) = [+/-]hh:mm NOTE: If offset is not mentioned then it will consider UTC(00:00) by default |
| timeTo |
String. Optional. Valid values should comply follow ISO 8601 format [date-element] 'T' [time-element] [offset] where date-element = yyyy-MM-dd and time-element(optional) = HH:mm:ss and offset(optional) = [+/-]hh:mm NOTE: If offset is not mentioned then it will consider UTC(00:00) by default |
Success Response:
HTTP status code: 200Failures:
| HTTP Status Code | Cause/Message |
|---|---|
400 |
ApiKey not provided |
400 |
Page number should be greater than 0 |
400 |
Pageable size cannot be greater than 50 |
400 |
Invalid data |
400 |
Retry using parameters timeFrom and timeTo or limited range for timeFrom and timeTo
|
400 |
Date in 'timeTo' is not in proper format It accepts formats described by the following syntax: [date-element] 'T' [time-element] [offset] where date-element = yyyy-MM-dd and time-element(optional) = HH:mm:ss and offset(optional) = [+/-]hh:mm |
400 |
Date in 'timeFrom' is not in proper format It accepts formats described by the following syntax: [date-element] 'T' [time-element] [offset] where date-element = yyyy-MM-dd and time-element(optional) = HH:mm:ss and offset(optional) = [+/-]hh:mm |
400 |
Parameter ‘timeTo’ should come after ‘timeFrom’ |
401 |
Unauthorized access or ApiKey expired |
404 |
No message available (Api resource could not be found) |
Response Json Data:
{
"data": [
{
"name": "string",
"srcIpAddress": "string",
"instanceId": "string",
"interfaceId": "string",
"dstIpAddress": "string",
"dstPort": "string",
"time": "<<epoch time>>"
}
],
"currentPage": "int",
"hasNext": "boolean",
"hasPrevious": "boolean",
"totalPages": "int",
"size": "int"
}
URL:
GET api/v1/outgoingtraffic/instance
Note: This api is paginated.
Supported Media Types: Produces: application/json
Mandatory HTTP headers:
Authorization: ApiKey <API_KEY_VALUE>Query Params:
| Key | Description |
|---|---|
| instanceId |
String. Mandatory. The Id of the instance |
| page |
Integer. Optional if isPageable is false else Mandatory. Page to be retrieved. Should start with 1. |
| size |
Integer. Optional. Number of records on a page. Should not be more than 50. Default: 20 |
| isPageable |
Boolean. Optional. If true, result will be paginated, else non paginated. |
| timeFrom |
String. Optional. Valid values should comply follow ISO 8601 format [date-element] 'T' [time-element] [offset] where date-element = yyyy-MM-dd and time-element(optional) = HH:mm:ss and offset(optional) = [+/-]hh:mm NOTE: If offset is not mentioned then it will consider UTC(00:00) by default |
| timeTo |
String. Optional. Valid values should comply follow ISO 8601 format [date-element] 'T' [time-element] [offset] where date-element = yyyy-MM-dd and time-element(optional) = HH:mm:ss and offset(optional) = [+/-]hh:mm NOTE: If offset is not mentioned then it will consider UTC(00:00) by default |
Success Response:
HTTP status code: 200Failures:
| HTTP Status Code | Cause/Message |
|---|---|
400 |
ApiKey not provided |
400 |
Page number should be greater than 0 |
400 |
Pageable size cannot be greater than 50 |
400 |
Invalid data |
400 |
Retry using parameters timeFrom and timeTo or limited range for timeFrom and timeTo
|
400 |
Date in 'timeTo' is not in proper format It accepts formats described by the following syntax: [date-element] 'T' [time-element] [offset] where date-element = yyyy-MM-dd and time-element(optional) = HH:mm:ss and offset(optional) = [+/-]hh:mm |
400 |
Date in 'timeFrom' is not in proper format It accepts formats described by the following syntax: [date-element] 'T' [time-element] [offset] where date-element = yyyy-MM-dd and time-element(optional) = HH:mm:ss and offset(optional) = [+/-]hh:mm |
400 |
Parameter ‘timeTo’ should come after ‘timeFrom’ |
401 |
Unauthorized access or ApiKey expired |
404 |
No message available (Api resource could not be found) |
Response Json Data:
{
"data": [
{
"name": "string",
"srcIpAddress": "string",
"instanceId": "string",
"interfaceId": "string",
"dstIpAddress": "string",
"dstPort": "string",
"time": "<<epoch time>>"
}
],
"currentPage": "int",
"hasNext": "boolean",
"hasPrevious": "boolean",
"totalPages": "int",
"size": "int"
}
Purpose: Cloud Optix can alert on outbound traffic to a list of destination IP addresses that you provide using this API.
Note: This API is not currently available to all customers.
URL: POST api/v1/outboundtraffic/ipList
Supported Media Types: Consumes: application/json
Mandatory HTTP headers:
Authorization: ApiKey <API_KEY_VALUE>Request JSON Payload Structure:
[
{
"accountIds": <<Array of String: optional valid account ids>>,
"data": {
"ips": [
<<String: valid IP>>,
<<String: valid IP>>
]
}
}
]
Success Response:
HTTP status code: 200Success Message:
Failures:
| HTTP Status Code | Cause/Message |
|---|---|
400 |
ApiKey not provided |
400 |
Data object invalid |
400 |
Account Ids <id> not found |
401 |
Unauthorized access or ApiKey expired |
404 |
No message available (Api resource could not be found) |
Purpose: This api can be used to add whitelisted IPs.
URL: POST api/v1/whitelistIPs
Supported Media Types: Consumes: application/json
Mandatory HTTP headers:
Authorization: ApiKey <API_KEY_VALUE>Request JSON Payload Structure:
{
"accountIds": <<Array of String: optional valid account ids>>,
"data": {
"ips": [
<<String: valid IP/IP range>>,
<<String: valid IP/IP range>>
]
}
}
Success Response:
HTTP status code: 200Success Message:
Response Json Data:
[
{
"data": {
"ips": [
"<<string: valid IP/IP range>>",
"<<string: valid IP/IP range>>"
]
},
"id": "number",
"accountIds": "<<Array of string: account ids>>",
"customerId": "int",
"accountId": "string: account id"
}
]
Failures:
| HTTP Status Code | Cause/Message |
|---|---|
400 |
ApiKey not provided |
400 |
Data object invalid |
400 |
Account Ids <id> not found |
401 |
Unauthorized access or ApiKey expired |
404 |
No message available (Api resource could not be found) |
Purpose: This API can be used to get details of instances/virtual machines.
URL: GET api/v1/vms
Note: This api is paginated.
Supported Media Types: Produces: application/json
Mandatory HTTP headers:
Authorization: ApiKey <API_KEY_VALUE>Query Params:
| Key | Description |
|---|---|
| accountIds |
String. Optional. Comma separated list. If not set, will return data for all environments. E.g.: 12345678xxx,98765432xxx |
| provider |
String. Mandatory. Valid Values - AWS, Azure, GCP |
| page |
Integer. Optional. Page to be retrieved. Should start with 0. Default: 0 (invalid values will be considered as [page]:0) |
| size |
Integer. Mandatory. Number of records on a page. Should not be more than 500 and less than 100. |
Success Response:
HTTP status code: 200Failures:
| HTTP Status Code | Cause/Message |
|---|---|
401 |
Unauthorized access or ApiKey expired |
400 |
ApiKey not provided |
400 |
Account Ids <<ids>> not found |
400 |
Pageable size cannot be greater than 500
|
400 |
Pageable size cannot be less than 100 |
400 |
Provider type not supported |
Response Json Data:
{
"errorMessage":"String",
"data":[
{
"accountType":"AWS",
"accountId":"number",
"instanceId":"String",
"moreInfo":{
"imageId":"String",
"instanceProfileId":"String",
"runningState":"String",
"instanceType":"String",
"region":"String",
"availabilityZone":"String",
"subnetId":"String",
"vpcId":"String",
"isPublic":"Boolean",
"hasContainerNodes":"Boolean",
"isIAMRoleAssigned":"Boolean",
"securityGroupList":[
{
"name":"String",
"value":"String"
}
],
"networkInterfaces":[
{
"interfaceId":"String",
"isPublicIP":"Boolean",
"publicIP":"String",
"privateIP":"String"
}
],
"tags":"{ \"key\":\"value\" }",
"lastModifiedBy":"String",
"serverAgent": {
"agentId": "String",
"hostname": "String",
"health": "String",
"osName": "String",
"lastSeenAt": "Date"
}
}
},
{
"accountType":"GCP",
"accountId":"String",
"instanceId":"String",
"moreInfo":{
"name":"String",
"description":"String",
"instanceType":"String",
"status":"String",
"zone":"String",
"canIpForward":"Boolean",
"cpuPlatform":"String",
"kind":"String",
"startRestricted":"Boolean",
"isPublic":"Boolean",
"publicIP":"String",
"privateIP":"String",
"deletionProtection":"Boolean",
"networkInterfaceList":[
{
"name":"String",
"networkId":"String",
"privateIp":"String",
"subnetId":"String",
"kind":"String",
"accessConfigList":[
{
"name":"String",
"natIP":"String",
"publicPtrDomainName":"String",
"kind":"String"
}
]
}
],
"disksList":[
{
"name":"String",
"sourceImage":"String",
"diskSizeGb":"String",
"diskType":"String",
"type":"String",
"mode":"String",
"source":"String",
"index":"Number",
"isEncrypted":"Boolean"
}
],
"metadata":null,
"tags":null,
"firewallList":[
"String"
],
"serviceAccountList":[
{
"email":"String",
"scopes":[
"String"
]
}
],
"hasContainerNodes":"Boolean"
}
},
{
"accountType":"AZURE",
"accountId":"String",
"instanceId":"String",
"moreInfo":{
"name":"String",
"image":"String",
"runningState":"String",
"instanceType":"String",
"region":"String",
"osType":"String",
"subnetId":"String",
"resourceGroup":"String",
"isPublic":"Boolean",
"passwordLogin":"Boolean",
"provisioningState":"String",
"vnetId":"String",
"osDiskEncryption":"Boolean",
"publicIP":"String",
"privateIP":"String",
"primarySecurityGroup":"String",
"hasContainerNodes":"Boolean",
"dataDisksEncryption":"Boolean",
"securityGroupList":[
{
"name":"String",
"value":"String"
}
],
"networkInterfaces":[
{
"interfaceId":"String",
"name":"String",
"publicIP":"String",
"privateIP":"String",
"nsgId":"String",
"ipConfigration":[
{
"name":"String",
"privateIP":"String",
"publicIP":"String",
"subnet":"String",
"primary":"Boolean",
"applicationSecurityGroups":[
]
}
]
}
],
"tags":{
"String":"String",
"String":"String"
},
"vmScaleSetId":"String",
"vmScaleSet":"String",
"serverAgent": {
"agentId": "String",
"hostname": "String",
"health": "String",
"osName": "String",
"lastSeenAt": "Date"
}
}
}
],
"currentPage":"int",
"hasNext":"boolean",
"hasPrevious":"boolean",
"totalPages":"int",
"size":"int"
}
Purpose: This API can be used to get details of environments on your Cloud Optix account (e.g. AWS accounts, Azure subcriptions and GCP projects).
URL: GET api/v1/accounts
Note: This api is paginated.
Supported Media Types: Produces: application/json
Mandatory HTTP headers:
Authorization: ApiKey <API_KEY_VALUE>Query Params:
| Key | Description |
|---|---|
| accountIds |
String. Optional. Comma separated list. If not set, will return data for all environments. E.g.: 12345678xxx,98765432xxx |
| provider |
String. Optional. Valid Values - AWS, Azure, GCP, Kubernetes and Docker (All Case-sensitive). If not set, will return data for all providers |
Success Response:
HTTP status code: 200Failures:
| HTTP Status Code | Cause/Message |
|---|---|
401 |
Unauthorized access or ApiKey expired |
400 |
ApiKey not provided |
400 |
Account Ids <<ids>> not found |
400 |
Provider type not supported |
Response Json Data:
[
{
"accountId":"String",
"accountType":"String",
"name":"String",
"registeredDate":"String",
"cloudAssets":"Integer",
"status": "String",
"isEnabled": "Boolean",
"isSubAccount": "Boolean",
"subAccounts": [
"String",
"String"
],
"tags": [
"String",
"String"
],
"accountSyncBenchmark": {
"latestSuccessSyncTime": "String",
"latestSuccessBenchmarkRunTime": "String"
},
"cloudLogStatus": "String",
"flowLogStatus": "String"
}
]
Purpose: This API can be used to get details of Users on your cloud environments
URL: GET api/v1/users
Note: This api is paginated.
Supported Media Types: Produces: application/json
Mandatory HTTP headers:
Authorization: ApiKey <API_KEY_VALUE>Query Params:
| Key | Description |
|---|---|
| accountIds |
String. Optional. Comma separated list. If not set, will return data for all environments. E.g.: 12345678xxx,98765432xxx |
| provider |
String. Mandatory. Valid Values - AWS, Azure, GCP |
| page |
Integer. Optional. Page to be retrieved. Should start with 0. Default: 0 (invalid values will be considered as [page]:0) |
| size |
Integer. Mandatory. Number of records on a page. Should not be more than 500 and less than 100. |
Success Response:
HTTP status code: 200Failures:
| HTTP Status Code | Cause/Message |
|---|---|
401 |
Unauthorized access or ApiKey expired |
400 |
ApiKey not provided |
400 |
Account Ids <<ids>> not found |
400 |
Pageable size cannot be greater than 500
|
400 |
Pageable size cannot be less than 100 |
400 |
Provider type not supported |
Response Json Data:
{
"errorMessage":"String",
"data":[
{
"accountType":"AWS",
"accountId":"String",
"name":"String",
"moreInfo":{
"accessKeyAge":"String",
"arn":"String",
"attachedManagedPolicyCount":"String",
"consolePasswdStatus":"String",
"groupList":"String",
"isActive":"Boolean",
"isMfaActive":"String",
"lastActivity":"String",
"createDate":"String",
"lastModifiedBy":"Boolean",
"attachedPolicies":"Boolean",
"passwordLastChanged":"String",
"passwordLastUsed":"String",
"path":"Boolean",
"userId":"String",
"userPolicyCount":"String",
"isOverPrivileged":null,
"policyUtilizationRatio":null
}
},
{
"accountType":"GCP",
"accountId":"String",
"name":"String",
"moreInfo":{
"agreedToTerms":"Boolean",
"changePasswordAtNextLogin":"Boolean",
"creationTime":"String",
"deletionTime":"String",
"instanceId":"String",
"ipWhitelisted":"Boolean",
"isAdmin":"Boolean",
"isArchived":"Boolean",
"isDelegatedAdmin":"Boolean",
"isEnrolledIn2Sv":"Boolean",
"isEnforcedIn2Sv":"Boolean",
"isSuspended":"Boolean",
"lastLoginTime":"String",
"orgId":"String",
"primaryEmail":"String"
}
},
{
"accountType":"Azure",
"accountId":"String",
"name":"String",
"moreInfo":{
"accessKeyAge":"String",
"attachedManagedPolicyCount":"Integer",
"consolePasswdStatus":"String",
"createDate":"String",
"deletionTimestamp":"String",
"groupList":"String",
"instanceId":"String",
"isActive":"Boolean",
"isMfaActive":"Boolean",
"mail":"String",
"mainNickname":"String",
"passwordLastChanged":"String",
"passwordLastUsed":"String",
"principalName":"String",
"signInName":"String",
"source":"String",
"tenantId":"String",
"usageLocation":"String",
"userPolicyCount":"Integer",
"userType":"String"
}
}
],
"currentPage":"int",
"hasNext":"boolean",
"hasPrevious":"boolean",
"totalPages":"int",
"size":"int"
}
Purpose: This API can be used to get details of Serverless services such as Lambda's for AWS and Function's for Azure.
URL: GET api/v1/serverless
Note: This api is paginated.
Supported Media Types: Produces: application/json
Mandatory HTTP headers:
Authorization: ApiKey <API_KEY_VALUE>Query Params:
| Key | Description |
|---|---|
| accountIds |
String. Optional. Comma-separated list of Account-Ids for your Customer. |
| provider |
String. Mandatory. Valid Values - AWS, Azure. |
| page |
Integer. Optional. Page to be retrieved. Should start with 0. Default: 0 (invalid values will be considered as [page]:0) |
| size |
Integer. Mandatory. Number of records on a page. Should not be more than 500 and less than 100. |
Success Response:
HTTP status code: 200Failures:
| HTTP Status Code | Cause/Message |
|---|---|
401 |
Unauthorized access or ApiKey expired |
401 |
Api Key Not Valid |
400 |
ApiKey not provided |
400 |
Account Ids <<ids>> not found |
400 |
Pageable size cannot be greater than 500
|
400 |
Page number should be greater than 0 |
400 |
Provider <<provider>> not supported |
Response Json Data:
For AWS:
{
"errorMessage": String,
"data": [
{
"accountType": String,
"accountId": String,
"functionName": String,
"region": String,
"moreInfo": {
"functionArn": String,
"runtime": String,
"role": String,
"codeSize": Long,
"memorySize": Long,
"lastModified": Date,
"version": String,
"revisionId": String,
"vpcId": String,
"lastModifiedBy": Date,
"functionPolicy": String,
"mappedSecurityGroupIdList": String,
"executionRole": String,
"mappedTags": String
}
}
],
"currentPage": 0,
"hasNext": true,
"hasPrevious": false,
"totalPages": 56,
"size": 1
}
For Azure:
{
"errorMessage": String,
"data": [
{
"accountType": String,
"accountId": String,
"functionName": String,
"region": String,
"moreInfo": {
"resourceGroup": String,
"instanceId": String,
"alwaysOn": Boolean,
"appServicePlanId": String,
"autoSwapSlotName": String,
"clientAffinityEnabled": Boolean,
"clientCertEnabled": Boolean,
"containerSize": Long,
"defaultHostName": String,
"enabled": Boolean,
"http20Enabled": Boolean,
"webSocketsEnabled": Boolean,
"storageAccount": String,
"state": String,
"repositorySiteName": String,
"remoteDebuggingEnabled": Boolean,
"httpsOnly": Boolean,
"defaultContainer": String,
"lastModifiedTime": Date,
"localMySqlEnabled": Boolean,
"os": String,
"platformArchitecture": String,
"isPublic": Boolean,
"ftpsOnly": Boolean,
"authEnabled": Boolean,
"principalId": String,
"tlsVersion": String,
"mappedOutboundIps": String,
"mappedTags": String
}
}
],
"currentPage": 0,
"hasNext": true,
"hasPrevious": false,
"totalPages": 56,
"size": 1
}
{
“errorMessage”: “String”
}
Purpose: This API can be used to get details of Containers and their types
URL: GET api/v1/containers
Note: This api is paginated.
Supported Media Types: Produces: application/json
Mandatory HTTP header:
Authorization: ApiKey <API_KEY_VALUE>Query Params:
| Key | Description |
|---|---|
| cloudProvider |
String. Mandatory Supported value: native/eks/aks/gke |
| containerType |
String. Mandatory. Supported Value: clusters/nodes/pods/containers |
| accountIds |
String. Optional Comma-separated list of Account-Ids for your Customer. Eg: 12345678xxx,98765432xxx |
| page |
Integer. Optional. Page to be retrieved. Should start with 0. Default: 0 (invalid values will be considered as [page]:0) |
| size |
Integer. Mandatory. Number of records on a page. Should not be more than 500 and less than 100. |
Success Response:
HTTP status code: 200Failures:
| HTTP Status Code | Cause/Message |
|---|---|
401 |
Unauthorized access or ApiKey expired |
401 |
Api Key Not Valid |
400 |
ApiKey not provided |
400 |
Account Ids <<ids>> not found |
400 |
Provider not provided. |
400 |
Container-Type not provided. |
400 |
Invalid Container-Type:<<containerType>> |
400 |
Provider:<<cloudProvider>> not supported for Container-Type:<<containerType>>
|
Response Json Data:
For EKS Cluster:{
"errorMessage": "String",
"data": [
{
"accountType": "String",
"accountId": "String",
"objectId": "String",
"name": "String",
"moreInfo": {
"instanceId": "String",
"region": "String",
"roleArn": "String",
"version": "String",
"createdAt": "Date",
"endpoint": "String",
"platformVersion": "String",
"status": "String",
"vpcId": "String",
"endpointPublicAccess": "Boolean",
"endpointPrivateAccess": "Boolean",
"mappedSecurityGroupList": "String",
"mappedSubnetList": "String",
"mappedLogging": "String",
"mappedTags": "String"
}
}
],
"currentPage": 0,
"hasNext": true,
"hasPrevious": false,
"totalPages": 56,
"size": 1
}
{
"errorMessage": "String",
"data": [
{
"accountType": "String",
"accountId": "String",
"objectId": "String",
"name": "String",
"moreInfo": {
"instanceId": "String",
"namespace": "String",
"publicIp": "String",
"vmId": "String",
"provider": "String",
"providerId": "String",
"podCIDR": "String",
"containerVersion": "String",
"kernelVersion": "String",
"kubeProxyVersion": "String",
"kubeletVersion": "String",
"startTime": "Date",
"cloudProvider": "String",
"cloudProviderId": "String",
"mappedAddresses": "String",
"mappedTags": "String"
}
}
],
"currentPage": 0,
"hasNext": true,
"hasPrevious": false,
"totalPages": 56,
"size": 1
}
{
"errorMessage": "String",
"data": [
{
"accountType": "String",
"accountId": "String",
"objectId": "String",
"name": "String",
"moreInfo": {
"instanceId": "String",
"namespace": "String",
"nodeName": "String",
"privateIP": "String",
"status": "String",
"startTime": "Date",
"subDomain": "String",
"spawnedBy": "String",
"serviceAccount": "String",
"hostIP": "String",
"isPublic": "Boolean",
"isPrivileged": "Boolean",
"cloudProvider": "String",
"cloudProviderId": "String",
"automountServiceAccountToken": "Boolean",
"mappedPodSecurityContext": "String",
"mappedTags": "String",
"mappedNodeSelector": "String",
"mappedOwnerRefList": "String"
}
}
],
"currentPage": 0,
"hasNext": true,
"hasPrevious": false,
"totalPages": 56,
"size": 1
}
{
"errorMessage": "String",
"data": [
{
"accountType": "String",
"accountId": "String",
"objectId": "String",
"name": "String",
"moreInfo": {
"instanceId": "String",
"image": "String",
"imagePullPolicy": "String",
"status": "String",
"startedTime": "Date",
"restartCount": "Integer",
"allowPrivilegeEscalation": "Boolean",
"privileged": "Boolean",
"workingDir": "String",
"isStdin": "Boolean",
"isStdinOnce": "Boolean",
"cloudProvider": "String",
"cloudProviderId": "String",
"mappedPorts": "String",
"mappedSecurityContext": "String",
"mappedCommands": "String",
"mappedArgs": "String"
}
}
],
"currentPage": 0,
"hasNext": true,
"hasPrevious": false,
"totalPages": 56,
"size": 1
}
{
“errorMessage”: “String”
}