Introduction
Application developers can access Dome9 functionality from within applications using the Dome9 API. With version 2 of this API, developers can access functions using RESTful HTTP requests.
The resources and methods listed in this API cover the Dome9 functionality that developer applications need to onboard and manage their cloud accounts in Dome9.
The resources are grouped into Dome9 entities and Cloud Inventory entities.
Dome9 entities include functional features such as Clarity, Compliance, Dome9 Alerts, and entities such as access leases, Compliance bundles and rules, and Dome9 users and roles.
Cloud inventory includes entities such as Security Groups, instances, regions, and VPCs.
The API is based on HTTP requests and responses, and uses JSON blocks.
The base URL for the Dome9 API is https://api.dome9.com/v2/
Scroll down for code samples, example requests and responses. Select a language for code samples from the tabs above or the mobile navigation menu.
Authentication
The Dome9 API uses HTTP Basic Authentication scheme.
You will need a V2 API key and a secret in order to use the API.
You can generate the key and secret in the Dome9 console (https://secure.dome9.com), under 'My Settings' section.
For detailed instructions see Create a Dome9 API Key
Example:
curl -u your-api-key-id:your-api-key-secret https://api.dome9.com/v2/CloudAccounts
AccessLease
The AccessLease resource has methods to create dynamic access leases, with which users can access resources in AWS accounts managed by Dome9.
Leases are for specific users (not necessarily Dome9 users) and for specific periods of time.
Once a lease has been created, it can be sent to the user for whom it was created using the AccessLeaseInvitation resource.
Related resources
See also
Send a Lease invitation to a user
Acquire Aws Lease
Code samples
# You can also use wget
curl -X POST https://api.dome9.com/v2/accesslease/aws \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"region": "us_east_1",
"securityGroupId": "string",
"id": "00000000-0000-0000-0000-000000000000",
"accountId": 0,
"name": "string",
"ip": "string",
"note": "string",
"created": "2019-06-13T15:21:04Z",
"user": "string",
"length": "string",
"protocol": "ALL",
"portFrom": 0,
"portTo": 0,
"srl": "string"
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/accesslease/aws',
{
method: 'POST',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.post('https://api.dome9.com/v2/accesslease/aws', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
POST /v2/accesslease/aws
Create a new Access Lease for an AWS service
Body parameter
{
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"region": "us_east_1",
"securityGroupId": "string",
"id": "00000000-0000-0000-0000-000000000000",
"accountId": 0,
"name": "string",
"ip": "string",
"note": "string",
"created": "2019-06-13T15:21:04Z",
"user": "string",
"length": "string",
"protocol": "ALL",
"portFrom": 0,
"portTo": 0,
"srl": "string"
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | AwsAccessLeasePost | true | details for the lease |
Example responses
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Get
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/AccessLease \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AccessLease',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/AccessLease', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/AccessLease
Get a list of all active Access Leases
Example responses
200 Response
{
"aws": [
{
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"region": "ap_southeast_2",
"securityGroupId": 0,
"id": "00000000-0000-0000-0000-000000000000",
"accountId": 0,
"name": "string",
"ip": "string",
"note": "string",
"created": "2019-06-13T15:21:04Z",
"user": "string",
"length": "string",
"protocol": "ALL",
"portFrom": 0,
"portTo": 0,
"srl": "string"
}
],
"agents": [
{
"agentId": 0,
"id": "00000000-0000-0000-0000-000000000000",
"accountId": 0,
"name": "string",
"ip": "string",
"note": "string",
"created": "2019-06-13T15:21:04Z",
"user": "string",
"length": "string",
"protocol": "ALL",
"portFrom": 0,
"portTo": 0,
"srl": "string"
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | AccessLeasesGrouped |
Delete
Code samples
# You can also use wget
curl -X DELETE https://api.dome9.com/v2/AccessLease/{id}
--basic -u <key-id>:<key-secret> \
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
request('https://api.dome9.com/v2/AccessLease/{id}',
{
method: 'DELETE'
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
r = requests.delete('https://api.dome9.com/v2/AccessLease/{id}', params={
, auth=(apiKey, apiSecret))
print(r.json())
DELETE /v2/AccessLease/{id}
Terminate an Access Lease
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | the id of the lease to terminate |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | No Content | None |
AccessLeaseInvitation
The AcessLeaseInvitation resource has methods to create and view invitations to users to access managed AWS account resources (such as instances) using access leases.
Invitations are sent as emails. The recipient is the user of the lease. Typically they will use the lease from the location (host) on which the email is opened. The lease is time limited, and specific to a user.
Create access leases using the AccessLease resource.
Related resources
See also
Access Invitation
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/access-lease-invitation/access/{invitationId} \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/access-lease-invitation/access/{invitationId}',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/access-lease-invitation/access/{invitationId}', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/access-lease-invitation/access/{invitationId}
Get a specific invitation
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| invitationId | path | string(uuid) | true | the id of the invitation |
Example responses
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Get Pending Invitations
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/AccessLeaseInvitation \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AccessLeaseInvitation',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/AccessLeaseInvitation', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/AccessLeaseInvitation
Get a list of pending invitations (invitations not yet activated)
These are invitations that have not yet been activated
Example responses
200 Response
[
{
"notifyEmail": "MyName@gmail.com",
"length": "string",
"recipientName": "string",
"targetSrl": "string",
"body": "string",
"id": "00000000-0000-0000-0000-000000000000",
"expirationTime": "2019-06-13T15:21:04Z",
"pivotEntity": "string",
"serviceName": "string",
"issuerName": "string",
"created": "2019-06-13T15:21:04Z"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Status Code 200
| Name | Type | Description |
|---|---|---|
| anonymous | [AccessLeaseInvitation] | none |
Create Invitation
Code samples
# You can also use wget
curl -X POST https://api.dome9.com/v2/AccessLeaseInvitation \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"notifyEmail": "MyName@gmail.com",
"length": "string",
"recipientName": "string",
"targetSrl": "string",
"body": "string",
"id": "00000000-0000-0000-0000-000000000000",
"expirationTime": "2019-06-13T15:21:04Z",
"pivotEntity": "string",
"serviceName": "string",
"issuerName": "string",
"created": "2019-06-13T15:21:04Z"
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AccessLeaseInvitation',
{
method: 'POST',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.post('https://api.dome9.com/v2/AccessLeaseInvitation', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
POST /v2/AccessLeaseInvitation
Create a new Lease Invitation
Body parameter
{
"notifyEmail": "MyName@gmail.com",
"length": "string",
"recipientName": "string",
"targetSrl": "string",
"body": "string",
"id": "00000000-0000-0000-0000-000000000000",
"expirationTime": "2019-06-13T15:21:04Z",
"pivotEntity": "string",
"serviceName": "string",
"issuerName": "string",
"created": "2019-06-13T15:21:04Z"
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | AccessLeaseInvitation | true | lease invitation details |
Example responses
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Delete
Code samples
# You can also use wget
curl -X DELETE https://api.dome9.com/v2/AccessLeaseInvitation/{id}
--basic -u <key-id>:<key-secret> \
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
request('https://api.dome9.com/v2/AccessLeaseInvitation/{id}',
{
method: 'DELETE'
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
r = requests.delete('https://api.dome9.com/v2/AccessLeaseInvitation/{id}', params={
, auth=(apiKey, apiSecret))
print(r.json())
DELETE /v2/AccessLeaseInvitation/{id}
Delete a lease invitation
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | the id of the lease to delete |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | No Content | None |
AccountTrust
The AccountTrust resource has methods to define a trust relationship between Dome9 accounts. This allows users in a one account to make changes and perform operations in another account.
Actions in the trustee account are performed using a role which is defined for it. The user from the trusted account assumes this role when signing in to the trustee account.
Related resources
See also
Dome9 Managed Service Providers
Get Assumable Roles
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/AccountTrust/assumable-roles \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AccountTrust/assumable-roles',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/AccountTrust/assumable-roles', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/AccountTrust/assumable-roles
Get a list of objects that represent a trusted account and its assumebale roles
Example responses
200 Response
[
{
"accountName": "string",
"accountId": 0,
"roles": [
"string"
]
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Status Code 200
| Name | Type | Description |
|---|---|---|
| anonymous | [AccountTrustAssumableRoles] | none |
Get
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/AccountTrust?trustDirection=MyAccountIsTarget \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AccountTrust?trustDirection=MyAccountIsTarget',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/AccountTrust', params={
'trustDirection': 'MyAccountIsTarget'
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/AccountTrust
Get a list of accounts which are trusted by or trust this account according to the given "trustDirection"
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| trustDirection | query | string | true | Determines whether the accounts result list are the trusted/trustee accounts |
Enumerated Values
| Parameter | Value |
|---|---|
| trustDirection | MyAccountIsTarget |
| trustDirection | MyAccountIsSource |
Example responses
200 Response
[
{
"id": "00000000-0000-0000-0000-000000000000",
"targetAccountName": "string",
"sourceAccountName": "string",
"sourceAccountId": "00000000-0000-0000-0000-000000000000",
"description": "string",
"restrictions": {
"roles": [
"string"
]
}
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Status Code 200
| Name | Type | Description |
|---|---|---|
| anonymous | [AccountTrust] | none |
Post
Code samples
# You can also use wget
curl -X POST https://api.dome9.com/v2/AccountTrust \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"sourceAccountId": "00000000-0000-0000-0000-000000000000",
"description": "string",
"restrictions": {
"roles": [
"string"
]
}
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AccountTrust',
{
method: 'POST',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.post('https://api.dome9.com/v2/AccountTrust', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
POST /v2/AccountTrust
Create a new account trust where this account is the target based on the given "SourceAccountId", i.e. this account trusts the source account
Body parameter
{
"sourceAccountId": "00000000-0000-0000-0000-000000000000",
"description": "string",
"restrictions": {
"roles": [
"string"
]
}
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | AccountTrustPost | true | none |
Example responses
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Put
Code samples
# You can also use wget
curl -X PUT https://api.dome9.com/v2/AccountTrust/{id} \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"description": "string",
"restrictions": {
"roles": [
"string"
]
}
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AccountTrust/{id}',
{
method: 'PUT',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.put('https://api.dome9.com/v2/AccountTrust/{id}', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
PUT /v2/AccountTrust/{id}
Update the account trust description or restrictions
Body parameter
{
"description": "string",
"restrictions": {
"roles": [
"string"
]
}
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | Account trust id |
| body | body | AccountTrustPut | true | none |
Example responses
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Delete
Code samples
# You can also use wget
curl -X DELETE https://api.dome9.com/v2/AccountTrust/{id}
--basic -u <key-id>:<key-secret> \
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
request('https://api.dome9.com/v2/AccountTrust/{id}',
{
method: 'DELETE'
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
r = requests.delete('https://api.dome9.com/v2/AccountTrust/{id}', params={
, auth=(apiKey, apiSecret))
print(r.json())
DELETE /v2/AccountTrust/{id}
Delete an account trust
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | The trust id |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | No Content | None |
Assessment
The Assessment resource has methods to run compliance assessments on cloud accounts, and view the results.
An assessment runs a bundle, which consists of a collection of rules (or tests) that test the properties and capabilities of your cloud account and its entities.
The methods in this resource are synchronous; the response will be sent when the assessment is complete, and will include the results. The respose is typically sent within a few seconds, but for some assessments (on environments with a large number of entities, or bundles with a large number of tests), this could take several minutes.
Assessments can also be run on AWS CloudFormation Template (CFT) files.
You can get a list of all the available bundles for your account using the CompliancePolicy resource.
See results of previous assessments using the AssessmentHistoryV2 resource.
The response contains the results of the assessment.
Related resources
See also
Create a bundle and run an assessment with it
Run Bundle
Code samples
# You can also use wget
curl -X POST https://api.dome9.com/v2/assessment/bundleV2 \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"id": 0,
"name": "string",
"description": "string",
"cft": {
"rootName": "string",
"params": [
{
"key": "string",
"value": "string"
}
],
"files": [
{
"name": "string",
"template": "string"
}
]
},
"isCft": true,
"dome9CloudAccountId": "00000000-0000-0000-0000-000000000000",
"externalCloudAccountId": "string",
"cloudAccountId": "string",
"region": "string",
"cloudNetwork": "string",
"cloudAccountType": "Aws",
"requestId": "00000000-0000-0000-0000-000000000000"
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/assessment/bundleV2',
{
method: 'POST',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.post('https://api.dome9.com/v2/assessment/bundleV2', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
POST /v2/assessment/bundleV2
Run an assessment on a cloud environment using a bundle (V2)
Body parameter
{
"id": 0,
"name": "string",
"description": "string",
"cft": {
"rootName": "string",
"params": [
{
"key": "string",
"value": "string"
}
],
"files": [
{
"name": "string",
"template": "string"
}
]
},
"isCft": true,
"dome9CloudAccountId": "00000000-0000-0000-0000-000000000000",
"externalCloudAccountId": "string",
"cloudAccountId": "string",
"region": "string",
"cloudNetwork": "string",
"cloudAccountType": "Aws",
"requestId": "00000000-0000-0000-0000-000000000000"
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | AssessmentBundleRequest | true | The assessment request block |
Example responses
200 Response
{
"request": {
"dome9CloudAccountId": "00000000-0000-0000-0000-000000000000",
"externalCloudAccountId": "string",
"cloudAccountId": "string",
"region": "string",
"cloudNetwork": "string",
"cloudAccountType": "Aws",
"requestId": "00000000-0000-0000-0000-000000000000"
},
"tests": [
{
"error": "string",
"testedCount": 0,
"relevantCount": 0,
"nonComplyingCount": 0,
"exclusionStats": {
"testedCount": 0,
"relevantCount": 0,
"nonComplyingCount": 0
},
"entityResults": [
{
"validationStatus": "Relevant",
"isRelevant": true,
"isValid": true,
"isExcluded": true,
"exclusionId": "00000000-0000-0000-0000-000000000000",
"error": "string",
"testObj": {}
}
],
"rule": {
"name": "string",
"severity": "Low",
"logic": "string",
"description": "string",
"remediation": "string",
"complianceTag": "string",
"domain": "string",
"priority": "string",
"controlTitle": "string",
"ruleId": "string",
"logicHash": "string",
"isDefault": true
},
"testPassed": true
}
],
"locationMetadata": {
"account": {
"srl": "string",
"name": "string",
"id": "string",
"externalId": "string"
},
"region": {
"srl": "string",
"name": "string",
"id": "string",
"externalId": "string"
},
"cloudNetwork": {
"srl": "string",
"name": "string",
"id": "string",
"externalId": "string"
}
},
"testEntities": {
"notSupported": [
{}
],
"instance": [
{}
],
"securityGroup": [
{}
],
"elb": [
{}
],
"rds": [
{}
],
"lambda": [
{}
],
"region": [
{}
],
"virtualMachine": [
{}
],
"networkSecurityGroup": [
{}
],
"cloudTrail": [
{}
],
"nacl": [
{}
],
"vpc": [
{}
],
"subnet": [
{}
],
"s3Bucket": [
{}
],
"applicationLoadBalancer": [
{}
],
"iamUser": [
{}
],
"iamRole": [
{}
],
"iam": [
{}
],
"redshift": [
{}
],
"kms": [
{}
],
"default": [
{}
],
"vmInstance": [
{}
],
"iamGroup": [
{}
],
"efs": [
{}
],
"network": [
{}
],
"elastiCache": [
{}
],
"loadBalancer": [
{}
],
"vNet": [
{}
],
"sqldb": [
{}
],
"redisCache": [
{}
],
"applicationGateway": [
{}
],
"resourceGroup": [
{}
],
"sqlServer": [
{}
],
"ecsCluster": [
{}
],
"keyVault": [
{}
],
"networkLoadBalancer": [
{}
],
"networkInterface": [
{}
],
"ecsTaskDefinition": [
{}
],
"iamPolicy": [
{}
],
"volume": [
{}
],
"cloudFront": [
{}
],
"kinesis": [
{}
],
"iamServerCertificate": [
{}
],
"route53HostedZone": [
{}
],
"route53RecordSetGroup": [
{}
],
"acmCertificate": [
{}
],
"route53Domain": [
{}
],
"storageAccount": [
{}
],
"dynamoDbTable": [
{}
],
"ami": [
{}
],
"vpnGateway": [
{}
],
"virtualMfaDevices": [
{}
],
"internetGateway": [
{}
],
"wafRegional": [
{}
],
"lock": [
{}
],
"vpnConnection": [
{}
],
"ecsTask": [
{}
],
"customerGateway": [
{}
],
"gcpSecurityGroup": [
{}
],
"elasticIP": [
{}
],
"iamInstanceProfile": [
{}
],
"storageBucket": [
{}
],
"ecsService": [
{}
],
"project": [
{}
],
"serviceAccount": [
{}
],
"kmsKeyRing": [
{}
],
"dataWarehouse": [
{}
],
"guardDutyDetector": [
{}
],
"gcpIamPolicy": [
{}
],
"gcpIamUser": [
{}
],
"apiGateway": [
{}
],
"gcpGsuiteUser": [
{}
],
"gcpGsuiteGroup": [
{}
],
"gcpIamGroup": [
{}
],
"bigQuery": [
{}
],
"routeTable": [
{}
],
"gkeCluster": [
{}
],
"postgreSQL": [
{}
],
"vpcFlowLog": [
{}
],
"iamAccountSummary": [
{}
],
"sageMakerNotebook": [
{}
],
"containerRegistry": [
{}
],
"inspector": [
{}
],
"kmsAliases": [
{}
],
"passwordPolicy": [
{}
],
"configurationRecorder": [
{}
],
"cosmosDbAccount": [
{}
],
"networkWatcher": [
{}
],
"vpcPeeringConnection": [
{}
]
},
"dataSyncStatus": [
{
"entityType": "NotSupported",
"recentlySuccessfulSync": true,
"generalFetchPermissionIssues": true,
"entitiesWithPermissionIssues": [
{
"externalId": "string",
"name": "string",
"cloudVendorIdentifier": "string"
}
]
}
],
"assessmentPassed": true,
"hasErrors": true,
"id": 0
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | AssessmentResult |
AssessmentHistoryV2
The AssessmentHistoryV2 resource has methods to retrieve lists of previous compliance assessments, and specific assessment results. The assessments returned are for the Dome9 account of the user making the request, and can cover all cloud accounts for that user.
Assessments histories can be retrieved for a specified period of time (from, to), and can be filtered by assessment name. Each result has an id, which is used to then retrieve the specific assessment results.
Related resources
Get Bundle Results
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/AssessmentHistoryV2/bundleResults?bundleId=0&cloudAccountIds=string&fromTime=2019-06-13T15%3A21%3A04Z \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AssessmentHistoryV2/bundleResults?bundleId=0&cloudAccountIds=string&fromTime=2019-06-13T15%3A21%3A04Z',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/AssessmentHistoryV2/bundleResults', params={
'bundleId': '0', 'cloudAccountIds': 'string', 'fromTime': '2019-06-13T15:21:04Z'
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/AssessmentHistoryV2/bundleResults
Get most recent assessment results for a specific bundle, for a list of cloud accounts
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| bundleId | query | integer(int64) | true | the bundle used for the assessment (for all the accounts in the list) |
| cloudAccountIds | query | string | true | comma separated list of cloud accounts |
| fromTime | query | string(date-time) | true | the time the assessment was done |
| epsilonInMinutes | query | integer(int64) | false | period of time (in min) back from the fromTime to look for results; only results in this range will be returned |
| requestId | query | string(uuid) | false | an optional request id; the same value will appear in the response |
Example responses
200 Response
[
{
"triggeredBy": "Unknown",
"tests": [
{
"error": "string",
"testedCount": 0,
"relevantCount": 0,
"nonComplyingCount": 0,
"exclusionStats": {
"testedCount": 0,
"relevantCount": 0,
"nonComplyingCount": 0
},
"entityResults": [
{
"validationStatus": "Relevant",
"isRelevant": true,
"isValid": true,
"isExcluded": true,
"exclusionId": "00000000-0000-0000-0000-000000000000",
"error": "string",
"testObj": {}
}
],
"rule": {
"name": "string",
"severity": "Low",
"logic": "string",
"description": "string",
"remediation": "string",
"complianceTag": "string",
"domain": "string",
"priority": "string",
"controlTitle": "string",
"ruleId": "string",
"logicHash": "string",
"isDefault": true
},
"testPassed": true
}
],
"testEntities": {
"notSupported": [
{}
],
"instance": [
{}
],
"securityGroup": [
{}
],
"elb": [
{}
],
"rds": [
{}
],
"lambda": [
{}
],
"region": [
{}
],
"virtualMachine": [
{}
],
"networkSecurityGroup": [
{}
],
"cloudTrail": [
{}
],
"nacl": [
{}
],
"vpc": [
{}
],
"subnet": [
{}
],
"s3Bucket": [
{}
],
"applicationLoadBalancer": [
{}
],
"iamUser": [
{}
],
"iamRole": [
{}
],
"iam": [
{}
],
"redshift": [
{}
],
"kms": [
{}
],
"default": [
{}
],
"vmInstance": [
{}
],
"iamGroup": [
{}
],
"efs": [
{}
],
"network": [
{}
],
"elastiCache": [
{}
],
"loadBalancer": [
{}
],
"vNet": [
{}
],
"sqldb": [
{}
],
"redisCache": [
{}
],
"applicationGateway": [
{}
],
"resourceGroup": [
{}
],
"sqlServer": [
{}
],
"ecsCluster": [
{}
],
"keyVault": [
{}
],
"networkLoadBalancer": [
{}
],
"networkInterface": [
{}
],
"ecsTaskDefinition": [
{}
],
"iamPolicy": [
{}
],
"volume": [
{}
],
"cloudFront": [
{}
],
"kinesis": [
{}
],
"iamServerCertificate": [
{}
],
"route53HostedZone": [
{}
],
"route53RecordSetGroup": [
{}
],
"acmCertificate": [
{}
],
"route53Domain": [
{}
],
"storageAccount": [
{}
],
"dynamoDbTable": [
{}
],
"ami": [
{}
],
"vpnGateway": [
{}
],
"virtualMfaDevices": [
{}
],
"internetGateway": [
{}
],
"wafRegional": [
{}
],
"lock": [
{}
],
"vpnConnection": [
{}
],
"ecsTask": [
{}
],
"customerGateway": [
{}
],
"gcpSecurityGroup": [
{}
],
"elasticIP": [
{}
],
"iamInstanceProfile": [
{}
],
"storageBucket": [
{}
],
"ecsService": [
{}
],
"project": [
{}
],
"serviceAccount": [
{}
],
"kmsKeyRing": [
{}
],
"dataWarehouse": [
{}
],
"guardDutyDetector": [
{}
],
"gcpIamPolicy": [
{}
],
"gcpIamUser": [
{}
],
"apiGateway": [
{}
],
"gcpGsuiteUser": [
{}
],
"gcpGsuiteGroup": [
{}
],
"gcpIamGroup": [
{}
],
"bigQuery": [
{}
],
"routeTable": [
{}
],
"gkeCluster": [
{}
],
"postgreSQL": [
{}
],
"vpcFlowLog": [
{}
],
"iamAccountSummary": [
{}
],
"sageMakerNotebook": [
{}
],
"containerRegistry": [
{}
],
"inspector": [
{}
],
"kmsAliases": [
{}
],
"passwordPolicy": [
{}
],
"configurationRecorder": [
{}
],
"cosmosDbAccount": [
{}
],
"networkWatcher": [
{}
],
"vpcPeeringConnection": [
{}
]
},
"exclusions": [
{
"id": "00000000-0000-0000-0000-000000000000",
"ruleLogicHash": "string",
"logic": "string",
"bundleId": 0,
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"cloudAccountType": "Aws",
"comment": "string"
}
],
"dataSyncStatus": [
{
"entityType": "NotSupported",
"recentlySuccessfulSync": true,
"generalFetchPermissionIssues": true,
"entitiesWithPermissionIssues": [
{
"externalId": "string",
"name": "string",
"cloudVendorIdentifier": "string"
}
]
}
],
"createdTime": "2019-06-13T15:21:04Z",
"id": 0,
"assessmentPassed": true,
"hasErrors": true,
"stats": {
"passed": 0,
"failed": 0,
"error": 0,
"failedTests": 0,
"logicallyTested": 0,
"failedEntities": 0,
"excludedTests": 0,
"excludedFailedTests": 0,
"excludedRules": 0
},
"request": {
"isTemplate": true,
"id": 0,
"name": "string",
"description": "string",
"cft": {
"rootName": "string",
"params": [
{
"key": "string",
"value": "string"
}
],
"files": [
{
"name": "string",
"template": "string"
}
]
},
"isCft": true,
"dome9CloudAccountId": "00000000-0000-0000-0000-000000000000",
"externalCloudAccountId": "string",
"cloudAccountId": "string",
"region": "string",
"cloudNetwork": "string",
"cloudAccountType": "Aws",
"requestId": "00000000-0000-0000-0000-000000000000"
},
"hasDataSyncStatusIssues": true
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Status Code 200
| Name | Type | Description |
|---|---|---|
| anonymous | [AssessmentHistoryResultV2] | none |
Enumerated Values
| Property | Value |
|---|---|
| triggeredBy | Unknown |
| triggeredBy | ContinuousCompliancePolicy |
| triggeredBy | Manual |
| triggeredBy | SystemBundle |
| validationStatus | Relevant |
| validationStatus | Valid |
| validationStatus | Excluded |
| severity | Low |
| severity | Medium |
| severity | High |
| cloudAccountType | Aws |
| cloudAccountType | Azure |
| cloudAccountType | |
| entityType | NotSupported |
| entityType | Instance |
| entityType | SecurityGroup |
| entityType | ELB |
| entityType | RDS |
| entityType | Lambda |
| entityType | Region |
| entityType | VirtualMachine |
| entityType | NetworkSecurityGroup |
| entityType | CloudTrail |
| entityType | NACL |
| entityType | VPC |
| entityType | Subnet |
| entityType | S3Bucket |
| entityType | ApplicationLoadBalancer |
| entityType | IamUser |
| entityType | IamRole |
| entityType | Iam |
| entityType | Redshift |
| entityType | KMS |
| entityType | Default |
| entityType | VMInstance |
| entityType | IamGroup |
| entityType | EFS |
| entityType | Network |
| entityType | ElastiCache |
| entityType | LoadBalancer |
| entityType | VNet |
| entityType | SQLDB |
| entityType | RedisCache |
| entityType | ApplicationGateway |
| entityType | ResourceGroup |
| entityType | SQLServer |
| entityType | EcsCluster |
| entityType | KeyVault |
| entityType | NetworkLoadBalancer |
| entityType | NetworkInterface |
| entityType | EcsTaskDefinition |
| entityType | IamPolicy |
| entityType | Volume |
| entityType | CloudFront |
| entityType | Kinesis |
| entityType | IamServerCertificate |
| entityType | Route53HostedZone |
| entityType | Route53RecordSetGroup |
| entityType | AcmCertificate |
| entityType | Route53Domain |
| entityType | StorageAccount |
| entityType | DynamoDbTable |
| entityType | AMI |
| entityType | VPNGateway |
| entityType | VirtualMfaDevices |
| entityType | InternetGateway |
| entityType | WAFRegional |
| entityType | Lock |
| entityType | VPNConnection |
| entityType | EcsTask |
| entityType | CustomerGateway |
| entityType | GcpSecurityGroup |
| entityType | ElasticIP |
| entityType | IamInstanceProfile |
| entityType | StorageBucket |
| entityType | EcsService |
| entityType | Project |
| entityType | ServiceAccount |
| entityType | KmsKeyRing |
| entityType | DataWarehouse |
| entityType | GuardDutyDetector |
| entityType | GcpIamPolicy |
| entityType | GcpIamUser |
| entityType | ApiGateway |
| entityType | GcpGsuiteUser |
| entityType | GcpGsuiteGroup |
| entityType | GcpIamGroup |
| entityType | BigQuery |
| entityType | RouteTable |
| entityType | GkeCluster |
| entityType | PostgreSQL |
| entityType | VpcFlowLog |
| entityType | IamAccountSummary |
| entityType | SageMakerNotebook |
| entityType | ContainerRegistry |
| entityType | Inspector |
| entityType | KmsAliases |
| entityType | PasswordPolicy |
| entityType | ConfigurationRecorder |
| entityType | CosmosDbAccount |
| entityType | NetworkWatcher |
| entityType | VpcPeeringConnection |
| cloudAccountType | Aws |
| cloudAccountType | Azure |
| cloudAccountType |
Get Assessment Trend
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/AssessmentHistoryV2/assessmentTrend?bundleId=0&cloudAccountId=string&from=2019-06-13T15%3A21%3A04Z&to=2019-06-13T15%3A21%3A04Z \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AssessmentHistoryV2/assessmentTrend?bundleId=0&cloudAccountId=string&from=2019-06-13T15%3A21%3A04Z&to=2019-06-13T15%3A21%3A04Z',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/AssessmentHistoryV2/assessmentTrend', params={
'bundleId': '0', 'cloudAccountId': 'string', 'from': '2019-06-13T15:21:04Z', 'to': '2019-06-13T15:21:04Z'
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/AssessmentHistoryV2/assessmentTrend
Get the assessment trend for the selected time range (maximum of 31 days)
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| bundleId | query | integer(int64) | true | Bundle ID |
| cloudAccountId | query | string(uuid) | true | Cloud Account ID |
| from | query | string(date-time) | true | From Date |
| to | query | string(date-time) | true | To Date |
Example responses
200 Response
[
{
"assessmentDate": "2019-06-13T15:21:04Z",
"assessmentId": 0,
"failedTests": 0,
"totalTests": 0,
"passedTests": 0
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Status Code 200
| Name | Type | Description |
|---|---|---|
| anonymous | [AssessmentTrendItem] | none |
Get Last Assessment Results View
Code samples
# You can also use wget
curl -X POST https://api.dome9.com/v2/AssessmentHistoryV2/LastAssessmentResults/view \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"cloudAccountBundleFilters": [
{
"bundleIds": [
0
],
"cloudAccountIds": [
"00000000-0000-0000-0000-000000000000"
],
"cloudAccountType": "Aws"
}
],
"from": "2019-06-13T15:21:04Z",
"to": "2019-06-13T15:21:04Z"
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AssessmentHistoryV2/LastAssessmentResults/view',
{
method: 'POST',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.post('https://api.dome9.com/v2/AssessmentHistoryV2/LastAssessmentResults/view', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
POST /v2/AssessmentHistoryV2/LastAssessmentResults/view
Get last assessment results for selected cloud accounts and bundles. Does not return details for the tests or test entities.
Body parameter
{
"cloudAccountBundleFilters": [
{
"bundleIds": [
0
],
"cloudAccountIds": [
"00000000-0000-0000-0000-000000000000"
],
"cloudAccountType": "Aws"
}
],
"from": "2019-06-13T15:21:04Z",
"to": "2019-06-13T15:21:04Z"
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | AssessmentsRequestFilter | true | block that specifies the accounts and bundles |
Example responses
200 Response
[
{
"createdTime": "2019-06-13T15:21:04Z",
"id": 0,
"triggeredBy": "Unknown",
"assessmentPassed": true,
"hasErrors": true,
"stats": {
"passed": 0,
"failed": 0,
"error": 0,
"failedTests": 0,
"logicallyTested": 0,
"failedEntities": 0,
"excludedTests": 0,
"excludedFailedTests": 0,
"excludedRules": 0
},
"request": {
"isTemplate": true,
"id": 0,
"name": "string",
"description": "string",
"cft": {
"rootName": "string",
"params": [
{
"key": "string",
"value": "string"
}
],
"files": [
{
"name": "string",
"template": "string"
}
]
},
"isCft": true,
"dome9CloudAccountId": "00000000-0000-0000-0000-000000000000",
"externalCloudAccountId": "string",
"cloudAccountId": "string",
"region": "string",
"cloudNetwork": "string",
"cloudAccountType": "Aws",
"requestId": "00000000-0000-0000-0000-000000000000"
},
"hasDataSyncStatusIssues": true
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Status Code 200
| Name | Type | Description |
|---|---|---|
| anonymous | [AssessmentHistoryViewResultV2] | none |
Enumerated Values
| Property | Value |
|---|---|
| triggeredBy | Unknown |
| triggeredBy | ContinuousCompliancePolicy |
| triggeredBy | Manual |
| triggeredBy | SystemBundle |
| cloudAccountType | Aws |
| cloudAccountType | Azure |
| cloudAccountType |
Get Last Assessment Results
Code samples
# You can also use wget
curl -X POST https://api.dome9.com/v2/AssessmentHistoryV2/LastAssessmentResults \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"cloudAccountBundleFilters": [
{
"bundleIds": [
0
],
"cloudAccountIds": [
"00000000-0000-0000-0000-000000000000"
],
"cloudAccountType": "Aws"
}
],
"from": "2019-06-13T15:21:04Z",
"to": "2019-06-13T15:21:04Z"
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AssessmentHistoryV2/LastAssessmentResults',
{
method: 'POST',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.post('https://api.dome9.com/v2/AssessmentHistoryV2/LastAssessmentResults', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
POST /v2/AssessmentHistoryV2/LastAssessmentResults
Get last assessment results for selected cloud accounts and bundles. Includes details of tests and test entities.
Body parameter
{
"cloudAccountBundleFilters": [
{
"bundleIds": [
0
],
"cloudAccountIds": [
"00000000-0000-0000-0000-000000000000"
],
"cloudAccountType": "Aws"
}
],
"from": "2019-06-13T15:21:04Z",
"to": "2019-06-13T15:21:04Z"
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | AssessmentsRequestFilter | true | block that specifies the accounts and bundles |
Example responses
200 Response
[
{
"triggeredBy": "Unknown",
"tests": [
{
"error": "string",
"testedCount": 0,
"relevantCount": 0,
"nonComplyingCount": 0,
"exclusionStats": {
"testedCount": 0,
"relevantCount": 0,
"nonComplyingCount": 0
},
"entityResults": [
{
"validationStatus": "Relevant",
"isRelevant": true,
"isValid": true,
"isExcluded": true,
"exclusionId": "00000000-0000-0000-0000-000000000000",
"error": "string",
"testObj": {}
}
],
"rule": {
"name": "string",
"severity": "Low",
"logic": "string",
"description": "string",
"remediation": "string",
"complianceTag": "string",
"domain": "string",
"priority": "string",
"controlTitle": "string",
"ruleId": "string",
"logicHash": "string",
"isDefault": true
},
"testPassed": true
}
],
"testEntities": {
"notSupported": [
{}
],
"instance": [
{}
],
"securityGroup": [
{}
],
"elb": [
{}
],
"rds": [
{}
],
"lambda": [
{}
],
"region": [
{}
],
"virtualMachine": [
{}
],
"networkSecurityGroup": [
{}
],
"cloudTrail": [
{}
],
"nacl": [
{}
],
"vpc": [
{}
],
"subnet": [
{}
],
"s3Bucket": [
{}
],
"applicationLoadBalancer": [
{}
],
"iamUser": [
{}
],
"iamRole": [
{}
],
"iam": [
{}
],
"redshift": [
{}
],
"kms": [
{}
],
"default": [
{}
],
"vmInstance": [
{}
],
"iamGroup": [
{}
],
"efs": [
{}
],
"network": [
{}
],
"elastiCache": [
{}
],
"loadBalancer": [
{}
],
"vNet": [
{}
],
"sqldb": [
{}
],
"redisCache": [
{}
],
"applicationGateway": [
{}
],
"resourceGroup": [
{}
],
"sqlServer": [
{}
],
"ecsCluster": [
{}
],
"keyVault": [
{}
],
"networkLoadBalancer": [
{}
],
"networkInterface": [
{}
],
"ecsTaskDefinition": [
{}
],
"iamPolicy": [
{}
],
"volume": [
{}
],
"cloudFront": [
{}
],
"kinesis": [
{}
],
"iamServerCertificate": [
{}
],
"route53HostedZone": [
{}
],
"route53RecordSetGroup": [
{}
],
"acmCertificate": [
{}
],
"route53Domain": [
{}
],
"storageAccount": [
{}
],
"dynamoDbTable": [
{}
],
"ami": [
{}
],
"vpnGateway": [
{}
],
"virtualMfaDevices": [
{}
],
"internetGateway": [
{}
],
"wafRegional": [
{}
],
"lock": [
{}
],
"vpnConnection": [
{}
],
"ecsTask": [
{}
],
"customerGateway": [
{}
],
"gcpSecurityGroup": [
{}
],
"elasticIP": [
{}
],
"iamInstanceProfile": [
{}
],
"storageBucket": [
{}
],
"ecsService": [
{}
],
"project": [
{}
],
"serviceAccount": [
{}
],
"kmsKeyRing": [
{}
],
"dataWarehouse": [
{}
],
"guardDutyDetector": [
{}
],
"gcpIamPolicy": [
{}
],
"gcpIamUser": [
{}
],
"apiGateway": [
{}
],
"gcpGsuiteUser": [
{}
],
"gcpGsuiteGroup": [
{}
],
"gcpIamGroup": [
{}
],
"bigQuery": [
{}
],
"routeTable": [
{}
],
"gkeCluster": [
{}
],
"postgreSQL": [
{}
],
"vpcFlowLog": [
{}
],
"iamAccountSummary": [
{}
],
"sageMakerNotebook": [
{}
],
"containerRegistry": [
{}
],
"inspector": [
{}
],
"kmsAliases": [
{}
],
"passwordPolicy": [
{}
],
"configurationRecorder": [
{}
],
"cosmosDbAccount": [
{}
],
"networkWatcher": [
{}
],
"vpcPeeringConnection": [
{}
]
},
"exclusions": [
{
"id": "00000000-0000-0000-0000-000000000000",
"ruleLogicHash": "string",
"logic": "string",
"bundleId": 0,
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"cloudAccountType": "Aws",
"comment": "string"
}
],
"dataSyncStatus": [
{
"entityType": "NotSupported",
"recentlySuccessfulSync": true,
"generalFetchPermissionIssues": true,
"entitiesWithPermissionIssues": [
{
"externalId": "string",
"name": "string",
"cloudVendorIdentifier": "string"
}
]
}
],
"createdTime": "2019-06-13T15:21:04Z",
"id": 0,
"assessmentPassed": true,
"hasErrors": true,
"stats": {
"passed": 0,
"failed": 0,
"error": 0,
"failedTests": 0,
"logicallyTested": 0,
"failedEntities": 0,
"excludedTests": 0,
"excludedFailedTests": 0,
"excludedRules": 0
},
"request": {
"isTemplate": true,
"id": 0,
"name": "string",
"description": "string",
"cft": {
"rootName": "string",
"params": [
{
"key": "string",
"value": "string"
}
],
"files": [
{
"name": "string",
"template": "string"
}
]
},
"isCft": true,
"dome9CloudAccountId": "00000000-0000-0000-0000-000000000000",
"externalCloudAccountId": "string",
"cloudAccountId": "string",
"region": "string",
"cloudNetwork": "string",
"cloudAccountType": "Aws",
"requestId": "00000000-0000-0000-0000-000000000000"
},
"hasDataSyncStatusIssues": true
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Status Code 200
| Name | Type | Description |
|---|---|---|
| anonymous | [AssessmentHistoryResultV2] | none |
Enumerated Values
| Property | Value |
|---|---|
| triggeredBy | Unknown |
| triggeredBy | ContinuousCompliancePolicy |
| triggeredBy | Manual |
| triggeredBy | SystemBundle |
| validationStatus | Relevant |
| validationStatus | Valid |
| validationStatus | Excluded |
| severity | Low |
| severity | Medium |
| severity | High |
| cloudAccountType | Aws |
| cloudAccountType | Azure |
| cloudAccountType | |
| entityType | NotSupported |
| entityType | Instance |
| entityType | SecurityGroup |
| entityType | ELB |
| entityType | RDS |
| entityType | Lambda |
| entityType | Region |
| entityType | VirtualMachine |
| entityType | NetworkSecurityGroup |
| entityType | CloudTrail |
| entityType | NACL |
| entityType | VPC |
| entityType | Subnet |
| entityType | S3Bucket |
| entityType | ApplicationLoadBalancer |
| entityType | IamUser |
| entityType | IamRole |
| entityType | Iam |
| entityType | Redshift |
| entityType | KMS |
| entityType | Default |
| entityType | VMInstance |
| entityType | IamGroup |
| entityType | EFS |
| entityType | Network |
| entityType | ElastiCache |
| entityType | LoadBalancer |
| entityType | VNet |
| entityType | SQLDB |
| entityType | RedisCache |
| entityType | ApplicationGateway |
| entityType | ResourceGroup |
| entityType | SQLServer |
| entityType | EcsCluster |
| entityType | KeyVault |
| entityType | NetworkLoadBalancer |
| entityType | NetworkInterface |
| entityType | EcsTaskDefinition |
| entityType | IamPolicy |
| entityType | Volume |
| entityType | CloudFront |
| entityType | Kinesis |
| entityType | IamServerCertificate |
| entityType | Route53HostedZone |
| entityType | Route53RecordSetGroup |
| entityType | AcmCertificate |
| entityType | Route53Domain |
| entityType | StorageAccount |
| entityType | DynamoDbTable |
| entityType | AMI |
| entityType | VPNGateway |
| entityType | VirtualMfaDevices |
| entityType | InternetGateway |
| entityType | WAFRegional |
| entityType | Lock |
| entityType | VPNConnection |
| entityType | EcsTask |
| entityType | CustomerGateway |
| entityType | GcpSecurityGroup |
| entityType | ElasticIP |
| entityType | IamInstanceProfile |
| entityType | StorageBucket |
| entityType | EcsService |
| entityType | Project |
| entityType | ServiceAccount |
| entityType | KmsKeyRing |
| entityType | DataWarehouse |
| entityType | GuardDutyDetector |
| entityType | GcpIamPolicy |
| entityType | GcpIamUser |
| entityType | ApiGateway |
| entityType | GcpGsuiteUser |
| entityType | GcpGsuiteGroup |
| entityType | GcpIamGroup |
| entityType | BigQuery |
| entityType | RouteTable |
| entityType | GkeCluster |
| entityType | PostgreSQL |
| entityType | VpcFlowLog |
| entityType | IamAccountSummary |
| entityType | SageMakerNotebook |
| entityType | ContainerRegistry |
| entityType | Inspector |
| entityType | KmsAliases |
| entityType | PasswordPolicy |
| entityType | ConfigurationRecorder |
| entityType | CosmosDbAccount |
| entityType | NetworkWatcher |
| entityType | VpcPeeringConnection |
| cloudAccountType | Aws |
| cloudAccountType | Azure |
| cloudAccountType |
Get Organizational Units Last Assessment Statistics
Code samples
# You can also use wget
curl -X POST https://api.dome9.com/v2/AssessmentHistoryV2/OrganizationalUnitsLastAssessmentStatistics \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"organizationalUnitIds": [
"00000000-0000-0000-0000-000000000000"
],
"bundleIds": [
0
]
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AssessmentHistoryV2/OrganizationalUnitsLastAssessmentStatistics',
{
method: 'POST',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.post('https://api.dome9.com/v2/AssessmentHistoryV2/OrganizationalUnitsLastAssessmentStatistics', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
POST /v2/AssessmentHistoryV2/OrganizationalUnitsLastAssessmentStatistics
Get last assessment statistics for selected organizational units and bundles.
Body parameter
{
"organizationalUnitIds": [
"00000000-0000-0000-0000-000000000000"
],
"bundleIds": [
0
]
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | OrganizationalUnitAssessmentHistoryRequestModel | true | none |
Example responses
200 Response
[
{
"organizationalUnitPaths": [
"string"
],
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"bundleId": 0,
"statistics": {
"passed": 0,
"logicallyTested": 0,
"failed": 0,
"failedTests": 0,
"error": 0,
"failedEntities": 0,
"totalEntities": 0,
"excludedTests": 0,
"excludedFailedTests": 0,
"excludedRules": 0
},
"resultId": 0,
"resultDate": "2019-06-13T15:21:04Z",
"triggeredBy": "Unknown"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Status Code 200
| Name | Type | Description |
|---|---|---|
| anonymous | [OrganizationalUnitAssessmentHistory] | none |
Enumerated Values
| Property | Value |
|---|---|
| triggeredBy | Unknown |
| triggeredBy | ContinuousCompliancePolicy |
| triggeredBy | Manual |
| triggeredBy | SystemBundle |
Find Result Views By Time Range
Code samples
# You can also use wget
curl -X POST https://api.dome9.com/v2/AssessmentHistoryV2/view/timeRange \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"creationTime": {
"from": "2019-06-13T15:21:04Z",
"to": "2019-06-13T15:21:04Z"
},
"pageSize": 1,
"pageNumber": 1,
"requestId": "00000000-0000-0000-0000-000000000000",
"filterFields": [
{
"name": "string",
"value": "string"
}
],
"sorting": {
"fieldName": "string",
"direction": 0
}
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AssessmentHistoryV2/view/timeRange',
{
method: 'POST',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.post('https://api.dome9.com/v2/AssessmentHistoryV2/view/timeRange', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
POST /v2/AssessmentHistoryV2/view/timeRange
Get assessment history (list of assessments) for specified time range and filters
Body parameter
{
"creationTime": {
"from": "2019-06-13T15:21:04Z",
"to": "2019-06-13T15:21:04Z"
},
"pageSize": 1,
"pageNumber": 1,
"requestId": "00000000-0000-0000-0000-000000000000",
"filterFields": [
{
"name": "string",
"value": "string"
}
],
"sorting": {
"fieldName": "string",
"direction": 0
}
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | AssessmentViewsByTimeRangeRequest | true | details of the results to get (filters, time range) |
Example responses
200 Response
{
"results": [
{
"createdTime": "2019-06-13T15:21:04Z",
"id": 0,
"triggeredBy": "Unknown",
"assessmentPassed": true,
"hasErrors": true,
"stats": {
"passed": 0,
"failed": 0,
"error": 0,
"failedTests": 0,
"logicallyTested": 0,
"failedEntities": 0,
"excludedTests": 0,
"excludedFailedTests": 0,
"excludedRules": 0
},
"request": {
"isTemplate": true,
"id": 0,
"name": "string",
"description": "string",
"cft": {
"rootName": "string",
"params": [
{
"key": "string",
"value": "string"
}
],
"files": [
{
"name": "string",
"template": "string"
}
]
},
"isCft": true,
"dome9CloudAccountId": "00000000-0000-0000-0000-000000000000",
"externalCloudAccountId": "string",
"cloudAccountId": "string",
"region": "string",
"cloudNetwork": "string",
"cloudAccountType": "Aws",
"requestId": "00000000-0000-0000-0000-000000000000"
},
"hasDataSyncStatusIssues": true
}
],
"totalResultsCount": 0,
"pageNumber": 0,
"pageSize": 0,
"requestId": "00000000-0000-0000-0000-000000000000"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | AssessnentHistoryViewResultsTimeRange |
Get Assessment Result
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/AssessmentHistoryV2/{id} \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AssessmentHistoryV2/{id}',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/AssessmentHistoryV2/{id}', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/AssessmentHistoryV2/{id}
Get results for a specific assessment
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | integer(int64) | true | the id of the assessment |
Example responses
200 Response
{
"triggeredBy": "Unknown",
"tests": [
{
"error": "string",
"testedCount": 0,
"relevantCount": 0,
"nonComplyingCount": 0,
"exclusionStats": {
"testedCount": 0,
"relevantCount": 0,
"nonComplyingCount": 0
},
"entityResults": [
{
"validationStatus": "Relevant",
"isRelevant": true,
"isValid": true,
"isExcluded": true,
"exclusionId": "00000000-0000-0000-0000-000000000000",
"error": "string",
"testObj": {}
}
],
"rule": {
"name": "string",
"severity": "Low",
"logic": "string",
"description": "string",
"remediation": "string",
"complianceTag": "string",
"domain": "string",
"priority": "string",
"controlTitle": "string",
"ruleId": "string",
"logicHash": "string",
"isDefault": true
},
"testPassed": true
}
],
"testEntities": {
"notSupported": [
{}
],
"instance": [
{}
],
"securityGroup": [
{}
],
"elb": [
{}
],
"rds": [
{}
],
"lambda": [
{}
],
"region": [
{}
],
"virtualMachine": [
{}
],
"networkSecurityGroup": [
{}
],
"cloudTrail": [
{}
],
"nacl": [
{}
],
"vpc": [
{}
],
"subnet": [
{}
],
"s3Bucket": [
{}
],
"applicationLoadBalancer": [
{}
],
"iamUser": [
{}
],
"iamRole": [
{}
],
"iam": [
{}
],
"redshift": [
{}
],
"kms": [
{}
],
"default": [
{}
],
"vmInstance": [
{}
],
"iamGroup": [
{}
],
"efs": [
{}
],
"network": [
{}
],
"elastiCache": [
{}
],
"loadBalancer": [
{}
],
"vNet": [
{}
],
"sqldb": [
{}
],
"redisCache": [
{}
],
"applicationGateway": [
{}
],
"resourceGroup": [
{}
],
"sqlServer": [
{}
],
"ecsCluster": [
{}
],
"keyVault": [
{}
],
"networkLoadBalancer": [
{}
],
"networkInterface": [
{}
],
"ecsTaskDefinition": [
{}
],
"iamPolicy": [
{}
],
"volume": [
{}
],
"cloudFront": [
{}
],
"kinesis": [
{}
],
"iamServerCertificate": [
{}
],
"route53HostedZone": [
{}
],
"route53RecordSetGroup": [
{}
],
"acmCertificate": [
{}
],
"route53Domain": [
{}
],
"storageAccount": [
{}
],
"dynamoDbTable": [
{}
],
"ami": [
{}
],
"vpnGateway": [
{}
],
"virtualMfaDevices": [
{}
],
"internetGateway": [
{}
],
"wafRegional": [
{}
],
"lock": [
{}
],
"vpnConnection": [
{}
],
"ecsTask": [
{}
],
"customerGateway": [
{}
],
"gcpSecurityGroup": [
{}
],
"elasticIP": [
{}
],
"iamInstanceProfile": [
{}
],
"storageBucket": [
{}
],
"ecsService": [
{}
],
"project": [
{}
],
"serviceAccount": [
{}
],
"kmsKeyRing": [
{}
],
"dataWarehouse": [
{}
],
"guardDutyDetector": [
{}
],
"gcpIamPolicy": [
{}
],
"gcpIamUser": [
{}
],
"apiGateway": [
{}
],
"gcpGsuiteUser": [
{}
],
"gcpGsuiteGroup": [
{}
],
"gcpIamGroup": [
{}
],
"bigQuery": [
{}
],
"routeTable": [
{}
],
"gkeCluster": [
{}
],
"postgreSQL": [
{}
],
"vpcFlowLog": [
{}
],
"iamAccountSummary": [
{}
],
"sageMakerNotebook": [
{}
],
"containerRegistry": [
{}
],
"inspector": [
{}
],
"kmsAliases": [
{}
],
"passwordPolicy": [
{}
],
"configurationRecorder": [
{}
],
"cosmosDbAccount": [
{}
],
"networkWatcher": [
{}
],
"vpcPeeringConnection": [
{}
]
},
"exclusions": [
{
"id": "00000000-0000-0000-0000-000000000000",
"ruleLogicHash": "string",
"logic": "string",
"bundleId": 0,
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"cloudAccountType": "Aws",
"comment": "string"
}
],
"dataSyncStatus": [
{
"entityType": "NotSupported",
"recentlySuccessfulSync": true,
"generalFetchPermissionIssues": true,
"entitiesWithPermissionIssues": [
{
"externalId": "string",
"name": "string",
"cloudVendorIdentifier": "string"
}
]
}
],
"createdTime": "2019-06-13T15:21:04Z",
"id": 0,
"assessmentPassed": true,
"hasErrors": true,
"stats": {
"passed": 0,
"failed": 0,
"error": 0,
"failedTests": 0,
"logicallyTested": 0,
"failedEntities": 0,
"excludedTests": 0,
"excludedFailedTests": 0,
"excludedRules": 0
},
"request": {
"isTemplate": true,
"id": 0,
"name": "string",
"description": "string",
"cft": {
"rootName": "string",
"params": [
{
"key": "string",
"value": "string"
}
],
"files": [
{
"name": "string",
"template": "string"
}
]
},
"isCft": true,
"dome9CloudAccountId": "00000000-0000-0000-0000-000000000000",
"externalCloudAccountId": "string",
"cloudAccountId": "string",
"region": "string",
"cloudNetwork": "string",
"cloudAccountType": "Aws",
"requestId": "00000000-0000-0000-0000-000000000000"
},
"hasDataSyncStatusIssues": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | AssessmentHistoryResultV2 |
Delete Assessment Result
Code samples
# You can also use wget
curl -X DELETE https://api.dome9.com/v2/AssessmentHistoryV2?historyId=0
--basic -u <key-id>:<key-secret> \
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
request('https://api.dome9.com/v2/AssessmentHistoryV2?historyId=0',
{
method: 'DELETE'
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
r = requests.delete('https://api.dome9.com/v2/AssessmentHistoryV2', params={
'historyId': '0'
, auth=(apiKey, apiSecret))
print(r.json())
DELETE /v2/AssessmentHistoryV2
Delete an assessment
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| historyId | query | integer(int64) | true | the id of the assessment |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | No Content | None |
Audit
The Audit resource has methods to retrieve Dome9 audit events. Audit events are issues such as alerts, that can be generated as a result of activity on one of a user's managed cloud accounts, or as a result of a compliance assessment on a cloud account or environment.
There are different types of audit events, and different severities.
Audit events are retrieved in pages, from earliest to latest, according to the time period, and page size set in the request. Typically the GET method should be repeated for each page of the request, until all the requested events are retrieved. A user can only retrieve audit events for their own cloud accounts.
See also
Get Event Types
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/audit/event-types \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/audit/event-types',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/audit/event-types', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/audit/event-types
Get a list of available audit event types
Example responses
200 Response
{
"property1": "string",
"property2": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Status Code 200
| Name | Type | Description |
|---|
Get Audit Events For Aws Sec Group
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/audit/awsgroup/{groupId} \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/audit/awsgroup/{groupId}',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/audit/awsgroup/{groupId}', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/audit/awsgroup/{groupId}
Get audit events for a specific AWS Security Group
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| groupId | path | integer(int64) | true | the Security Group id |
| startTimestamp | query | string(date-time) | false | the time of the first event to be fetched |
| endTimestamp | query | string(date-time) | false | the time of the last event to be fetched |
Example responses
200 Response
[
{
"id": {},
"cell": [
{}
],
"metadata": {
"property1": "string",
"property2": "string"
}
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Status Code 200
| Name | Type | Description |
|---|---|---|
| anonymous | [AuditEntry] | none |
Export
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/audit/export \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/audit/export',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/audit/export', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/audit/export
Export an audit events report in a csv format
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| startTimestamp | query | string(date-time) | false | the time of the first event to be exported in the report |
| endTimestamp | query | string(date-time) | false | the time of the last event to be exported in the report |
| userNameFilter | query | string | false | only events for this specific user will be exported |
| eventType | query | string | false | only events of this specific type will be exported |
Example responses
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Get
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/Audit?pageNum=0&eventsPerPage=0 \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/Audit?pageNum=0&eventsPerPage=0',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/Audit', params={
'pageNum': '0', 'eventsPerPage': '0'
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/Audit
Get audit events with optional filters
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| pageNum | query | integer(int32) | true | page # in the sequence of audit pages |
| eventsPerPage | query | integer(int32) | true | no. of audit events in the page |
| startTimestamp | query | string(date-time) | false | the time of first audit to be fetched |
| endTimestamp | query | string(date-time) | false | the time of the last audit to be fetched |
| userName | query | string | false | only events for this specific user will be fetched |
| eventType | query | string | false | only events of this specific type will be fetched |
| fim | query | boolean | false | none |
Example responses
200 Response
{
"total": 0,
"page": 0,
"records": 0,
"rows": [
{
"id": {},
"cell": [
{}
],
"metadata": {
"property1": "string",
"property2": "string"
}
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Audit |
Get Audit Event Metadata
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/Audit/{id} \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/Audit/{id}',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/Audit/{id}', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/Audit/{id}
Get audit metadata
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | The audit event id |
Example responses
200 Response
{
"id": {},
"cell": [
{}
],
"metadata": {
"property1": "string",
"property2": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | AuditEntry |
AzureCloudAccount
The AzureCloudAccounts resource has methods to onboard Azure cloud accounts to Dome9 and to manage some of their settings. It is can be used to automatically or programatically onboard Azure accounts into a Dome9 account, or to set global settings such as the Region Configuration (used for network security management).
See also
Onbard an Azure Account to Dome9
Get Missing Permissions
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/AzureCloudAccount/{id}/MissingPermissions \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AzureCloudAccount/{id}/MissingPermissions',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/AzureCloudAccount/{id}/MissingPermissions', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/AzureCloudAccount/{id}/MissingPermissions
Get a list of missing permissions for a specific Azure account in a Dome9 account
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | the account id for the Azure account in Dome9 |
Example responses
200 Response
{
"id": "00000000-0000-0000-0000-000000000000",
"actions": [
{
"type": "string",
"subType": "string",
"total": 0,
"error": {
"code": "string",
"message": "string"
}
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | CloudAccountMissingPermissions |
Get Mising Permissions By Entity Type
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/AzureCloudAccount/{id}/MissingPermissions/EntityType?entityType=string \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AzureCloudAccount/{id}/MissingPermissions/EntityType?entityType=string',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/AzureCloudAccount/{id}/MissingPermissions/EntityType', params={
'entityType': 'string'
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/AzureCloudAccount/{id}/MissingPermissions/EntityType
Get a list of missing permissions for a specific cloud entity type and Azure cloud account
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | the account id for the Azure account in Dome9 |
| entityType | query | string | true | the entity type |
| subType | query | string | false | the entity subtype |
Example responses
200 Response
[
{
"srl": "string",
"consecutiveFails": 0,
"lastFail": "2019-06-13T15:21:04Z",
"lastSuccess": "2019-06-13T15:21:04Z",
"firstFail": "2019-06-13T15:21:04Z",
"lastFailErrorCode": "string",
"lastFailMessage": "string",
"id": "00000000-0000-0000-0000-000000000000",
"retryMetadata": {
"permissions": [
"string"
],
"entityType": "string",
"subType": "string"
},
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"vendor": "aws"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Status Code 200
| Name | Type | Description |
|---|---|---|
| anonymous | [MissingPermission] | none |
Enumerated Values
| Property | Value |
|---|---|
| vendor | aws |
| vendor | hp |
| vendor | mellanox |
| vendor | awsgov |
| vendor | azure |
| vendor | |
| vendor | awschina |
Reset Missing Permissions
Code samples
# You can also use wget
curl -X PUT https://api.dome9.com/v2/AzureCloudAccount/{id}/MissingPermissions/Reset
--basic -u <key-id>:<key-secret> \
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
request('https://api.dome9.com/v2/AzureCloudAccount/{id}/MissingPermissions/Reset',
{
method: 'PUT'
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
r = requests.put('https://api.dome9.com/v2/AzureCloudAccount/{id}/MissingPermissions/Reset', params={
, auth=(apiKey, apiSecret))
print(r.json())
PUT /v2/AzureCloudAccount/{id}/MissingPermissions/Reset
Reset (re-validate) the missing permissions indication for an Azure account in Dome9
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | the account id for the Azure account in Dome9 |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | No Content | None |
Update Operation Mode
Code samples
# You can also use wget
curl -X PUT https://api.dome9.com/v2/AzureCloudAccount/{id}/OperationMode \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"operationMode": "Read"
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AzureCloudAccount/{id}/OperationMode',
{
method: 'PUT',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.put('https://api.dome9.com/v2/AzureCloudAccount/{id}/OperationMode', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
PUT /v2/AzureCloudAccount/{id}/OperationMode
Update the operations mode for an Azure account in Dome9. Modes can be Read-Only or Manage
Body parameter
{
"operationMode": "Read"
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | the account id for the Azure account in Dome9 |
| body | body | AzureAccountOperationMode | true | updated details for the account, including the operations mode |
Example responses
200 Response
{
"id": "00000000-0000-0000-0000-000000000000",
"name": "string",
"subscriptionId": "string",
"tenantId": "string",
"credentials": {
"clientId": "string",
"clientPassword": "string"
},
"operationMode": "Read",
"error": "string",
"creationDate": "2019-06-13T15:21:04Z",
"organizationalUnitId": "00000000-0000-0000-0000-000000000000",
"organizationalUnitPath": "string",
"organizationalUnitName": "string",
"vendor": "aws"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | AzureCloudAccount |
Update Account Name
Code samples
# You can also use wget
curl -X PUT https://api.dome9.com/v2/AzureCloudAccount/{id}/AccountName \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"name": "string"
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AzureCloudAccount/{id}/AccountName',
{
method: 'PUT',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.put('https://api.dome9.com/v2/AzureCloudAccount/{id}/AccountName', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
PUT /v2/AzureCloudAccount/{id}/AccountName
Update the account name (in Dome9) for an Azure account
Body parameter
{
"name": "string"
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | the account id in Dome9 |
| body | body | AzureAccountNameMode | true | the new name for the account |
Example responses
200 Response
{
"id": "00000000-0000-0000-0000-000000000000",
"name": "string",
"subscriptionId": "string",
"tenantId": "string",
"credentials": {
"clientId": "string",
"clientPassword": "string"
},
"operationMode": "Read",
"error": "string",
"creationDate": "2019-06-13T15:21:04Z",
"organizationalUnitId": "00000000-0000-0000-0000-000000000000",
"organizationalUnitPath": "string",
"organizationalUnitName": "string",
"vendor": "aws"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | AzureCloudAccount |
Update Cloud Account Credentials
Code samples
# You can also use wget
curl -X PUT https://api.dome9.com/v2/AzureCloudAccount/{id}/Credentials \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"applicationId": "string",
"applicationKey": "string"
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AzureCloudAccount/{id}/Credentials',
{
method: 'PUT',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.put('https://api.dome9.com/v2/AzureCloudAccount/{id}/Credentials', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
PUT /v2/AzureCloudAccount/{id}/Credentials
Body parameter
{
"applicationId": "string",
"applicationKey": "string"
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | none |
| body | body | AzureCloudAccountCredentialsPut | true | none |
Example responses
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Update Organziational Id
Code samples
# You can also use wget
curl -X PUT https://api.dome9.com/v2/AzureCloudAccount/{id}/organizationalUnit \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"organizationalUnitId": "00000000-0000-0000-0000-000000000000"
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AzureCloudAccount/{id}/organizationalUnit',
{
method: 'PUT',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.put('https://api.dome9.com/v2/AzureCloudAccount/{id}/organizationalUnit', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
PUT /v2/AzureCloudAccount/{id}/organizationalUnit
Update the ID of the Organizational unit that this cloud account will be attached to. Use 'null' for root organizational unit
Body parameter
{
"organizationalUnitId": "00000000-0000-0000-0000-000000000000"
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | The Guid ID of the AWS cloud account |
| body | body | UpdateId | true | The Guid ID of the Organizational Unit to attach to. Use null in order to attach to root Organizational Unit |
Example responses
200 Response
{
"id": "00000000-0000-0000-0000-000000000000",
"name": "string",
"subscriptionId": "string",
"tenantId": "string",
"credentials": {
"clientId": "string",
"clientPassword": "string"
},
"operationMode": "Read",
"error": "string",
"creationDate": "2019-06-13T15:21:04Z",
"organizationalUnitId": "00000000-0000-0000-0000-000000000000",
"organizationalUnitPath": "string",
"organizationalUnitName": "string",
"vendor": "aws"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | AzureCloudAccount |
Move Cloud Accounts To Organizational Unit
Code samples
# You can also use wget
curl -X PUT https://api.dome9.com/v2/AzureCloudAccount/organizationalUnit/move \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"sourceOrganizationalUnitId": "00000000-0000-0000-0000-000000000000",
"targetOrganizationalUnitId": "00000000-0000-0000-0000-000000000000"
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AzureCloudAccount/organizationalUnit/move',
{
method: 'PUT',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.put('https://api.dome9.com/v2/AzureCloudAccount/organizationalUnit/move', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
PUT /v2/AzureCloudAccount/organizationalUnit/move
Detach cloud accounts from an Organizational unit and attach them to another Organizational unit. Use 'null' for root organizational unit
Body parameter
{
"sourceOrganizationalUnitId": "00000000-0000-0000-0000-000000000000",
"targetOrganizationalUnitId": "00000000-0000-0000-0000-000000000000"
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | MoveOrganizationalUnit | true | The guids of the source organizational unit to detach from and the target organizational unit to attach to. Use null for root organizational unit. |
Example responses
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Move All Cloud Accounts To Organizational Unit
Code samples
# You can also use wget
curl -X PUT https://api.dome9.com/v2/AzureCloudAccount/organizationalUnit/moveAll \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"organizationalUnitId": "00000000-0000-0000-0000-000000000000"
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AzureCloudAccount/organizationalUnit/moveAll',
{
method: 'PUT',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.put('https://api.dome9.com/v2/AzureCloudAccount/organizationalUnit/moveAll', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
PUT /v2/AzureCloudAccount/organizationalUnit/moveAll
Detach all cloud accounts from their current organizational unit and attach them to a new one. Default is to root organizational unit
Body parameter
{
"organizationalUnitId": "00000000-0000-0000-0000-000000000000"
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | UpdateIdViewModel2 | true | none |
Example responses
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Post Attach Multi
Code samples
# You can also use wget
curl -X POST https://api.dome9.com/v2/AzureCloudAccount/organizationalUnit/attach \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"entries": [
"string"
],
"organizationalUnitId": "00000000-0000-0000-0000-000000000000"
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AzureCloudAccount/organizationalUnit/attach',
{
method: 'POST',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.post('https://api.dome9.com/v2/AzureCloudAccount/organizationalUnit/attach', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
POST /v2/AzureCloudAccount/organizationalUnit/attach
Attach several cloud accounts to a specific Organizational Unit. User 'null' as root Organizational Unit as target
Body parameter
{
"entries": [
"string"
],
"organizationalUnitId": "00000000-0000-0000-0000-000000000000"
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | AttachCloudAccounts | true | none |
Example responses
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Sync Now
Code samples
# You can also use wget
curl -X POST https://api.dome9.com/v2/AzureCloudAccount/{id}/SyncNow \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AzureCloudAccount/{id}/SyncNow',
{
method: 'POST',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.post('https://api.dome9.com/v2/AzureCloudAccount/{id}/SyncNow', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
POST /v2/AzureCloudAccount/{id}/SyncNow
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | none |
Example responses
200 Response
{
"id": "00000000-0000-0000-0000-000000000000",
"name": "string",
"subscriptionId": "string",
"tenantId": "string",
"credentials": {
"clientId": "string",
"clientPassword": "string"
},
"operationMode": "Read",
"error": "string",
"creationDate": "2019-06-13T15:21:04Z",
"organizationalUnitId": "00000000-0000-0000-0000-000000000000",
"organizationalUnitPath": "string",
"organizationalUnitName": "string",
"vendor": "aws"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | AzureCloudAccount |
Get
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/AzureCloudAccount \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AzureCloudAccount',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/AzureCloudAccount', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/AzureCloudAccount
Get details for all Azure accounts for the Dome9 user
Example responses
200 Response
[
{
"id": "00000000-0000-0000-0000-000000000000",
"name": "string",
"subscriptionId": "string",
"tenantId": "string",
"credentials": {
"clientId": "string",
"clientPassword": "string"
},
"operationMode": "Read",
"error": "string",
"creationDate": "2019-06-13T15:21:04Z",
"organizationalUnitId": "00000000-0000-0000-0000-000000000000",
"organizationalUnitPath": "string",
"organizationalUnitName": "string",
"vendor": "aws"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Status Code 200
| Name | Type | Description |
|---|---|---|
| anonymous | [AzureCloudAccount] | none |
Enumerated Values
| Property | Value |
|---|---|
| operationMode | Read |
| operationMode | Manage |
| vendor | aws |
| vendor | hp |
| vendor | mellanox |
| vendor | awsgov |
| vendor | azure |
| vendor | |
| vendor | awschina |
Delete
Code samples
# You can also use wget
curl -X DELETE https://api.dome9.com/v2/AzureCloudAccount/{id}
--basic -u <key-id>:<key-secret> \
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
request('https://api.dome9.com/v2/AzureCloudAccount/{id}',
{
method: 'DELETE'
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
r = requests.delete('https://api.dome9.com/v2/AzureCloudAccount/{id}', params={
, auth=(apiKey, apiSecret))
print(r.json())
DELETE /v2/AzureCloudAccount/{id}
Delete an Azure account from a Dome9 account (the Azure account is not deleted from Azure)
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | the Dome9 account id for the account |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | No Content | None |
Post
Code samples
# You can also use wget
curl -X POST https://api.dome9.com/v2/AzureCloudAccount \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"id": "00000000-0000-0000-0000-000000000000",
"name": "string",
"subscriptionId": "string",
"tenantId": "string",
"credentials": {
"clientId": "string",
"clientPassword": "string"
},
"operationMode": "Read",
"error": "string",
"creationDate": "2019-06-13T15:21:04Z",
"organizationalUnitId": "00000000-0000-0000-0000-000000000000",
"organizationalUnitPath": "string",
"organizationalUnitName": "string",
"vendor": "aws"
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AzureCloudAccount',
{
method: 'POST',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.post('https://api.dome9.com/v2/AzureCloudAccount', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
POST /v2/AzureCloudAccount
Add (onboard) an Azure account to the user's Dome9 account
Body parameter
{
"id": "00000000-0000-0000-0000-000000000000",
"name": "string",
"subscriptionId": "string",
"tenantId": "string",
"credentials": {
"clientId": "string",
"clientPassword": "string"
},
"operationMode": "Read",
"error": "string",
"creationDate": "2019-06-13T15:21:04Z",
"organizationalUnitId": "00000000-0000-0000-0000-000000000000",
"organizationalUnitPath": "string",
"organizationalUnitName": "string",
"vendor": "aws"
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | AzureCloudAccount | true | details for the Azure account |
Example responses
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
AzureSecurityGroupPolicy
The AzureSecurityGroupPolicy resource has methods to add and manage Azure security group policies for Azure cloud accounts that are managed by Dome9. Among the managment operations are methods to add services (rules) to security groups.
See also
Get
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/AzureSecurityGroupPolicy \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AzureSecurityGroupPolicy',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/AzureSecurityGroupPolicy', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/AzureSecurityGroupPolicy
Get a list of all Network Security Group Policies for the Azure accounts in the Dome9 account
Example responses
200 Response
[
{
"tags": [
{
"key": "string",
"value": "string"
}
],
"id": "00000000-0000-0000-0000-000000000000",
"externalSecurityGroupId": "string",
"accountId": 0,
"cloudAccountName": "string",
"lastUpdatedByDome9": true,
"error": {
"action": "string",
"errorMessage": "string"
},
"inboundServices": [
{
"direction": "string",
"name": "string",
"description": "string",
"priority": 0,
"access": "string",
"protocol": "string",
"sourcePortRanges": [
"string"
],
"sourceScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"destinationPortRanges": [
"string"
],
"destinationScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"isDefault": true
}
],
"outboundServices": [
{
"direction": "string",
"name": "string",
"description": "string",
"priority": 0,
"access": "string",
"protocol": "string",
"sourcePortRanges": [
"string"
],
"sourceScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"destinationPortRanges": [
"string"
],
"destinationScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"isDefault": true
}
],
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"name": "string",
"description": "string",
"region": "string",
"resourceGroup": "string",
"isTamperProtected": true
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Status Code 200
| Name | Type | Description |
|---|---|---|
| anonymous | [AzureSgPolicyGet] | none |
Enumerated Values
| Property | Value |
|---|---|
| type | CIDR |
| type | DNS |
| type | IPList |
| type | MagicIP |
| type | AWS |
| type | Tag |
Put
Code samples
# You can also use wget
curl -X PUT https://api.dome9.com/v2/AzureSecurityGroupPolicy/{id} \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"tags": [
{
"key": "string",
"value": "string"
}
],
"inboundServices": [
{
"name": "string",
"description": "string",
"priority": 0,
"access": "string",
"protocol": "string",
"sourcePortRanges": [
"string"
],
"sourceScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"destinationPortRanges": [
"string"
],
"destinationScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"isDefault": true
}
],
"outboundServices": [
{
"name": "string",
"description": "string",
"priority": 0,
"access": "string",
"protocol": "string",
"sourcePortRanges": [
"string"
],
"sourceScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"destinationPortRanges": [
"string"
],
"destinationScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"isDefault": true
}
],
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"name": "string",
"description": "string",
"region": "string",
"resourceGroup": "string",
"isTamperProtected": true
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AzureSecurityGroupPolicy/{id}',
{
method: 'PUT',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.put('https://api.dome9.com/v2/AzureSecurityGroupPolicy/{id}', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
PUT /v2/AzureSecurityGroupPolicy/{id}
Update a security group policy
Body parameter
{
"tags": [
{
"key": "string",
"value": "string"
}
],
"inboundServices": [
{
"name": "string",
"description": "string",
"priority": 0,
"access": "string",
"protocol": "string",
"sourcePortRanges": [
"string"
],
"sourceScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"destinationPortRanges": [
"string"
],
"destinationScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"isDefault": true
}
],
"outboundServices": [
{
"name": "string",
"description": "string",
"priority": 0,
"access": "string",
"protocol": "string",
"sourcePortRanges": [
"string"
],
"sourceScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"destinationPortRanges": [
"string"
],
"destinationScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"isDefault": true
}
],
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"name": "string",
"description": "string",
"region": "string",
"resourceGroup": "string",
"isTamperProtected": true
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | the security group policy id |
| body | body | AzureSgPolicyPost | true | details for the policy, including the changes |
Example responses
200 Response
{
"tags": [
{
"key": "string",
"value": "string"
}
],
"id": "00000000-0000-0000-0000-000000000000",
"externalSecurityGroupId": "string",
"accountId": 0,
"cloudAccountName": "string",
"lastUpdatedByDome9": true,
"error": {
"action": "string",
"errorMessage": "string"
},
"inboundServices": [
{
"direction": "string",
"name": "string",
"description": "string",
"priority": 0,
"access": "string",
"protocol": "string",
"sourcePortRanges": [
"string"
],
"sourceScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"destinationPortRanges": [
"string"
],
"destinationScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"isDefault": true
}
],
"outboundServices": [
{
"direction": "string",
"name": "string",
"description": "string",
"priority": 0,
"access": "string",
"protocol": "string",
"sourcePortRanges": [
"string"
],
"sourceScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"destinationPortRanges": [
"string"
],
"destinationScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"isDefault": true
}
],
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"name": "string",
"description": "string",
"region": "string",
"resourceGroup": "string",
"isTamperProtected": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | AzureSgPolicyGet |
Delete
Code samples
# You can also use wget
curl -X DELETE https://api.dome9.com/v2/AzureSecurityGroupPolicy/{id}
--basic -u <key-id>:<key-secret> \
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
request('https://api.dome9.com/v2/AzureSecurityGroupPolicy/{id}',
{
method: 'DELETE'
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
r = requests.delete('https://api.dome9.com/v2/AzureSecurityGroupPolicy/{id}', params={
, auth=(apiKey, apiSecret))
print(r.json())
DELETE /v2/AzureSecurityGroupPolicy/{id}
Delete a security group policy
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | the security group policy id |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | No Content | None |
Update Protection Mode
Code samples
# You can also use wget
curl -X PUT https://api.dome9.com/v2/AzureSecurityGroupPolicy/{policyId}/TamperProtected?tamperProtected=true \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AzureSecurityGroupPolicy/{policyId}/TamperProtected?tamperProtected=true',
{
method: 'PUT',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.put('https://api.dome9.com/v2/AzureSecurityGroupPolicy/{policyId}/TamperProtected', params={
'tamperProtected': 'true'
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
PUT /v2/AzureSecurityGroupPolicy/{policyId}/TamperProtected
Enable or disable Tamper Protetion for a specific security group policy
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| policyId | path | string(uuid) | true | the security group policy id> |
| tamperProtected | query | boolean | true | enable/disable Tamper protection |
Example responses
200 Response
{
"tags": [
{
"key": "string",
"value": "string"
}
],
"id": "00000000-0000-0000-0000-000000000000",
"externalSecurityGroupId": "string",
"accountId": 0,
"cloudAccountName": "string",
"lastUpdatedByDome9": true,
"error": {
"action": "string",
"errorMessage": "string"
},
"inboundServices": [
{
"direction": "string",
"name": "string",
"description": "string",
"priority": 0,
"access": "string",
"protocol": "string",
"sourcePortRanges": [
"string"
],
"sourceScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"destinationPortRanges": [
"string"
],
"destinationScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"isDefault": true
}
],
"outboundServices": [
{
"direction": "string",
"name": "string",
"description": "string",
"priority": 0,
"access": "string",
"protocol": "string",
"sourcePortRanges": [
"string"
],
"sourceScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"destinationPortRanges": [
"string"
],
"destinationScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"isDefault": true
}
],
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"name": "string",
"description": "string",
"region": "string",
"resourceGroup": "string",
"isTamperProtected": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | AzureSgPolicyGet |
Get Stats
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/AzureSecurityGroupPolicy/Stats \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AzureSecurityGroupPolicy/Stats',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/AzureSecurityGroupPolicy/Stats', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/AzureSecurityGroupPolicy/Stats
Get statistics for the security group policies for the Dome9 user
Example responses
200 Response
[
{
"id": "00000000-0000-0000-0000-000000000000",
"name": "string",
"resourceGroup": "string",
"region": "string",
"cloudAccountName": "string",
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"isTamperProtected": true,
"alertsCount": 0
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Status Code 200
| Name | Type | Description |
|---|---|---|
| anonymous | [AzureSgPolicyStats] | none |
Post
Code samples
# You can also use wget
curl -X POST https://api.dome9.com/v2/AzureSecurityGroupPolicy \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"tags": [
{
"key": "string",
"value": "string"
}
],
"inboundServices": [
{
"name": "string",
"description": "string",
"priority": 0,
"access": "string",
"protocol": "string",
"sourcePortRanges": [
"string"
],
"sourceScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"destinationPortRanges": [
"string"
],
"destinationScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"isDefault": true
}
],
"outboundServices": [
{
"name": "string",
"description": "string",
"priority": 0,
"access": "string",
"protocol": "string",
"sourcePortRanges": [
"string"
],
"sourceScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"destinationPortRanges": [
"string"
],
"destinationScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"isDefault": true
}
],
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"name": "string",
"description": "string",
"region": "string",
"resourceGroup": "string",
"isTamperProtected": true
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/AzureSecurityGroupPolicy',
{
method: 'POST',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.post('https://api.dome9.com/v2/AzureSecurityGroupPolicy', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
POST /v2/AzureSecurityGroupPolicy
Create a security group policy
Body parameter
{
"tags": [
{
"key": "string",
"value": "string"
}
],
"inboundServices": [
{
"name": "string",
"description": "string",
"priority": 0,
"access": "string",
"protocol": "string",
"sourcePortRanges": [
"string"
],
"sourceScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"destinationPortRanges": [
"string"
],
"destinationScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"isDefault": true
}
],
"outboundServices": [
{
"name": "string",
"description": "string",
"priority": 0,
"access": "string",
"protocol": "string",
"sourcePortRanges": [
"string"
],
"sourceScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"destinationPortRanges": [
"string"
],
"destinationScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"isDefault": true
}
],
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"name": "string",
"description": "string",
"region": "string",
"resourceGroup": "string",
"isTamperProtected": true
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | AzureSgPolicyPost | true | details for the policy |
Example responses
200 Response
{
"tags": [
{
"key": "string",
"value": "string"
}
],
"id": "00000000-0000-0000-0000-000000000000",
"externalSecurityGroupId": "string",
"accountId": 0,
"cloudAccountName": "string",
"lastUpdatedByDome9": true,
"error": {
"action": "string",
"errorMessage": "string"
},
"inboundServices": [
{
"direction": "string",
"name": "string",
"description": "string",
"priority": 0,
"access": "string",
"protocol": "string",
"sourcePortRanges": [
"string"
],
"sourceScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"destinationPortRanges": [
"string"
],
"destinationScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"isDefault": true
}
],
"outboundServices": [
{
"direction": "string",
"name": "string",
"description": "string",
"priority": 0,
"access": "string",
"protocol": "string",
"sourcePortRanges": [
"string"
],
"sourceScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"destinationPortRanges": [
"string"
],
"destinationScopes": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"isDefault": true
}
],
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"name": "string",
"description": "string",
"region": "string",
"resourceGroup": "string",
"isTamperProtected": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | AzureSgPolicyGet |
CloudAccounts
The CloudAccounts resource has methods to onboard AWS cloud accounts to Dome9 and to manage some of their settings. It is can be used to automatically or programatically onboard AWS accounts into a Dome9 account, or to set global settings such as the Region Configuration (used for network security management).
See also
Use-Case: Onboard an AWS account to Dome9
Update Cloud Account Name
Code samples
# You can also use wget
curl -X PUT https://api.dome9.com/v2/cloudaccounts/name \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"externalAccountNumber": "string",
"data": "string"
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/cloudaccounts/name',
{
method: 'PUT',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.put('https://api.dome9.com/v2/cloudaccounts/name', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
PUT /v2/cloudaccounts/name
Update an AWS cloud account name.
Body parameter
{
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"externalAccountNumber": "string",
"data": "string"
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | String_ | true | the new name for the account |
Example responses
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Update Cloud Account Region Conf
Code samples
# You can also use wget
curl -X PUT https://api.dome9.com/v2/cloudaccounts/region-conf \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"externalAccountNumber": "string",
"data": {
"region": "ap_southeast_2",
"name": "string",
"hidden": true,
"newGroupBehavior": "ReadOnly"
}
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/cloudaccounts/region-conf',
{
method: 'PUT',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.put('https://api.dome9.com/v2/cloudaccounts/region-conf', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
PUT /v2/cloudaccounts/region-conf
Update an AWS cloud account region configuration.
Body parameter
{
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"externalAccountNumber": "string",
"data": {
"region": "ap_southeast_2",
"name": "string",
"hidden": true,
"newGroupBehavior": "ReadOnly"
}
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | CloudAccountRegionConfigurationViewModel_ | true | updated Regional Configuration parameters for the account |
Example responses
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Update Cloud Account Credentials
Code samples
# You can also use wget
curl -X PUT https://api.dome9.com/v2/cloudaccounts/credentials \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"externalAccountNumber": "string",
"data": {
"apikey": "string",
"arn": "string",
"secret": "string",
"iamUser": "string",
"type": "UserBased",
"isReadOnly": true
}
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/cloudaccounts/credentials',
{
method: 'PUT',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.put('https://api.dome9.com/v2/cloudaccounts/credentials', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
PUT /v2/cloudaccounts/credentials
Update credentials for an AWS cloud account in Dome9. At least one of the following properties must be provided: "cloudAccountId", "externalAccountNumber"
Body parameter
{
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"externalAccountNumber": "string",
"data": {
"apikey": "string",
"arn": "string",
"secret": "string",
"iamUser": "string",
"type": "UserBased",
"isReadOnly": true
}
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | CloudAccountCredentialsViewModel_ | true | credentials block |
Example responses
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Get Missing Permissions
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/cloudaccounts/{id}/MissingPermissions \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/cloudaccounts/{id}/MissingPermissions',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/cloudaccounts/{id}/MissingPermissions', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/cloudaccounts/{id}/MissingPermissions
Get a list of missing permissions for a specific account. These are permissions needed by Dome9 to manage accounts.
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | none |
Example responses
200 Response
{
"id": "00000000-0000-0000-0000-000000000000",
"actions": [
{
"type": "string",
"subType": "string",
"total": 0,
"error": {
"code": "string",
"message": "string"
}
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | CloudAccountMissingPermissions |
Get Mising Permissions By Entity Type
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/cloudaccounts/{id}/MissingPermissions/EntityType?entityType=string \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/cloudaccounts/{id}/MissingPermissions/EntityType?entityType=string',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/cloudaccounts/{id}/MissingPermissions/EntityType', params={
'entityType': 'string'
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/cloudaccounts/{id}/MissingPermissions/EntityType
Get a list of missing permissions for a specific cloud entity type and cloud account
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | The account id |
| entityType | query | string | true | none |
| subType | query | string | false | The entity subtype (optional) |
Example responses
200 Response
[
{
"srl": "string",
"consecutiveFails": 0,
"lastFail": "2019-06-13T15:21:04Z",
"lastSuccess": "2019-06-13T15:21:04Z",
"firstFail": "2019-06-13T15:21:04Z",
"lastFailErrorCode": "string",
"lastFailMessage": "string",
"id": "00000000-0000-0000-0000-000000000000",
"retryMetadata": {
"permissions": [
"string"
],
"entityType": "string",
"subType": "string"
},
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"vendor": "aws"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Status Code 200
| Name | Type | Description |
|---|---|---|
| anonymous | [MissingPermission] | none |
Enumerated Values
| Property | Value |
|---|---|
| vendor | aws |
| vendor | hp |
| vendor | mellanox |
| vendor | awsgov |
| vendor | azure |
| vendor | |
| vendor | awschina |
Reset Missing Permissions
Code samples
# You can also use wget
curl -X PUT https://api.dome9.com/v2/cloudaccounts/{id}/MissingPermissions/Reset
--basic -u <key-id>:<key-secret> \
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
request('https://api.dome9.com/v2/cloudaccounts/{id}/MissingPermissions/Reset',
{
method: 'PUT'
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
r = requests.put('https://api.dome9.com/v2/cloudaccounts/{id}/MissingPermissions/Reset', params={
, auth=(apiKey, apiSecret))
print(r.json())
PUT /v2/cloudaccounts/{id}/MissingPermissions/Reset
reset (re-validate) an account
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | The account id |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | No Content | None |
Sync Now
Code samples
# You can also use wget
curl -X POST https://api.dome9.com/v2/cloudaccounts/{id}/SyncNow \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/cloudaccounts/{id}/SyncNow',
{
method: 'POST',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.post('https://api.dome9.com/v2/cloudaccounts/{id}/SyncNow', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
POST /v2/cloudaccounts/{id}/SyncNow
Send a data sync command to immediately fetch cloud account data into Dome9's system caches. This API is used in conjunction with EntityFetchStatus API resource to query the fetch status. Read more and see a full example here: https://github.com/Dome9/Python_API_SDK/blob/master/implementation/runSyncAssessment.md
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | The account id. |
Example responses
200 Response
{
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"name": "string",
"externalAccountNumber": "string",
"workFlowId": "00000000-0000-0000-0000-000000000000"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | AwsSyncNowResult |
Update Organziational Id
Code samples
# You can also use wget
curl -X PUT https://api.dome9.com/v2/cloudaccounts/{id}/organizationalUnit \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"organizationalUnitId": "00000000-0000-0000-0000-000000000000"
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/cloudaccounts/{id}/organizationalUnit',
{
method: 'PUT',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.put('https://api.dome9.com/v2/cloudaccounts/{id}/organizationalUnit', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
PUT /v2/cloudaccounts/{id}/organizationalUnit
Update the ID of the Organizational unit that this cloud account will be attached to. Use 'null' for root organizational unit
Body parameter
{
"organizationalUnitId": "00000000-0000-0000-0000-000000000000"
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | The Guid ID of the AWS cloud account |
| body | body | UpdateId | true | The Guid ID of the Organizational Unit to attach to. Use null in order to attach to root Organizational Unit |
Example responses
200 Response
{
"id": "00000000-0000-0000-0000-000000000000",
"vendor": "aws",
"name": "string",
"externalAccountNumber": "string",
"error": "string",
"creationDate": "2019-06-13T15:21:04Z",
"credentials": {
"apikey": "string",
"arn": "string",
"secret": "string",
"iamUser": "string",
"type": "UserBased",
"isReadOnly": true
},
"iamSafe": {
"awsGroupArn": "string",
"awsPolicyArn": "string",
"mode": "OptIn",
"state": "Enabled",
"excludedIamEntities": {
"rolesArns": [
"string"
],
"usersArns": [
"string"
]
},
"restrictedIamEntities": {
"rolesArns": [
"string"
],
"usersArns": [
"string"
]
}
},
"netSec": {
"regions": [
{
"region": "ap_southeast_2",
"name": "string",
"hidden": true,
"newGroupBehavior": "ReadOnly"
}
]
},
"magellan": true,
"fullProtection": true,
"allowReadOnly": true,
"organizationalUnitId": "00000000-0000-0000-0000-000000000000",
"organizationalUnitPath": "string",
"organizationalUnitName": "string",
"lambdaScanner": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | CloudAccount |
Move Cloud Accounts To Organizational Unit
Code samples
# You can also use wget
curl -X PUT https://api.dome9.com/v2/cloudaccounts/organizationalUnit/move \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"sourceOrganizationalUnitId": "00000000-0000-0000-0000-000000000000",
"targetOrganizationalUnitId": "00000000-0000-0000-0000-000000000000"
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/cloudaccounts/organizationalUnit/move',
{
method: 'PUT',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.put('https://api.dome9.com/v2/cloudaccounts/organizationalUnit/move', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
PUT /v2/cloudaccounts/organizationalUnit/move
Detach cloud accounts from an Organizational unit and attach them to another Organizational unit Use 'null' for root organizational unit
Body parameter
{
"sourceOrganizationalUnitId": "00000000-0000-0000-0000-000000000000",
"targetOrganizationalUnitId": "00000000-0000-0000-0000-000000000000"
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | MoveOrganizationalUnit | true | none |
Example responses
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Move All Cloud Accounts To Organizational Unit
Code samples
# You can also use wget
curl -X PUT https://api.dome9.com/v2/cloudaccounts/organizationalUnit/moveAll \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"organizationalUnitId": "00000000-0000-0000-0000-000000000000"
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/cloudaccounts/organizationalUnit/moveAll',
{
method: 'PUT',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.put('https://api.dome9.com/v2/cloudaccounts/organizationalUnit/moveAll', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
PUT /v2/cloudaccounts/organizationalUnit/moveAll
Detach all cloud accounts from their current organizational unit and attach them to a new one. Default is to root organizational unit
Body parameter
{
"organizationalUnitId": "00000000-0000-0000-0000-000000000000"
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | UpdateIdViewModel2 | true | none |
Example responses
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Post Attach Multi
Code samples
# You can also use wget
curl -X POST https://api.dome9.com/v2/cloudaccounts/organizationalUnit/attach \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"entries": [
"string"
],
"organizationalUnitId": "00000000-0000-0000-0000-000000000000"
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/cloudaccounts/organizationalUnit/attach',
{
method: 'POST',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.post('https://api.dome9.com/v2/cloudaccounts/organizationalUnit/attach', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
POST /v2/cloudaccounts/organizationalUnit/attach
Attach several cloud accounts to a specific Organizational Unit. User 'null' as root Organizational Unit as target
Body parameter
{
"entries": [
"string"
],
"organizationalUnitId": "00000000-0000-0000-0000-000000000000"
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | AttachCloudAccounts | true | none |
Example responses
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Get
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/CloudAccounts/{id} \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/CloudAccounts/{id}',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/CloudAccounts/{id}', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/CloudAccounts/{id}
Fetch a specific AWS cloud account
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string | true | The Dome9 AWS account id (UUID) or the AWS external account number (12 digit number) |
Example responses
200 Response
{
"id": "00000000-0000-0000-0000-000000000000",
"vendor": "aws",
"name": "string",
"externalAccountNumber": "string",
"error": "string",
"creationDate": "2019-06-13T15:21:04Z",
"credentials": {
"apikey": "string",
"arn": "string",
"secret": "string",
"iamUser": "string",
"type": "UserBased",
"isReadOnly": true
},
"iamSafe": {
"awsGroupArn": "string",
"awsPolicyArn": "string",
"mode": "OptIn",
"state": "Enabled",
"excludedIamEntities": {
"rolesArns": [
"string"
],
"usersArns": [
"string"
]
},
"restrictedIamEntities": {
"rolesArns": [
"string"
],
"usersArns": [
"string"
]
}
},
"netSec": {
"regions": [
{
"region": "ap_southeast_2",
"name": "string",
"hidden": true,
"newGroupBehavior": "ReadOnly"
}
]
},
"magellan": true,
"fullProtection": true,
"allowReadOnly": true,
"organizationalUnitId": "00000000-0000-0000-0000-000000000000",
"organizationalUnitPath": "string",
"organizationalUnitName": "string",
"lambdaScanner": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | CloudAccount |
Post
Code samples
# You can also use wget
curl -X POST https://api.dome9.com/v2/CloudAccounts \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"id": "00000000-0000-0000-0000-000000000000",
"vendor": "aws",
"name": "string",
"externalAccountNumber": "string",
"error": "string",
"creationDate": "2019-06-13T15:21:04Z",
"credentials": {
"apikey": "string",
"arn": "string",
"secret": "string",
"iamUser": "string",
"type": "UserBased",
"isReadOnly": true
},
"iamSafe": {
"awsGroupArn": "string",
"awsPolicyArn": "string",
"mode": "OptIn",
"state": "Enabled",
"excludedIamEntities": {
"rolesArns": [
"string"
],
"usersArns": [
"string"
]
},
"restrictedIamEntities": {
"rolesArns": [
"string"
],
"usersArns": [
"string"
]
}
},
"netSec": {
"regions": [
{
"region": "ap_southeast_2",
"name": "string",
"hidden": true,
"newGroupBehavior": "ReadOnly"
}
]
},
"magellan": true,
"fullProtection": true,
"allowReadOnly": true,
"organizationalUnitId": "00000000-0000-0000-0000-000000000000",
"organizationalUnitPath": "string",
"organizationalUnitName": "string",
"lambdaScanner": true
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/CloudAccounts',
{
method: 'POST',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.post('https://api.dome9.com/v2/CloudAccounts', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
POST /v2/CloudAccounts
Add a new AWS cloud account to Dome9
Onboarding an AWS cloud account requires granting Dome9 permissions to access the account.
The following document describes the required procedure:
https://helpcenter.dome9.com/hc/en-us/articles/360003994613-Onboard-an-AWS-Account
Body parameter
{
"id": "00000000-0000-0000-0000-000000000000",
"vendor": "aws",
"name": "string",
"externalAccountNumber": "string",
"error": "string",
"creationDate": "2019-06-13T15:21:04Z",
"credentials": {
"apikey": "string",
"arn": "string",
"secret": "string",
"iamUser": "string",
"type": "UserBased",
"isReadOnly": true
},
"iamSafe": {
"awsGroupArn": "string",
"awsPolicyArn": "string",
"mode": "OptIn",
"state": "Enabled",
"excludedIamEntities": {
"rolesArns": [
"string"
],
"usersArns": [
"string"
]
},
"restrictedIamEntities": {
"rolesArns": [
"string"
],
"usersArns": [
"string"
]
}
},
"netSec": {
"regions": [
{
"region": "ap_southeast_2",
"name": "string",
"hidden": true,
"newGroupBehavior": "ReadOnly"
}
]
},
"magellan": true,
"fullProtection": true,
"allowReadOnly": true,
"organizationalUnitId": "00000000-0000-0000-0000-000000000000",
"organizationalUnitPath": "string",
"organizationalUnitName": "string",
"lambdaScanner": true
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | CloudAccount | true | The new AWS account data |
Example responses
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Delete
Code samples
# You can also use wget
curl -X DELETE https://api.dome9.com/v2/CloudAccounts/{id}
--basic -u <key-id>:<key-secret> \
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
request('https://api.dome9.com/v2/CloudAccounts/{id}',
{
method: 'DELETE'
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
r = requests.delete('https://api.dome9.com/v2/CloudAccounts/{id}', params={
, auth=(apiKey, apiSecret))
print(r.json())
DELETE /v2/CloudAccounts/{id}
Delete an AWS cloud account.
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | The Dome9 AWS account id (UUID) |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | No Content | None |
CloudSecurityGroup
The CloudSecurityGroup resource has methods to add and manage security groups in a cloud account that is managed by Dome9. Among the managment operations are methods to add services (rules) to security groups.
Use the CloudAccounts resource to set a cloud account to Protected (managed).
Related resources
See also
Get
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/CloudSecurityGroup?cloudAccountId=string®ionId=string \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/CloudSecurityGroup?cloudAccountId=string®ionId=string',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/CloudSecurityGroup', params={
'cloudAccountId': 'string', 'regionId': 'string'
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/CloudSecurityGroup
Get AWS security groups for a specific cloud account and region
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| cloudAccountId | query | string(uuid) | true | the cloud account id |
| regionId | query | string | true | the region |
Example responses
200 Response
[
{
"securityGroupId": 0,
"externalId": "string",
"isProtected": true,
"securityGroupName": "string",
"description": "string",
"vpcId": "string",
"vpcName": "string",
"regionId": "ap_southeast_2",
"cloudAccountId": "string",
"cloudAccountName": "string",
"services": {
"inbound": [
{
"id": "string",
"name": "string",
"description": "string",
"protocolType": "ALL",
"port": "string",
"openForAll": true,
"scope": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"inbound": true,
"icmpType": "All",
"icmpv6Type": "All"
}
],
"outbound": [
{
"id": "string",
"name": "string",
"description": "string",
"protocolType": "ALL",
"port": "string",
"openForAll": true,
"scope": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"inbound": true,
"icmpType": "All",
"icmpv6Type": "All"
}
]
},
"tags": {
"property1": "string",
"property2": "string"
}
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Status Code 200
| Name | Type | Description |
|---|---|---|
| anonymous | [CloudSecurityGroup] | none |
Enumerated Values
| Property | Value |
|---|---|
| regionId | ap_southeast_2 |
| regionId | us_east_1 |
| regionId | us_west_1 |
| regionId | eu_west_1 |
| regionId | ap_southeast_1 |
| regionId | ap_northeast_1 |
| regionId | us_west_2 |
| regionId | sa_east_1 |
| regionId | az_1_region_a_geo_1 |
| regionId | az_2_region_a_geo_1 |
| regionId | az_3_region_a_geo_1 |
| regionId | mellanox_region |
| regionId | us_gov_west_1 |
| regionId | eu_central_1 |
| regionId | ap_northeast_2 |
| regionId | ap_south_1 |
| regionId | us_east_2 |
| regionId | ca_central_1 |
| regionId | eu_west_2 |
| regionId | eu_west_3 |
| regionId | eu_north_1 |
| regionId | cn_north_1 |
| regionId | cn_northwest_1 |
| regionId | westus |
| regionId | eastus |
| regionId | eastus2 |
| regionId | northcentralus |
| regionId | westus2 |
| regionId | southcentralus |
| regionId | centralus |
| regionId | usgovlowa |
| regionId | usgovvirginia |
| regionId | northeurope |
| regionId | westeurope |
| regionId | eastasia |
| regionId | southeastasia |
| regionId | japaneast |
| regionId | japanwest |
| regionId | brazilsouth |
| regionId | australiaeast |
| regionId | australiasoutheast |
| regionId | centralindia |
| regionId | southindia |
| regionId | westindia |
| regionId | canadaeast |
| regionId | westcentralus |
| regionId | chinaeast |
| regionId | chinanorth |
| regionId | canadacentral |
| regionId | germanycentral |
| regionId | germanynortheast |
| regionId | koreacentral |
| regionId | uksouth |
| regionId | ukwest |
| regionId | koreasouth |
| protocolType | ALL |
| protocolType | HOPOPT |
| protocolType | ICMP |
| protocolType | IGMP |
| protocolType | GGP |
| protocolType | IPV4 |
| protocolType | ST |
| protocolType | TCP |
| protocolType | CBT |
| protocolType | EGP |
| protocolType | IGP |
| protocolType | BBN_RCC_MON |
| protocolType | NVP2 |
| protocolType | PUP |
| protocolType | ARGUS |
| protocolType | EMCON |
| protocolType | XNET |
| protocolType | CHAOS |
| protocolType | UDP |
| protocolType | MUX |
| protocolType | DCN_MEAS |
| protocolType | HMP |
| protocolType | PRM |
| protocolType | XNS_IDP |
| protocolType | TRUNK1 |
| protocolType | TRUNK2 |
| protocolType | LEAF1 |
| protocolType | LEAF2 |
| protocolType | RDP |
| protocolType | IRTP |
| protocolType | ISO_TP4 |
| protocolType | NETBLT |
| protocolType | MFE_NSP |
| protocolType | MERIT_INP |
| protocolType | DCCP |
| protocolType | ThreePC |
| protocolType | IDPR |
| protocolType | XTP |
| protocolType | DDP |
| protocolType | IDPR_CMTP |
| protocolType | TPplusplus |
| protocolType | IL |
| protocolType | IPV6 |
| protocolType | SDRP |
| protocolType | IPV6_ROUTE |
| protocolType | IPV6_FRAG |
| protocolType | IDRP |
| protocolType | RSVP |
| protocolType | GRE |
| protocolType | DSR |
| protocolType | BNA |
| protocolType | ESP |
| protocolType | AH |
| protocolType | I_NLSP |
| protocolType | SWIPE |
| protocolType | NARP |
| protocolType | MOBILE |
| protocolType | TLSP |
| protocolType | SKIP |
| protocolType | ICMPV6 |
| protocolType | IPV6_NONXT |
| protocolType | IPV6_OPTS |
| protocolType | CFTP |
| protocolType | SAT_EXPAK |
| protocolType | KRYPTOLAN |
| protocolType | RVD |
| protocolType | IPPC |
| protocolType | SAT_MON |
| protocolType | VISA |
| protocolType | IPCV |
| protocolType | CPNX |
| protocolType | CPHB |
| protocolType | WSN |
| protocolType | PVP |
| protocolType | BR_SAT_MON |
| protocolType | SUN_ND |
| protocolType | WB_MON |
| protocolType | WB_EXPAK |
| protocolType | ISO_IP |
| protocolType | VMTP |
| protocolType | SECURE_VMTP |
| protocolType | VINES |
| protocolType | TTP |
| protocolType | NSFNET_IGP |
| protocolType | DGP |
| protocolType | TCF |
| protocolType | EIGRP |
| protocolType | OSPFIGP |
| protocolType | SPRITE_RPC |
| protocolType | LARP |
| protocolType | MTP |
| protocolType | AX25 |
| protocolType | IPIP |
| protocolType | MICP |
| protocolType | SCC_SP |
| protocolType | ETHERIP |
| protocolType | ENCAP |
| protocolType | GMTP |
| protocolType | IFMP |
| protocolType | PNNI |
| protocolType | PIM |
| protocolType | ARIS |
| protocolType | SCPS |
| protocolType | QNX |
| protocolType | AN |
| protocolType | IPCOMP |
| protocolType | SNP |
| protocolType | COMPAQ_PEER |
| protocolType | IPX_IN_IP |
| protocolType | VRRP |
| protocolType | PGM |
| protocolType | L2TP |
| protocolType | DDX |
| protocolType | IATP |
| protocolType | STP |
| protocolType | SRP |
| protocolType | UTI |
| protocolType | SMP |
| protocolType | SM |
| protocolType | PTP |
| protocolType | ISIS |
| protocolType | FIRE |
| protocolType | CRTP |
| protocolType | CRUDP |
| protocolType | SSCOPMCE |
| protocolType | IPLT |
| protocolType | SPS |
| protocolType | PIPE |
| protocolType | SCTP |
| protocolType | FC |
| protocolType | RSVP_E2E_IGNORE |
| protocolType | MOBILITY_HEADER |
| protocolType | UDPLITE |
| protocolType | MPLS_IN_IP |
| protocolType | MANET |
| protocolType | HIP |
| protocolType | SHIM6 |
| protocolType | WESP |
| protocolType | ROHC |
| type | CIDR |
| type | DNS |
| type | IPList |
| type | MagicIP |
| type | AWS |
| type | Tag |
| icmpType | All |
| icmpType | EchoReply |
| icmpType | DestinationUnreachable |
| icmpType | SourceQuench |
| icmpType | Redirect |
| icmpType | AlternateHostAddress |
| icmpType | Echo |
| icmpType | RouterAdvertisement |
| icmpType | RouterSelection |
| icmpType | TimeExceeded |
| icmpType | ParameterProblem |
| icmpType | Timestamp |
| icmpType | TimestampReply |
| icmpType | InformationRequest |
| icmpType | InformationReply |
| icmpType | AddressMaskRequest |
| icmpType | AddressMaskReply |
| icmpType | Traceroute |
| icmpType | DatagramConversionError |
| icmpType | MobileHostRedirect |
| icmpType | IPv6WhereAreYou |
| icmpType | IPv6IAmHere |
| icmpType | MobileRegistrationRequest |
| icmpType | MobileRegistrationReply |
| icmpType | DomainNameRequest |
| icmpType | DomainNameReply |
| icmpType | SKIP |
| icmpType | Photuris |
| icmpv6Type | All |
Put
Code samples
# You can also use wget
curl -X PUT https://api.dome9.com/v2/cloudsecuritygroup/{id} \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"securityGroupId": 0,
"externalId": "string",
"isProtected": true,
"securityGroupName": "string",
"description": "string",
"vpcId": "string",
"vpcName": "string",
"regionId": "ap_southeast_2",
"cloudAccountId": "string",
"cloudAccountName": "string",
"services": {
"inbound": [
{
"id": "string",
"name": "string",
"description": "string",
"protocolType": "ALL",
"port": "string",
"openForAll": true,
"scope": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"inbound": true,
"icmpType": "All",
"icmpv6Type": "All"
}
],
"outbound": [
{
"id": "string",
"name": "string",
"description": "string",
"protocolType": "ALL",
"port": "string",
"openForAll": true,
"scope": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"inbound": true,
"icmpType": "All",
"icmpv6Type": "All"
}
]
},
"tags": {
"property1": "string",
"property2": "string"
}
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/cloudsecuritygroup/{id}',
{
method: 'PUT',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.put('https://api.dome9.com/v2/cloudsecuritygroup/{id}', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
PUT /v2/cloudsecuritygroup/{id}
Update an AWS security group
Body parameter
{
"securityGroupId": 0,
"externalId": "string",
"isProtected": true,
"securityGroupName": "string",
"description": "string",
"vpcId": "string",
"vpcName": "string",
"regionId": "ap_southeast_2",
"cloudAccountId": "string",
"cloudAccountName": "string",
"services": {
"inbound": [
{
"id": "string",
"name": "string",
"description": "string",
"protocolType": "ALL",
"port": "string",
"openForAll": true,
"scope": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"inbound": true,
"icmpType": "All",
"icmpv6Type": "All"
}
],
"outbound": [
{
"id": "string",
"name": "string",
"description": "string",
"protocolType": "ALL",
"port": "string",
"openForAll": true,
"scope": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"inbound": true,
"icmpType": "All",
"icmpv6Type": "All"
}
]
},
"tags": {
"property1": "string",
"property2": "string"
}
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string | true | the AWS security group id (Dome9 Internal Id / AWS Security group id) |
| body | body | CloudSecurityGroup | true | updated details for the security group |
Example responses
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Delete Cloud Security Group
Code samples
# You can also use wget
curl -X DELETE https://api.dome9.com/v2/cloudsecuritygroup/{id}
--basic -u <key-id>:<key-secret> \
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
request('https://api.dome9.com/v2/cloudsecuritygroup/{id}',
{
method: 'DELETE'
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
r = requests.delete('https://api.dome9.com/v2/cloudsecuritygroup/{id}', params={
, auth=(apiKey, apiSecret))
print(r.json())
DELETE /v2/cloudsecuritygroup/{id}
Delete an AWS security group
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string | true | the AWS security group id (Dome9 Internal Id / AWS Security group id) |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | No Content | None |
Update Sec Group
Code samples
# You can also use wget
curl -X PATCH https://api.dome9.com/v2/cloudsecuritygroup/{id} \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"securityGroupId": 0,
"externalId": "string",
"isProtected": true,
"securityGroupName": "string",
"description": "string",
"vpcId": "string",
"vpcName": "string",
"regionId": "ap_southeast_2",
"cloudAccountId": "string",
"cloudAccountName": "string",
"services": {
"inbound": [
{
"id": "string",
"name": "string",
"description": "string",
"protocolType": "ALL",
"port": "string",
"openForAll": true,
"scope": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"inbound": true,
"icmpType": "All",
"icmpv6Type": "All"
}
],
"outbound": [
{
"id": "string",
"name": "string",
"description": "string",
"protocolType": "ALL",
"port": "string",
"openForAll": true,
"scope": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"inbound": true,
"icmpType": "All",
"icmpv6Type": "All"
}
]
},
"tags": {
"property1": "string",
"property2": "string"
}
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json'
};
request('https://api.dome9.com/v2/cloudsecuritygroup/{id}',
{
method: 'PATCH',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json'
}
r = requests.patch('https://api.dome9.com/v2/cloudsecuritygroup/{id}', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
PATCH /v2/cloudsecuritygroup/{id}
Updates an AWS security group protection mode
Body parameter
{
"securityGroupId": 0,
"externalId": "string",
"isProtected": true,
"securityGroupName": "string",
"description": "string",
"vpcId": "string",
"vpcName": "string",
"regionId": "ap_southeast_2",
"cloudAccountId": "string",
"cloudAccountName": "string",
"services": {
"inbound": [
{
"id": "string",
"name": "string",
"description": "string",
"protocolType": "ALL",
"port": "string",
"openForAll": true,
"scope": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"inbound": true,
"icmpType": "All",
"icmpv6Type": "All"
}
],
"outbound": [
{
"id": "string",
"name": "string",
"description": "string",
"protocolType": "ALL",
"port": "string",
"openForAll": true,
"scope": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"inbound": true,
"icmpType": "All",
"icmpv6Type": "All"
}
]
},
"tags": {
"property1": "string",
"property2": "string"
}
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | integer(int64) | true | the AWS security group id |
| body | body | CloudSecurityGroup | true | updated details for the security group. only 'IsProtected' is used in this call which defines whether to protect or unprotect the security group. |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | No Content | None |
Change Protection Mode
Code samples
# You can also use wget
curl -X POST https://api.dome9.com/v2/cloudsecuritygroup/{id}/protection-mode \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"protectionMode": "FullManage"
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/cloudsecuritygroup/{id}/protection-mode',
{
method: 'POST',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.post('https://api.dome9.com/v2/cloudsecuritygroup/{id}/protection-mode', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
POST /v2/cloudsecuritygroup/{id}/protection-mode
Change the protection mode for an AWS security group
Body parameter
{
"protectionMode": "FullManage"
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string | true | the AWS security group id (Dome9 internal ID / AWS security group ID) |
| body | body | CloudSecurityGroupProtectionModeChange | true | details for the security group, including the protection mode. Only 'ProtectionMode' is required in this call (FullManage or ReadOnly). |
Example responses
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Update a Security Group's Service
Code samples
# You can also use wget
curl -X PUT https://api.dome9.com/v2/cloudsecuritygroup/{groupid}/services/{policyType} \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"id": "string",
"name": "string",
"description": "string",
"protocolType": "ALL",
"port": "string",
"openForAll": true,
"scope": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"inbound": true,
"icmpType": "All",
"icmpv6Type": "All"
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/cloudsecuritygroup/{groupid}/services/{policyType}',
{
method: 'PUT',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.put('https://api.dome9.com/v2/cloudsecuritygroup/{groupid}/services/{policyType}', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
PUT /v2/cloudsecuritygroup/{groupid}/services/{policyType}
Update a service (rule) for an AWS security group
Body parameter
{
"id": "string",
"name": "string",
"description": "string",
"protocolType": "ALL",
"port": "string",
"openForAll": true,
"scope": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"inbound": true,
"icmpType": "All",
"icmpv6Type": "All"
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| groupid | path | string | true | the security group id (Dome9 internal ID / AWS security group id) |
| policyType | path | string | true | the service type (Inbound / Outbound) |
| body | body | CloudSecurityGroupService | true | updated details for the service |
Enumerated Values
| Parameter | Value |
|---|---|
| policyType | Inbound |
| policyType | Outbound |
Example responses
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Add a service(rule) to a Security Group
Code samples
# You can also use wget
curl -X POST https://api.dome9.com/v2/cloudsecuritygroup/{groupid}/services/{policyType} \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"id": "string",
"name": "string",
"description": "string",
"protocolType": "ALL",
"port": "string",
"openForAll": true,
"scope": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"inbound": true,
"icmpType": "All",
"icmpv6Type": "All"
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/cloudsecuritygroup/{groupid}/services/{policyType}',
{
method: 'POST',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.post('https://api.dome9.com/v2/cloudsecuritygroup/{groupid}/services/{policyType}', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
POST /v2/cloudsecuritygroup/{groupid}/services/{policyType}
Creat a new Service (rule) for the security group
Body parameter
{
"id": "string",
"name": "string",
"description": "string",
"protocolType": "ALL",
"port": "string",
"openForAll": true,
"scope": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"inbound": true,
"icmpType": "All",
"icmpv6Type": "All"
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| groupid | path | string | true | the security group id (Dome9 internal ID / AWS security group id) |
| policyType | path | string | true | the service type (Inbound / Outbound)) |
| body | body | CloudSecurityGroupService | true | details for the service |
Enumerated Values
| Parameter | Value |
|---|---|
| policyType | Inbound |
| policyType | Outbound |
Example responses
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Delete a Security Group's Service
Code samples
# You can also use wget
curl -X DELETE https://api.dome9.com/v2/cloudsecuritygroup/{groupid}/services/{policyType}/{serviceid}
--basic -u <key-id>:<key-secret> \
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
request('https://api.dome9.com/v2/cloudsecuritygroup/{groupid}/services/{policyType}/{serviceid}',
{
method: 'DELETE'
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
r = requests.delete('https://api.dome9.com/v2/cloudsecuritygroup/{groupid}/services/{policyType}/{serviceid}', params={
, auth=(apiKey, apiSecret))
print(r.json())
DELETE /v2/cloudsecuritygroup/{groupid}/services/{policyType}/{serviceid}
Delete a service from an AWS security group
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| groupid | path | string | true | the security group id (Dome9 internal ID / AWS security group id) |
| policyType | path | string | true | the service type (Inbound / Outbound) |
| serviceid | path | string | true | the service id |
Enumerated Values
| Parameter | Value |
|---|---|
| policyType | Inbound |
| policyType | Outbound |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | No Content | None |
Update Tags
Code samples
# You can also use wget
curl -X POST https://api.dome9.com/v2/cloudsecuritygroup/{groupid}/tags \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"tags": {
"property1": "string",
"property2": "string"
}
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/cloudsecuritygroup/{groupid}/tags',
{
method: 'POST',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.post('https://api.dome9.com/v2/cloudsecuritygroup/{groupid}/tags', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
POST /v2/cloudsecuritygroup/{groupid}/tags
Update the list of tags for an AWS securitry group
Body parameter
{
"tags": {
"property1": "string",
"property2": "string"
}
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| groupid | path | string | true | the security group id (Dome9 internal ID / AWS security group id) |
| body | body | CloudSecurityGroupTagsChange | true | the updated list of tags and their values |
Example responses
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Get Security Group Revision History
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/cloudsecuritygroup/{groupid}/history \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/cloudsecuritygroup/{groupid}/history',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/cloudsecuritygroup/{groupid}/history', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/cloudsecuritygroup/{groupid}/history
Get the list of group revisions and their corresponding events for an AWS security group.
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| groupid | path | string | true | the security group id (Dome9 internal ID / AWS security group id) |
| limit | query | integer(int32) | false | max number of revisions to return |
Example responses
200 Response
[
{
"accountId": 0,
"externalAccountNumber": "string",
"region": "ap_southeast_2",
"vpc": "string",
"revisionId": 0,
"timestamp": "2019-06-13T15:21:04Z",
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"cloudSecurityGroup": {},
"auditEvent": {}
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Status Code 200
| Name | Type | Description |
|---|---|---|
| anonymous | [CloudSecurityGroupRevision] | none |
Enumerated Values
| Property | Value |
|---|---|
| region | ap_southeast_2 |
| region | us_east_1 |
| region | us_west_1 |
| region | eu_west_1 |
| region | ap_southeast_1 |
| region | ap_northeast_1 |
| region | us_west_2 |
| region | sa_east_1 |
| region | az_1_region_a_geo_1 |
| region | az_2_region_a_geo_1 |
| region | az_3_region_a_geo_1 |
| region | mellanox_region |
| region | us_gov_west_1 |
| region | eu_central_1 |
| region | ap_northeast_2 |
| region | ap_south_1 |
| region | us_east_2 |
| region | ca_central_1 |
| region | eu_west_2 |
| region | eu_west_3 |
| region | eu_north_1 |
| region | cn_north_1 |
| region | cn_northwest_1 |
| region | westus |
| region | eastus |
| region | eastus2 |
| region | northcentralus |
| region | westus2 |
| region | southcentralus |
| region | centralus |
| region | usgovlowa |
| region | usgovvirginia |
| region | northeurope |
| region | westeurope |
| region | eastasia |
| region | southeastasia |
| region | japaneast |
| region | japanwest |
| region | brazilsouth |
| region | australiaeast |
| region | australiasoutheast |
| region | centralindia |
| region | southindia |
| region | westindia |
| region | canadaeast |
| region | westcentralus |
| region | chinaeast |
| region | chinanorth |
| region | canadacentral |
| region | germanycentral |
| region | germanynortheast |
| region | koreacentral |
| region | uksouth |
| region | ukwest |
| region | koreasouth |
Create Cloud Security Group
Code samples
# You can also use wget
curl -X POST https://api.dome9.com/v2/CloudSecurityGroup \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"securityGroupId": 0,
"externalId": "string",
"isProtected": true,
"securityGroupName": "string",
"description": "string",
"vpcId": "string",
"vpcName": "string",
"regionId": "ap_southeast_2",
"cloudAccountId": "string",
"cloudAccountName": "string",
"services": {
"inbound": [
{
"id": "string",
"name": "string",
"description": "string",
"protocolType": "ALL",
"port": "string",
"openForAll": true,
"scope": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"inbound": true,
"icmpType": "All",
"icmpv6Type": "All"
}
],
"outbound": [
{
"id": "string",
"name": "string",
"description": "string",
"protocolType": "ALL",
"port": "string",
"openForAll": true,
"scope": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"inbound": true,
"icmpType": "All",
"icmpv6Type": "All"
}
]
},
"tags": {
"property1": "string",
"property2": "string"
}
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/CloudSecurityGroup',
{
method: 'POST',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.post('https://api.dome9.com/v2/CloudSecurityGroup', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
POST /v2/CloudSecurityGroup
Create a new AWS security group
Body parameter
{
"securityGroupId": 0,
"externalId": "string",
"isProtected": true,
"securityGroupName": "string",
"description": "string",
"vpcId": "string",
"vpcName": "string",
"regionId": "ap_southeast_2",
"cloudAccountId": "string",
"cloudAccountName": "string",
"services": {
"inbound": [
{
"id": "string",
"name": "string",
"description": "string",
"protocolType": "ALL",
"port": "string",
"openForAll": true,
"scope": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"inbound": true,
"icmpType": "All",
"icmpv6Type": "All"
}
],
"outbound": [
{
"id": "string",
"name": "string",
"description": "string",
"protocolType": "ALL",
"port": "string",
"openForAll": true,
"scope": [
{
"type": "CIDR",
"data": {
"property1": "string",
"property2": "string"
}
}
],
"inbound": true,
"icmpType": "All",
"icmpv6Type": "All"
}
]
},
"tags": {
"property1": "string",
"property2": "string"
}
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | CloudSecurityGroup | true | details for the new AWS security group |
Example responses
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
CompliancePolicy
The CompliancePolicy resource has methods to create and view Compliance bundles and rules for a Dome9 user. Bundles and rules are used to run compliance assessments on environments in a user's cloud accounts. Rules test individual compliance requirements, and are strings based on the Dome9 GSL rule specification language.
These methods create and manage bundles in the Dome9 accounts of the user issuing the request.
Use the Assessment resource to run an assessment with a specific bundle, and AssessmentHistoryV2 to retrieve assessment results.
See also
Get Bundle By Id
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/CompliancePolicy/{id} \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/CompliancePolicy/{id}',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/CompliancePolicy/{id}', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/CompliancePolicy/{id}
Get a specific bundle
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | integer(int64) | true | the bundle id |
Example responses
200 Response
{
"rules": [
{
"name": "string",
"severity": "Low",
"logic": "string",
"description": "string",
"remediation": "string",
"complianceTag": "string",
"domain": "string",
"priority": "string",
"controlTitle": "string",
"ruleId": "string",
"logicHash": "string",
"isDefault": true
}
],
"accountId": 0,
"createdTime": "2019-06-13T15:21:04Z",
"updatedTime": "2019-06-13T15:21:04Z",
"id": 0,
"name": "string",
"description": "string",
"isTemplate": true,
"hideInCompliance": true,
"minFeatureTier": "Trial",
"section": 0,
"tooltipText": "string",
"showBundle": true,
"systemBundle": true,
"cloudVendor": "aws",
"version": 0,
"language": "string",
"rulesCount": 0
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | RuleBundleResult |
Update Rule Bundle
Code samples
# You can also use wget
curl -X PUT https://api.dome9.com/v2/CompliancePolicy \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"name": "string",
"description": "string",
"rules": [
{
"name": "string",
"severity": "Low",
"logic": "string",
"description": "string",
"remediation": "string",
"complianceTag": "string",
"domain": "string",
"priority": "string",
"controlTitle": "string",
"ruleId": "string"
}
],
"id": 0,
"hideInCompliance": true,
"minFeatureTier": "Trial",
"cloudVendor": "aws",
"language": "string"
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/CompliancePolicy',
{
method: 'PUT',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.put('https://api.dome9.com/v2/CompliancePolicy', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
PUT /v2/CompliancePolicy
Update a Bundle
Body parameter
{
"name": "string",
"description": "string",
"rules": [
{
"name": "string",
"severity": "Low",
"logic": "string",
"description": "string",
"remediation": "string",
"complianceTag": "string",
"domain": "string",
"priority": "string",
"controlTitle": "string",
"ruleId": "string"
}
],
"id": 0,
"hideInCompliance": true,
"minFeatureTier": "Trial",
"cloudVendor": "aws",
"language": "string"
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | RuleBundleRequest | true | none |
Example responses
200 Response
{
"rules": [
{
"name": "string",
"severity": "Low",
"logic": "string",
"description": "string",
"remediation": "string",
"complianceTag": "string",
"domain": "string",
"priority": "string",
"controlTitle": "string",
"ruleId": "string",
"logicHash": "string",
"isDefault": true
}
],
"accountId": 0,
"createdTime": "2019-06-13T15:21:04Z",
"updatedTime": "2019-06-13T15:21:04Z",
"id": 0,
"name": "string",
"description": "string",
"isTemplate": true,
"hideInCompliance": true,
"minFeatureTier": "Trial",
"section": 0,
"tooltipText": "string",
"showBundle": true,
"systemBundle": true,
"cloudVendor": "aws",
"version": 0,
"language": "string",
"rulesCount": 0
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | RuleBundleResult |
Delete Bundle
Code samples
# You can also use wget
curl -X DELETE https://api.dome9.com/v2/CompliancePolicy/{id}
--basic -u <key-id>:<key-secret> \
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
request('https://api.dome9.com/v2/CompliancePolicy/{id}',
{
method: 'DELETE'
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
r = requests.delete('https://api.dome9.com/v2/CompliancePolicy/{id}', params={
, auth=(apiKey, apiSecret))
print(r.json())
DELETE /v2/CompliancePolicy/{id}
Delete a bundle in the account
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | integer(int32) | true | the bundle id |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | No Content | None |
Get Account Bundles
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/CompliancePolicy \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/CompliancePolicy',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/CompliancePolicy', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/CompliancePolicy
Get all bundles for the account
Example responses
200 Response
[
{
"rules": [
{
"name": "string",
"severity": "Low",
"logic": "string",
"description": "string",
"remediation": "string",
"complianceTag": "string",
"domain": "string",
"priority": "string",
"controlTitle": "string",
"ruleId": "string",
"logicHash": "string",
"isDefault": true
}
],
"accountId": 0,
"createdTime": "2019-06-13T15:21:04Z",
"updatedTime": "2019-06-13T15:21:04Z",
"id": 0,
"name": "string",
"description": "string",
"isTemplate": true,
"hideInCompliance": true,
"minFeatureTier": "Trial",
"section": 0,
"tooltipText": "string",
"showBundle": true,
"systemBundle": true,
"cloudVendor": "aws",
"version": 0,
"language": "string",
"rulesCount": 0
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Status Code 200
| Name | Type | Description |
|---|---|---|
| anonymous | [RuleBundleResult] | none |
Enumerated Values
| Property | Value |
|---|---|
| severity | Low |
| severity | Medium |
| severity | High |
| minFeatureTier | Trial |
| minFeatureTier | Basic |
| minFeatureTier | Advanced |
| minFeatureTier | Premium |
| cloudVendor | aws |
| cloudVendor | hp |
| cloudVendor | mellanox |
| cloudVendor | awsgov |
| cloudVendor | azure |
| cloudVendor | |
| cloudVendor | awschina |
Create Rule Bundle
Code samples
# You can also use wget
curl -X POST https://api.dome9.com/v2/CompliancePolicy \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"name": "string",
"description": "string",
"rules": [
{
"name": "string",
"severity": "Low",
"logic": "string",
"description": "string",
"remediation": "string",
"complianceTag": "string",
"domain": "string",
"priority": "string",
"controlTitle": "string",
"ruleId": "string"
}
],
"id": 0,
"hideInCompliance": true,
"minFeatureTier": "Trial",
"cloudVendor": "aws",
"language": "string"
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/CompliancePolicy',
{
method: 'POST',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.post('https://api.dome9.com/v2/CompliancePolicy', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
POST /v2/CompliancePolicy
Create a new Bundle
Body parameter
{
"name": "string",
"description": "string",
"rules": [
{
"name": "string",
"severity": "Low",
"logic": "string",
"description": "string",
"remediation": "string",
"complianceTag": "string",
"domain": "string",
"priority": "string",
"controlTitle": "string",
"ruleId": "string"
}
],
"id": 0,
"hideInCompliance": true,
"minFeatureTier": "Trial",
"cloudVendor": "aws",
"language": "string"
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | RuleBundleRequest | true | none |
Example responses
200 Response
{
"rules": [
{
"name": "string",
"severity": "Low",
"logic": "string",
"description": "string",
"remediation": "string",
"complianceTag": "string",
"domain": "string",
"priority": "string",
"controlTitle": "string",
"ruleId": "string",
"logicHash": "string",
"isDefault": true
}
],
"accountId": 0,
"createdTime": "2019-06-13T15:21:04Z",
"updatedTime": "2019-06-13T15:21:04Z",
"id": 0,
"name": "string",
"description": "string",
"isTemplate": true,
"hideInCompliance": true,
"minFeatureTier": "Trial",
"section": 0,
"tooltipText": "string",
"showBundle": true,
"systemBundle": true,
"cloudVendor": "aws",
"version": 0,
"language": "string",
"rulesCount": 0
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | RuleBundleResult |
ContinuousComplianceNotification
The ContinuousComplianceNotification resource has methods to create and modify notification policies for continuous compliance assessments. With continuous assessments, cloud environments are assessed continuously and autonomously with bundles, and the results are issued to designated recipients as emails or SNS notifications, according to notification policies.
The notification policy specifies the notification method (email, AWS SNS) and the notification period.
This resource does not define continuous compliance policies; these are defined in the ContinuousCompliancePolicy resource.
Examples
Create a notification policy, use the POST method to create a new policy.
curl -v -u id:secret --X POST --header 'Content-Type: application/json' --header 'Accept: application/json' -d '{"name":"Test Name3","description":"Test Description","scheduledReport":{"emailSendingState":"Enabled","scheduleData":{"cronExpression":"0 0 16 1/1 * ?
*","type":"Full","recipients":["mark@dome9.com"]}},"changeDetection":{"emailSendingState":"Disabled","snsSendingState":"Disabled","externalTicketCreatingState":"Disabled","emailData":{"recipients":[]},"snsData":{"snsTopicArn":"","snsOutputFormat":"JsonWithFullEntity"},"ticketingSystemData":{"systemType":"ServiceNow","domain":"","user":"","pass":"","projectKey":"","issueType":""}},"gcpSecurityCommandCenterIntegration":{"state":"Disabled","projectId":"","bucketName":""}}'
'https://api.dome9.com/v2/Compliance/ContinuousComplianceNotification'
Update a policy, use POST to update a policy (in the example below, to add a bundle to a notification policy)
curl -v -u id:secret --X POST --header 'Content-Type: application/json' --header 'Accept: application/json' -d
'{"cloudAccountId":"c16fabb3-8226-4314-b38c-b91d98ec89ce","bundleId":-5,"externalAccountId":"761085218658","cloudAccountType":1,"notificationIds":["ddb554d5-8b4f-4cdf-88df-fd612c2c2763"]}' 'https://api.dome9.com/v2/Compliance/ContinuousCompliancePolicy'
Get a list of policies, use the GET method to retrieve a list of policies
curl -v -u id:secret --X GET --header 'Content-Type: application/json' --header 'Accept: application/json' 'https://api.dome9.com/v2/Compliance/ContinuousComplianceNotification'
Related resources
See also
Get
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/Compliance/ContinuousComplianceNotification \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/Compliance/ContinuousComplianceNotification',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/Compliance/ContinuousComplianceNotification', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/Compliance/ContinuousComplianceNotification
Get all Notification policies
Example responses
200 Response
[
{
"id": "00000000-0000-0000-0000-000000000000",
"name": "string",
"description": "string",
"alertsConsole": true,
"scheduledReport": {
"emailSendingState": "MyName@gmail.com",
"scheduleData": {
"cronExpression": "string",
"type": "Detailed",
"recipients": [
"string"
]
}
},
"changeDetection": {
"emailSendingState": "MyName@gmail.com",
"emailPerFindingSendingState": "MyName@gmail.com",
"snsSendingState": "Disabled",
"externalTicketCreatingState": "Disabled",
"awsSecurityHubIntegrationState": "Disabled",
"webhookIntegrationState": "Disabled",
"emailData": {
"recipients": [
"string"
]
},
"emailPerFindingData": {
"recipients": [
"string"
],
"notificationOutputFormat": "JsonWithFullEntity"
},
"snsData": {
"snsTopicArn": "string",
"snsOutputFormat": "JsonWithFullEntity"
},
"ticketingSystemData": {
"systemType": "ServiceNow",
"shouldCloseTickets": true,
"domain": "string",
"user": "string",
"pass": "string",
"projectKey": "string",
"issueType": "string"
},
"awsSecurityHubIntegration": {
"externalAccountId": "string",
"region": "string"
},
"webhookData": {
"url": "string",
"httpMethod": "Post",
"authMethod": "NoAuth",
"username": "string",
"password": "string"
}
},
"gcpSecurityCommandCenterIntegration": {
"state": "Disabled",
"projectId": "string",
"sourceId": "string"
}
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Status Code 200
| Name | Type | Description |
|---|---|---|
| anonymous | [ContinuousComplianceNotificationGet] | none |
Enumerated Values
| Property | Value |
|---|---|
| emailSendingState | Disabled |
| emailSendingState | Enabled |
| type | Detailed |
| type | Summary |
| type | FullCsv |
| emailSendingState | Disabled |
| emailSendingState | Enabled |
| emailPerFindingSendingState | Disabled |
| emailPerFindingSendingState | Enabled |
| snsSendingState | Disabled |
| snsSendingState | Enabled |
| externalTicketCreatingState | Disabled |
| externalTicketCreatingState | Enabled |
| awsSecurityHubIntegrationState | Disabled |
| awsSecurityHubIntegrationState | Enabled |
| webhookIntegrationState | Disabled |
| webhookIntegrationState | Enabled |
| notificationOutputFormat | JsonWithFullEntity |
| notificationOutputFormat | JsonWithBasicEntity |
| notificationOutputFormat | Json |
| notificationOutputFormat | PlainText |
| snsOutputFormat | JsonWithFullEntity |
| snsOutputFormat | JsonWithBasicEntity |
| snsOutputFormat | Json |
| snsOutputFormat | PlainText |
| systemType | ServiceNow |
| systemType | Jira |
| systemType | PagerDuty |
| httpMethod | Post |
| httpMethod | Put |
| authMethod | NoAuth |
| authMethod | BasicAuth |
| state | Disabled |
| state | Enabled |
Put
Code samples
# You can also use wget
curl -X PUT https://api.dome9.com/v2/Compliance/ContinuousComplianceNotification/{id} \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"name": "string",
"description": "string",
"alertsConsole": true,
"scheduledReport": {
"emailSendingState": "MyName@gmail.com",
"scheduleData": {
"cronExpression": "string",
"type": "Detailed",
"recipients": [
"string"
]
}
},
"changeDetection": {
"emailSendingState": "MyName@gmail.com",
"emailPerFindingSendingState": "MyName@gmail.com",
"snsSendingState": "Disabled",
"externalTicketCreatingState": "Disabled",
"awsSecurityHubIntegrationState": "Disabled",
"webhookIntegrationState": "Disabled",
"emailData": {
"recipients": [
"string"
]
},
"emailPerFindingData": {
"recipients": [
"string"
],
"notificationOutputFormat": "JsonWithFullEntity"
},
"snsData": {
"snsTopicArn": "string",
"snsOutputFormat": "JsonWithFullEntity"
},
"ticketingSystemData": {
"systemType": "ServiceNow",
"shouldCloseTickets": true,
"domain": "string",
"user": "string",
"pass": "string",
"projectKey": "string",
"issueType": "string"
},
"awsSecurityHubIntegration": {
"externalAccountId": "string",
"region": "string"
},
"webhookData": {
"url": "string",
"httpMethod": "Post",
"authMethod": "NoAuth",
"username": "string",
"password": "string"
}
},
"gcpSecurityCommandCenterIntegration": {
"state": "Disabled",
"projectId": "string",
"sourceId": "string"
}
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/Compliance/ContinuousComplianceNotification/{id}',
{
method: 'PUT',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.put('https://api.dome9.com/v2/Compliance/ContinuousComplianceNotification/{id}', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
PUT /v2/Compliance/ContinuousComplianceNotification/{id}
Update a Notification policy
Body parameter
{
"name": "string",
"description": "string",
"alertsConsole": true,
"scheduledReport": {
"emailSendingState": "MyName@gmail.com",
"scheduleData": {
"cronExpression": "string",
"type": "Detailed",
"recipients": [
"string"
]
}
},
"changeDetection": {
"emailSendingState": "MyName@gmail.com",
"emailPerFindingSendingState": "MyName@gmail.com",
"snsSendingState": "Disabled",
"externalTicketCreatingState": "Disabled",
"awsSecurityHubIntegrationState": "Disabled",
"webhookIntegrationState": "Disabled",
"emailData": {
"recipients": [
"string"
]
},
"emailPerFindingData": {
"recipients": [
"string"
],
"notificationOutputFormat": "JsonWithFullEntity"
},
"snsData": {
"snsTopicArn": "string",
"snsOutputFormat": "JsonWithFullEntity"
},
"ticketingSystemData": {
"systemType": "ServiceNow",
"shouldCloseTickets": true,
"domain": "string",
"user": "string",
"pass": "string",
"projectKey": "string",
"issueType": "string"
},
"awsSecurityHubIntegration": {
"externalAccountId": "string",
"region": "string"
},
"webhookData": {
"url": "string",
"httpMethod": "Post",
"authMethod": "NoAuth",
"username": "string",
"password": "string"
}
},
"gcpSecurityCommandCenterIntegration": {
"state": "Disabled",
"projectId": "string",
"sourceId": "string"
}
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | the policy id |
| body | body | ContinuousComplianceNotificationPut | true | updated details for the policy |
Example responses
200 Response
{
"id": "00000000-0000-0000-0000-000000000000",
"name": "string",
"description": "string",
"alertsConsole": true,
"scheduledReport": {
"emailSendingState": "MyName@gmail.com",
"scheduleData": {
"cronExpression": "string",
"type": "Detailed",
"recipients": [
"string"
]
}
},
"changeDetection": {
"emailSendingState": "MyName@gmail.com",
"emailPerFindingSendingState": "MyName@gmail.com",
"snsSendingState": "Disabled",
"externalTicketCreatingState": "Disabled",
"awsSecurityHubIntegrationState": "Disabled",
"webhookIntegrationState": "Disabled",
"emailData": {
"recipients": [
"string"
]
},
"emailPerFindingData": {
"recipients": [
"string"
],
"notificationOutputFormat": "JsonWithFullEntity"
},
"snsData": {
"snsTopicArn": "string",
"snsOutputFormat": "JsonWithFullEntity"
},
"ticketingSystemData": {
"systemType": "ServiceNow",
"shouldCloseTickets": true,
"domain": "string",
"user": "string",
"pass": "string",
"projectKey": "string",
"issueType": "string"
},
"awsSecurityHubIntegration": {
"externalAccountId": "string",
"region": "string"
},
"webhookData": {
"url": "string",
"httpMethod": "Post",
"authMethod": "NoAuth",
"username": "string",
"password": "string"
}
},
"gcpSecurityCommandCenterIntegration": {
"state": "Disabled",
"projectId": "string",
"sourceId": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | ContinuousComplianceNotificationGet |
Delete
Code samples
# You can also use wget
curl -X DELETE https://api.dome9.com/v2/Compliance/ContinuousComplianceNotification/{id}
--basic -u <key-id>:<key-secret> \
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
request('https://api.dome9.com/v2/Compliance/ContinuousComplianceNotification/{id}',
{
method: 'DELETE'
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
r = requests.delete('https://api.dome9.com/v2/Compliance/ContinuousComplianceNotification/{id}', params={
, auth=(apiKey, apiSecret))
print(r.json())
DELETE /v2/Compliance/ContinuousComplianceNotification/{id}
Delete a Notification policy
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | the policy id |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | No Content | None |
Post
Code samples
# You can also use wget
curl -X POST https://api.dome9.com/v2/Compliance/ContinuousComplianceNotification \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"name": "string",
"description": "string",
"alertsConsole": true,
"scheduledReport": {
"emailSendingState": "MyName@gmail.com",
"scheduleData": {
"cronExpression": "string",
"type": "Detailed",
"recipients": [
"string"
]
}
},
"changeDetection": {
"emailSendingState": "MyName@gmail.com",
"emailPerFindingSendingState": "MyName@gmail.com",
"snsSendingState": "Disabled",
"externalTicketCreatingState": "Disabled",
"awsSecurityHubIntegrationState": "Disabled",
"webhookIntegrationState": "Disabled",
"emailData": {
"recipients": [
"string"
]
},
"emailPerFindingData": {
"recipients": [
"string"
],
"notificationOutputFormat": "JsonWithFullEntity"
},
"snsData": {
"snsTopicArn": "string",
"snsOutputFormat": "JsonWithFullEntity"
},
"ticketingSystemData": {
"systemType": "ServiceNow",
"shouldCloseTickets": true,
"domain": "string",
"user": "string",
"pass": "string",
"projectKey": "string",
"issueType": "string"
},
"awsSecurityHubIntegration": {
"externalAccountId": "string",
"region": "string"
},
"webhookData": {
"url": "string",
"httpMethod": "Post",
"authMethod": "NoAuth",
"username": "string",
"password": "string"
}
},
"gcpSecurityCommandCenterIntegration": {
"state": "Disabled",
"projectId": "string",
"sourceId": "string"
}
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/Compliance/ContinuousComplianceNotification',
{
method: 'POST',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.post('https://api.dome9.com/v2/Compliance/ContinuousComplianceNotification', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
POST /v2/Compliance/ContinuousComplianceNotification
Create a new Notification policy
Body parameter
{
"name": "string",
"description": "string",
"alertsConsole": true,
"scheduledReport": {
"emailSendingState": "MyName@gmail.com",
"scheduleData": {
"cronExpression": "string",
"type": "Detailed",
"recipients": [
"string"
]
}
},
"changeDetection": {
"emailSendingState": "MyName@gmail.com",
"emailPerFindingSendingState": "MyName@gmail.com",
"snsSendingState": "Disabled",
"externalTicketCreatingState": "Disabled",
"awsSecurityHubIntegrationState": "Disabled",
"webhookIntegrationState": "Disabled",
"emailData": {
"recipients": [
"string"
]
},
"emailPerFindingData": {
"recipients": [
"string"
],
"notificationOutputFormat": "JsonWithFullEntity"
},
"snsData": {
"snsTopicArn": "string",
"snsOutputFormat": "JsonWithFullEntity"
},
"ticketingSystemData": {
"systemType": "ServiceNow",
"shouldCloseTickets": true,
"domain": "string",
"user": "string",
"pass": "string",
"projectKey": "string",
"issueType": "string"
},
"awsSecurityHubIntegration": {
"externalAccountId": "string",
"region": "string"
},
"webhookData": {
"url": "string",
"httpMethod": "Post",
"authMethod": "NoAuth",
"username": "string",
"password": "string"
}
},
"gcpSecurityCommandCenterIntegration": {
"state": "Disabled",
"projectId": "string",
"sourceId": "string"
}
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | ContinuousComplianceNotificationPost | true | details for the policy |
Example responses
200 Response
{
"id": "00000000-0000-0000-0000-000000000000",
"name": "string",
"description": "string",
"alertsConsole": true,
"scheduledReport": {
"emailSendingState": "MyName@gmail.com",
"scheduleData": {
"cronExpression": "string",
"type": "Detailed",
"recipients": [
"string"
]
}
},
"changeDetection": {
"emailSendingState": "MyName@gmail.com",
"emailPerFindingSendingState": "MyName@gmail.com",
"snsSendingState": "Disabled",
"externalTicketCreatingState": "Disabled",
"awsSecurityHubIntegrationState": "Disabled",
"webhookIntegrationState": "Disabled",
"emailData": {
"recipients": [
"string"
]
},
"emailPerFindingData": {
"recipients": [
"string"
],
"notificationOutputFormat": "JsonWithFullEntity"
},
"snsData": {
"snsTopicArn": "string",
"snsOutputFormat": "JsonWithFullEntity"
},
"ticketingSystemData": {
"systemType": "ServiceNow",
"shouldCloseTickets": true,
"domain": "string",
"user": "string",
"pass": "string",
"projectKey": "string",
"issueType": "string"
},
"awsSecurityHubIntegration": {
"externalAccountId": "string",
"region": "string"
},
"webhookData": {
"url": "string",
"httpMethod": "Post",
"authMethod": "NoAuth",
"username": "string",
"password": "string"
}
},
"gcpSecurityCommandCenterIntegration": {
"state": "Disabled",
"projectId": "string",
"sourceId": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | ContinuousComplianceNotificationGet |
Test Security Hub
Code samples
# You can also use wget
curl -X POST https://api.dome9.com/v2/Compliance/ContinuousComplianceNotification/securityhub/test \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"region": "ap_southeast_2"
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json'
};
request('https://api.dome9.com/v2/Compliance/ContinuousComplianceNotification/securityhub/test',
{
method: 'POST',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json'
}
r = requests.post('https://api.dome9.com/v2/Compliance/ContinuousComplianceNotification/securityhub/test', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
POST /v2/Compliance/ContinuousComplianceNotification/securityhub/test
Body parameter
{
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"region": "ap_southeast_2"
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | TestSecurityHub | true | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | No Content | None |
Test Cloud Security Command Center Finding
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/Compliance/ContinuousComplianceNotification/cscc/test?cloudAccountId=string&sourceId=string
--basic -u <key-id>:<key-secret> \
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
request('https://api.dome9.com/v2/Compliance/ContinuousComplianceNotification/cscc/test?cloudAccountId=string&sourceId=string',
{
method: 'GET'
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
r = requests.get('https://api.dome9.com/v2/Compliance/ContinuousComplianceNotification/cscc/test', params={
'cloudAccountId': 'string', 'sourceId': 'string'
, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/Compliance/ContinuousComplianceNotification/cscc/test
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| cloudAccountId | query | string(uuid) | true | none |
| sourceId | query | string | true | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | No Content | None |
ContinuousCompliancePolicy
The ContinuousCompliancePolicy resource has methods to create and modify compliance policies for continuous compliance assessments. A continuous compliance policy is the combination of a Rule Bundle applied to a specific cloud account.
With continuous compliance, compliance policies are assessed continuously and autonomously, and the results are issued to designated recipients as emails or SNS notifications, according to notification policies.
This resource does not define bundles or rules for continuous compliance; these are defined using the CompliancePolicy resource. Notification policies are defined using the ContinuousComplianceNotification resource.
Related Resources
ContinuousComplianceNotification
See also
Get
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/Compliance/ContinuousCompliancePolicy \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/Compliance/ContinuousCompliancePolicy',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/Compliance/ContinuousCompliancePolicy', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/Compliance/ContinuousCompliancePolicy
Get all compliance policies for the account
Example responses
200 Response
[
{
"id": "00000000-0000-0000-0000-000000000000",
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"externalAccountId": "string",
"cloudAccountType": "Aws",
"bundleId": 0,
"notificationIds": [
"00000000-0000-0000-0000-000000000000"
]
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Status Code 200
| Name | Type | Description |
|---|---|---|
| anonymous | [ContinuousCompliancePolicyGet] | none |
Enumerated Values
| Property | Value |
|---|---|
| cloudAccountType | Aws |
| cloudAccountType | Azure |
| cloudAccountType |
Put
Code samples
# You can also use wget
curl -X PUT https://api.dome9.com/v2/Compliance/ContinuousCompliancePolicy/{id} \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"externalAccountId": "string",
"cloudAccountType": "Aws",
"bundleId": 0,
"notificationIds": [
"00000000-0000-0000-0000-000000000000"
]
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/Compliance/ContinuousCompliancePolicy/{id}',
{
method: 'PUT',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.put('https://api.dome9.com/v2/Compliance/ContinuousCompliancePolicy/{id}', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
PUT /v2/Compliance/ContinuousCompliancePolicy/{id}
Update a compliance policy
Body parameter
{
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"externalAccountId": "string",
"cloudAccountType": "Aws",
"bundleId": 0,
"notificationIds": [
"00000000-0000-0000-0000-000000000000"
]
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | the policy id |
| body | body | ContinuousCompliancePolicyPut | true | details for the policy |
Example responses
200 Response
{
"id": "00000000-0000-0000-0000-000000000000",
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"externalAccountId": "string",
"cloudAccountType": "Aws",
"bundleId": 0,
"notificationIds": [
"00000000-0000-0000-0000-000000000000"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | ContinuousCompliancePolicyGet |
Delete
Code samples
# You can also use wget
curl -X DELETE https://api.dome9.com/v2/Compliance/ContinuousCompliancePolicy/{id}
--basic -u <key-id>:<key-secret> \
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
request('https://api.dome9.com/v2/Compliance/ContinuousCompliancePolicy/{id}',
{
method: 'DELETE'
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
r = requests.delete('https://api.dome9.com/v2/Compliance/ContinuousCompliancePolicy/{id}', params={
, auth=(apiKey, apiSecret))
print(r.json())
DELETE /v2/Compliance/ContinuousCompliancePolicy/{id}
Delete a compliance policy
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | the policy id |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | No Content | None |
Post
Code samples
# You can also use wget
curl -X POST https://api.dome9.com/v2/Compliance/ContinuousCompliancePolicy \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"externalAccountId": "string",
"cloudAccountType": "Aws",
"bundleId": 0,
"notificationIds": [
"00000000-0000-0000-0000-000000000000"
]
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/Compliance/ContinuousCompliancePolicy',
{
method: 'POST',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.post('https://api.dome9.com/v2/Compliance/ContinuousCompliancePolicy', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
POST /v2/Compliance/ContinuousCompliancePolicy
Create a new compliance policy
Body parameter
{
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"externalAccountId": "string",
"cloudAccountType": "Aws",
"bundleId": 0,
"notificationIds": [
"00000000-0000-0000-0000-000000000000"
]
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | ContinuousCompliancePolicyPost | true | details for the policy |
Example responses
200 Response
{
"id": "00000000-0000-0000-0000-000000000000",
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"externalAccountId": "string",
"cloudAccountType": "Aws",
"bundleId": 0,
"notificationIds": [
"00000000-0000-0000-0000-000000000000"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | ContinuousCompliancePolicyGet |
Create Continuous Compliance Policies
Code samples
# You can also use wget
curl -X POST https://api.dome9.com/v2/Compliance/ContinuousCompliancePolicy/ContinuousCompliancePolicies \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '[
{
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"externalAccountId": "string",
"cloudAccountType": "Aws",
"bundleId": 0,
"notificationIds": [
"00000000-0000-0000-0000-000000000000"
]
}
]';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/Compliance/ContinuousCompliancePolicy/ContinuousCompliancePolicies',
{
method: 'POST',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.post('https://api.dome9.com/v2/Compliance/ContinuousCompliancePolicy/ContinuousCompliancePolicies', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
POST /v2/Compliance/ContinuousCompliancePolicy/ContinuousCompliancePolicies
Create new compliance policies
Body parameter
[
{
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"externalAccountId": "string",
"cloudAccountType": "Aws",
"bundleId": 0,
"notificationIds": [
"00000000-0000-0000-0000-000000000000"
]
}
]
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | array[object] | true | details for the policies |
Example responses
200 Response
[
{
"id": "00000000-0000-0000-0000-000000000000",
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"externalAccountId": "string",
"cloudAccountType": "Aws",
"bundleId": 0,
"notificationIds": [
"00000000-0000-0000-0000-000000000000"
]
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Status Code 200
| Name | Type | Description |
|---|---|---|
| anonymous | [ContinuousCompliancePolicyGet] | none |
Enumerated Values
| Property | Value |
|---|---|
| cloudAccountType | Aws |
| cloudAccountType | Azure |
| cloudAccountType |
EntityFetchStatus
This EntityFetchStatus resource queries the status of system data fetching by Dome9. Dome9 fetches information from cloud accounts and occasionally needs to refresh this information (typically in DevSecOps pipeline scenarios). This resource is used together with the SyncNow method in the CloudAccounts resource to fetch fresh cloud account data.
See also
Run Sync Assessment is a Python tool that uses the SyncNow API to fetch data from cloud accounts to Dome9.
Get
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/EntityFetchStatus \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/EntityFetchStatus',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/EntityFetchStatus', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/EntityFetchStatus
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| externalAccountNumber | query | string | false | [Required for AWS account] AWS account number |
| subscriptionId | query | string | false | [Required for Azure subscription] |
| projectId | query | string | false | [Required for GCP project] |
| cloudAccountId | query | string(uuid) | false | [Optional] This is the Dome9 CloudAccountId which can replace the AWS externalAccountNumber |
| region | query | string | false | The cloud account region. Note: the API expects '_' instead of '-' (Example: us_east_1) |
| resourceGroupName | query | string | false | Azure resource group name |
| entityType | query | string | false | The desired cloud entity (type). For a full list of supported types please refer to: entities list |
| workFlowId | query | string(uuid) | false | (for internal use) |
| location | query | string | false | GCP Location |
Example responses
200 Response
[
{
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"externalAccountNumber": "string",
"subscriptionId": "string",
"projectId": "string",
"region": "string",
"resourceGroupName": "string",
"workFlowId": "00000000-0000-0000-0000-000000000000",
"entityType": "string",
"fetchedEntities": 0,
"lastSuccessfulRun": "2019-06-13T15:21:04Z",
"lastFailureRun": "2019-06-13T15:21:04Z",
"location": "string",
"vendor": "string"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Status Code 200
| Name | Type | Description |
|---|---|---|
| anonymous | [FetcherRunStatus] | none |
Exclusion
The Exclusion resource has methods to create or retrieve exclusions. Exclusions hide findings (resulting from Compliance assessments) from the list of findings (displayed in the Dome9 console UI, or retrieved with the Finding resource). Excluded findings are not included in the calculation of assessment result scores.
The GET method retrieves a list of exclusions, and the POST method adds a new exclusion.
See also
Get
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/Exclusion/{id} \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/Exclusion/{id}',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/Exclusion/{id}', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/Exclusion/{id}
Get details for a specific exclusion
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | the id of the exclusion |
Example responses
200 Response
{
"id": "00000000-0000-0000-0000-000000000000",
"ruleLogicHash": "string",
"logic": "string",
"bundleId": 0,
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"cloudAccountType": "Aws",
"comment": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | ExclusionGet |
Put
Code samples
# You can also use wget
curl -X PUT https://api.dome9.com/v2/Exclusion \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"id": "00000000-0000-0000-0000-000000000000",
"ruleLogicHash": "string",
"logic": "string",
"bundleId": 0,
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"cloudAccountType": "Aws",
"comment": "string"
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/Exclusion',
{
method: 'PUT',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.put('https://api.dome9.com/v2/Exclusion', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
PUT /v2/Exclusion
Update a exclusion
Body parameter
{
"id": "00000000-0000-0000-0000-000000000000",
"ruleLogicHash": "string",
"logic": "string",
"bundleId": 0,
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"cloudAccountType": "Aws",
"comment": "string"
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | ExclusionGet | true | details for the exclusion |
Example responses
200 Response
{
"id": "00000000-0000-0000-0000-000000000000",
"ruleLogicHash": "string",
"logic": "string",
"bundleId": 0,
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"cloudAccountType": "Aws",
"comment": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | ExclusionGet |
Post
Code samples
# You can also use wget
curl -X POST https://api.dome9.com/v2/Exclusion \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"ruleLogicHash": "string",
"logic": "string",
"bundleId": 0,
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"cloudAccountType": "Aws",
"comment": "string"
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/Exclusion',
{
method: 'POST',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.post('https://api.dome9.com/v2/Exclusion', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
POST /v2/Exclusion
Add a new exclusion
Body parameter
{
"ruleLogicHash": "string",
"logic": "string",
"bundleId": 0,
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"cloudAccountType": "Aws",
"comment": "string"
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | ExclusionPost | true | details for the exclusion |
Example responses
200 Response
{
"id": "00000000-0000-0000-0000-000000000000",
"ruleLogicHash": "string",
"logic": "string",
"bundleId": 0,
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"cloudAccountType": "Aws",
"comment": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | ExclusionGet |
Delete
Code samples
# You can also use wget
curl -X DELETE https://api.dome9.com/v2/Exclusion/{id}
--basic -u <key-id>:<key-secret> \
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
request('https://api.dome9.com/v2/Exclusion/{id}',
{
method: 'DELETE'
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
r = requests.delete('https://api.dome9.com/v2/Exclusion/{id}', params={
, auth=(apiKey, apiSecret))
print(r.json())
DELETE /v2/Exclusion/{id}
Delete an exclusion
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | the id of the exclusion to delete |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | No Content | None |
Finding
The Findings resource has methods to retrieve findings from assessments run by a user on cloud accounts. Findings are indications of failure for a specific test in a bundle, on a specific cloud account entity. There are methods to retrieve all findings, or findings for specific bundles. In all cases, the most recent results (for the selected bundle(s)) are returned. Results can be from assessments run manually (using the Assessment resource), or continuously (using the ContinuousCompliancePolicy resource.
Additional resources
See also
Get Bundle Stats
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/Compliance/Finding/bundle/{bundleId}/stats \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/Compliance/Finding/bundle/{bundleId}/stats',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/Compliance/Finding/bundle/{bundleId}/stats', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/Compliance/Finding/bundle/{bundleId}/stats
Get statistics for each rule in a bundle (number failures)
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| bundleId | path | integer(int64) | true | none |
Example responses
200 Response
{
"rules": [
{
"ruleLogicHash": "string",
"numberOfFindings": 0
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | FindingsStats |
Get Findings
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/Compliance/Finding/bundle/{bundleId}?ruleLogicHash=string&pageNumber=0&pageSize=0 \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/Compliance/Finding/bundle/{bundleId}?ruleLogicHash=string&pageNumber=0&pageSize=0',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/Compliance/Finding/bundle/{bundleId}', params={
'ruleLogicHash': 'string', 'pageNumber': '0', 'pageSize': '0'
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/Compliance/Finding/bundle/{bundleId}
Get the findings for a specific rule in a bundle, for all of the user's accounts. Results are paged, so each request returns findings for a specific page.
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| bundleId | path | integer(int64) | true | the bundle id |
| ruleLogicHash | query | string | true | MD5 hash of the rule GSL string |
| pageNumber | query | integer(int32) | true | the findings page (findings are returned in pages, with pageSize findings in each page) |
| pageSize | query | integer(int32) | true | the number of findings in a page |
Example responses
200 Response
[
{
"id": "00000000-0000-0000-0000-000000000000",
"findingKey": "string",
"createdTime": "2019-06-13T15:21:04Z",
"updatedTime": "2019-06-13T15:21:04Z",
"cloudAccountType": "Aws",
"comments": [
{
"text": "string",
"timestamp": "2019-06-13T15:21:04Z",
"userName": "string"
}
],
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"cloudAccountExternalId": "string",
"bundleId": 0,
"ruleId": "string",
"ruleName": "string",
"ruleLogic": "string",
"entityDome9Id": "string",
"entityExternalId": "string",
"entityType": "string",
"entityName": "string",
"entityNetwork": "string",
"entityTags": [
{
"key": "string",
"value": "string"
}
],
"severity": "string",
"description": "string",
"remediation": "string",
"tag": "string",
"region": "string",
"bundleName": "string",
"acknowledged": true,
"origin": "ComplianceEngine",
"lastSeenTime": "2019-06-13T15:21:04Z",
"ownerUserName": "string",
"magellan": {
"alertWindowStartTime": "2019-06-13T15:21:04Z",
"alertWindowEndTime": "2019-06-13T15:21:04Z"
},
"isExcluded": true
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Status Code 200
| Name | Type | Description |
|---|---|---|
| anonymous | [BaseFinding] | none |
Enumerated Values
| Property | Value |
|---|---|
| cloudAccountType | Aws |
| cloudAccountType | Azure |
| cloudAccountType | |
| origin | ComplianceEngine |
| origin | Magellan |
Get Finding
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/Compliance/Finding/{id} \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/Compliance/Finding/{id}',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/Compliance/Finding/{id}', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/Compliance/Finding/{id}
Get details for a specific finding, identified by its id.
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | the finding id |
Example responses
200 Response
{
"entityObject": {},
"id": "00000000-0000-0000-0000-000000000000",
"findingKey": "string",
"createdTime": "2019-06-13T15:21:04Z",
"updatedTime": "2019-06-13T15:21:04Z",
"cloudAccountType": "Aws",
"comments": [
{
"text": "string",
"timestamp": "2019-06-13T15:21:04Z",
"userName": "string"
}
],
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"cloudAccountExternalId": "string",
"bundleId": 0,
"ruleId": "string",
"ruleName": "string",
"ruleLogic": "string",
"entityDome9Id": "string",
"entityExternalId": "string",
"entityType": "string",
"entityName": "string",
"entityNetwork": "string",
"entityTags": [
{
"key": "string",
"value": "string"
}
],
"severity": "string",
"description": "string",
"remediation": "string",
"tag": "string",
"region": "string",
"bundleName": "string",
"acknowledged": true,
"origin": "ComplianceEngine",
"lastSeenTime": "2019-06-13T15:21:04Z",
"ownerUserName": "string",
"magellan": {
"alertWindowStartTime": "2019-06-13T15:21:04Z",
"alertWindowEndTime": "2019-06-13T15:21:04Z"
},
"isExcluded": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Finding |
Delete
Code samples
# You can also use wget
curl -X DELETE https://api.dome9.com/v2/Compliance/Finding/{id} \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/Compliance/Finding/{id}',
{
method: 'DELETE',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.delete('https://api.dome9.com/v2/Compliance/Finding/{id}', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
DELETE /v2/Compliance/Finding/{id}
Delete finding originated in Magellan by id (Guid)
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | Finding ID (Guid) |
Example responses
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Get Bundle Export
Code samples
# You can also use wget
curl -X GET https://api.dome9.com/v2/Compliance/Finding/export \
--basic -u <key-id>:<key-secret> \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const headers = {
'Authorization': 'Basic ' + auth,
'Accept':'application/json'
};
request('https://api.dome9.com/v2/Compliance/Finding/export',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Accept': 'application/json'
}
r = requests.get('https://api.dome9.com/v2/Compliance/Finding/export', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
GET /v2/Compliance/Finding/export
returns a CSV report of the Compliance Engine Findings (failed tests).
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| bundleIds | query | string | false | A comma separated string. When specified filter the results to the findings from the specified bundles. ex. -1,123,333,-13,... |
| cloudAccounts | query | string | false | A comma separated string. When specified filter the results to the findings from the specified accounts. ex. 123456789012,111111111111,222222222222,... |
| fromDateTime | query | string(date-time) | false | When specified filter the results to the findings that were opened after the given time |
Example responses
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
Response Schema
Search
Code samples
# You can also use wget
curl -X POST https://api.dome9.com/v2/Compliance/Finding/search \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"pageSize": 0,
"sorting": {
"fieldName": "string",
"direction": 0
},
"filter": {
"freeTextPhrase": "string",
"fields": [
{
"name": "string",
"value": "string"
}
],
"creationTime": {
"from": "2019-06-13T15:21:04Z",
"to": "2019-06-13T15:21:04Z"
}
},
"searchAfter": [
"string"
]
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/Compliance/Finding/search',
{
method: 'POST',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.post('https://api.dome9.com/v2/Compliance/Finding/search', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
POST /v2/Compliance/Finding/search
Filter findings by account, region, VPC, IP, or instance name
Body parameter
{
"pageSize": 0,
"sorting": {
"fieldName": "string",
"direction": 0
},
"filter": {
"freeTextPhrase": "string",
"fields": [
{
"name": "string",
"value": "string"
}
],
"creationTime": {
"from": "2019-06-13T15:21:04Z",
"to": "2019-06-13T15:21:04Z"
}
},
"searchAfter": [
"string"
]
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | SearchRequest | true | the filter selections |
Example responses
200 Response
{
"searchRequest": {
"pageSize": 0,
"sorting": {
"fieldName": "string",
"direction": 0
},
"filter": {
"freeTextPhrase": "string",
"fields": [
{
"name": "string",
"value": "string"
}
],
"creationTime": {
"from": "2019-06-13T15:21:04Z",
"to": "2019-06-13T15:21:04Z"
}
},
"searchAfter": [
"string"
]
},
"findings": [
{
"id": "00000000-0000-0000-0000-000000000000",
"findingKey": "string",
"createdTime": "2019-06-13T15:21:04Z",
"updatedTime": "2019-06-13T15:21:04Z",
"cloudAccountType": "Aws",
"comments": [
{
"text": "string",
"timestamp": "2019-06-13T15:21:04Z",
"userName": "string"
}
],
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"cloudAccountExternalId": "string",
"bundleId": 0,
"ruleId": "string",
"ruleName": "string",
"ruleLogic": "string",
"entityDome9Id": "string",
"entityExternalId": "string",
"entityType": "string",
"entityName": "string",
"entityNetwork": "string",
"entityTags": [
{
"key": "string",
"value": "string"
}
],
"severity": "string",
"description": "string",
"remediation": "string",
"tag": "string",
"region": "string",
"bundleName": "string",
"acknowledged": true,
"origin": "ComplianceEngine",
"lastSeenTime": "2019-06-13T15:21:04Z",
"ownerUserName": "string",
"magellan": {
"alertWindowStartTime": "2019-06-13T15:21:04Z",
"alertWindowEndTime": "2019-06-13T15:21:04Z"
},
"isExcluded": true
}
],
"totalFindingsCount": 0,
"aggregations": {
"property1": [
{
"value": {},
"count": 0
}
],
"property2": [
{
"value": {},
"count": 0
}
]
},
"searchAfter": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | FindingPaganation |
Acknowledge
Code samples
# You can also use wget
curl -X PUT https://api.dome9.com/v2/Compliance/Finding/{id}/acknowledge \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"acknowledged": true,
"comment": "string"
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/Compliance/Finding/{id}/acknowledge',
{
method: 'PUT',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.put('https://api.dome9.com/v2/Compliance/Finding/{id}/acknowledge', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
PUT /v2/Compliance/Finding/{id}/acknowledge
Acknowledge a finding. Acknowledging a finding indicates it was viewed (or retrieved), but does not indicate it was resolved.
Body parameter
{
"acknowledged": true,
"comment": "string"
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | the finding id |
| body | body | PutAcknowledged | true | updated information about the finding, including the acknowledgement |
Example responses
200 Response
{
"entityObject": {},
"id": "00000000-0000-0000-0000-000000000000",
"findingKey": "string",
"createdTime": "2019-06-13T15:21:04Z",
"updatedTime": "2019-06-13T15:21:04Z",
"cloudAccountType": "Aws",
"comments": [
{
"text": "string",
"timestamp": "2019-06-13T15:21:04Z",
"userName": "string"
}
],
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"cloudAccountExternalId": "string",
"bundleId": 0,
"ruleId": "string",
"ruleName": "string",
"ruleLogic": "string",
"entityDome9Id": "string",
"entityExternalId": "string",
"entityType": "string",
"entityName": "string",
"entityNetwork": "string",
"entityTags": [
{
"key": "string",
"value": "string"
}
],
"severity": "string",
"description": "string",
"remediation": "string",
"tag": "string",
"region": "string",
"bundleName": "string",
"acknowledged": true,
"origin": "ComplianceEngine",
"lastSeenTime": "2019-06-13T15:21:04Z",
"ownerUserName": "string",
"magellan": {
"alertWindowStartTime": "2019-06-13T15:21:04Z",
"alertWindowEndTime": "2019-06-13T15:21:04Z"
},
"isExcluded": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Finding |
Change Severity
Code samples
# You can also use wget
curl -X PUT https://api.dome9.com/v2/Compliance/Finding/{id}/severity \
--basic -u <key-id>:<key-secret> \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
package main
import (
"bytes"
"encoding/base64"
"net/http"
"fmt"
"io/ioutil"
)
func main() {
apiKey := // Your API key
apiSecret := // Your API secret
jsonReq := `` // Set data if needed
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Basic "+basicAuth(apiKey, apiSecret)},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.dome9.com/v2/AccessLease", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
body, err := ioutil.ReadAll(resp.Body)
fmt.Printf(string(body))
_ = err
}
func basicAuth(username string, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
const request = require('node-fetch');
var apiKey = // Your API key
var apiSecret = // Your API secret
var auth = (new Buffer(apiKey + ":" + apiSecret)).toString('base64')
const inputBody = '{
"severity": "Low",
"comment": "string"
}';
const headers = {
'Authorization': 'Basic ' + auth,
'Content-Type':'application/json',
'Accept':'application/json'
};
request('https://api.dome9.com/v2/Compliance/Finding/{id}/severity',
{
method: 'PUT',
body: inputBody, headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
import requests
# Your API key
apiKey =
# Your API secret
apiSecret =
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
r = requests.put('https://api.dome9.com/v2/Compliance/Finding/{id}/severity', params={
}, headers = headers, auth=(apiKey, apiSecret))
print(r.json())
PUT /v2/Compliance/Finding/{id}/severity
Change the severity of a specific finding
Body parameter
{
"severity": "Low",
"comment": "string"
}
Parameters
| Parameter | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | string(uuid) | true | the finding id |
| body | body | PutSeverity | true | updated information about the finding, including the new severity |
Example responses
200 Response
{
"entityObject": {},
"id": "00000000-0000-0000-0000-000000000000",
"findingKey": "string",
"createdTime": "2019-06-13T15:21:04Z",
"updatedTime": "2019-06-13T15:21:04Z",
"cloudAccountType": "Aws",
"comments": [
{
"text": "string",
"timestamp": "2019-06-13T15:21:04Z",
"userName": "string"
}
],
"cloudAccountId": "00000000-0000-0000-0000-000000000000",
"cloudAccountExternalId": "string",
"bundleId": 0,