This is a cache of https://docs.openshift.com/acs/4.5/api/ComplianceService.html. It is a snapshot of the page at 2024-11-25T18:12:24.990+0000.
ComplianceService | API reference | Red Hat Advanced Cluster Security for Kubernetes 4.5
×

GetAggregatedResults

GET /v1/compliance/aggregatedresults

Description

Parameters

Query Parameters

Name Description Required Default Pattern

groupBy

String

-

null

unit

-

UNKNOWN

where.query

-

null

where.pagination.limit

-

null

where.pagination.offset

-

null

where.pagination.sortOption.field

-

null

where.pagination.sortOption.reversed

-

null

where.pagination.sortOption.aggregateBy.aggrFunc

-

UNSET

where.pagination.sortOption.aggregateBy.distinct

-

null

Content Type

  • application/json

Responses

Table 1. HTTP Response Codes
Code Message Datatype

200

A successful response.

StorageComplianceAggregationResponse

0

An unexpected error response.

RuntimeError

Samples

GetRunResults

GET /v1/compliance/runresults

Description

Parameters

Query Parameters

Name Description Required Default Pattern

clusterId

-

null

standardId

-

null

runId

Specifies the run ID for which to return results. If empty, the most recent run is returned. CAVEAT: Setting this field circumvents the results cache on the server-side, which may lead to significantly increased memory pressure and decreased performance.

-

null

Content Type

  • application/json

Responses

Table 2. HTTP Response Codes
Code Message Datatype

200

A successful response.

V1GetComplianceRunResultsResponse

0

An unexpected error response.

RuntimeError

Samples

GetStandard

GET /v1/compliance/standards/{id}

Description

Parameters

Path Parameters

Name Description Required Default Pattern

id

X

null

Content Type

  • application/json

Responses

Table 3. HTTP Response Codes
Code Message Datatype

200

A successful response.

V1GetComplianceStandardResponse

0

An unexpected error response.

RuntimeError

Samples

GetStandards

GET /v1/compliance/standards

Description

Parameters

Content Type

  • application/json

Responses

Table 4. HTTP Response Codes
Code Message Datatype

200

A successful response.

V1GetComplianceStandardsResponse

0

An unexpected error response.

RuntimeError

Samples

UpdateComplianceStandardConfig

PATCH /v1/compliance/standards/{id}

Description

Parameters

Path Parameters

Name Description Required Default Pattern

id

X

null

Body Parameter

Name Description Required Default Pattern

body

V1UpdateComplianceRequest

X

Return Type

Object

Content Type

  • application/json

Responses

Table 5. HTTP Response Codes
Code Message Datatype

200

A successful response.

Object

0

An unexpected error response.

RuntimeError

Samples

Common object reference

ComplianceAggregationAggregationKey

Next available tag: 3
Field Name Required Nullable Type Description Format

scope

StorageComplianceAggregationScope

UNKNOWN, STANDARD, CLUSTER, CATEGORY, CONTROL, NAMESPACE, NODE, deployment, CHECK,

id

String

ComplianceResultValueEvidence

Field Name Required Nullable Type Description Format

state

StorageComplianceState

COMPLIANCE_STATE_UNKNOWN, COMPLIANCE_STATE_SKIP, COMPLIANCE_STATE_NOTE, COMPLIANCE_STATE_SUCCESS, COMPLIANCE_STATE_FAILURE, COMPLIANCE_STATE_ERROR,

message

String

messageId

Integer

int32

ComplianceRunResultsEntityResults

Field Name Required Nullable Type Description Format

controlResults

Map of StorageComplianceResultValue

ProtobufAny

Any contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.

Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.

Example 1: Pack and unpack a message in C++.

Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
  ...
}

Example 2: Pack and unpack a message in Java.

Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
  foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
  foo = any.unpack(Foo.getDefaultInstance());
}
Example 3: Pack and unpack a message in Python.
foo = Foo(...)
any = Any()
any.Pack(foo)
...
if any.Is(Foo.DESCRIPTOR):
  any.Unpack(foo)
  ...
Example 4: Pack and unpack a message in Go
foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
  ...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
  ...
}

The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example "foo.bar.com/x/y.z" will yield type name "y.z".

JSON representation

The JSON representation of an Any value uses the regular representation of the deserialized, embedded message, with an additional field @type which contains the type URL. Example:

package google.profile;
message Person {
  string first_name = 1;
  string last_name = 2;
}
{
  "@type": "type.googleapis.com/google.profile.Person",
  "firstName": <string>,
  "lastName": <string>
}

If the embedded message type is well-known and has a custom JSON representation, that representation will be embedded adding a field value which holds the custom JSON in addition to the @type field. Example (for message [google.protobuf.Duration][]):

{
  "@type": "type.googleapis.com/google.protobuf.Duration",
  "value": "1.212s"
}
Field Name Required Nullable Type Description Format

typeUrl

String

A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in path/google.protobuf.Duration). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme http, https, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, https is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than http, https (or the empty scheme) might be used with implementation specific semantics.

value

byte[]

Must be a valid serialized protocol buffer of the above specified type.

byte

RuntimeError

Field Name Required Nullable Type Description Format

error

String

code

Integer

int32

message

String

details

List of ProtobufAny

StorageComplianceAggregationResponse

Next available tag: 3
Field Name Required Nullable Type Description Format

results

List of StorageComplianceAggregationResult

sources

List of StorageComplianceAggregationSource

errorMessage

String

StorageComplianceAggregationResult

Next available tag: 5
Field Name Required Nullable Type Description Format

aggregationKeys

List of ComplianceAggregationAggregationKey

unit

StorageComplianceAggregationScope

UNKNOWN, STANDARD, CLUSTER, CATEGORY, CONTROL, NAMESPACE, NODE, deployment, CHECK,

numPassing

Integer

int32

numFailing

Integer

int32

numSkipped

Integer

int32

StorageComplianceAggregationScope

Enum Values

UNKNOWN

STANDARD

CLUSTER

CATEGORY

CONTROL

NAMESPACE

NODE

deployment

CHECK

StorageComplianceAggregationSource

Next available tag: 5
Field Name Required Nullable Type Description Format

clusterId

String

standardId

String

successfulRun

StorageComplianceRunMetadata

failedRuns

List of StorageComplianceRunMetadata

StorageComplianceDomain

Next available tag: 5
Field Name Required Nullable Type Description Format

id

String

cluster

StorageComplianceDomainCluster

nodes

Map of StorageComplianceDomainNode

deployments

Map of StorageComplianceDomaindeployment

StorageComplianceDomainCluster

These must mirror the tags _exactly_ in cluster.proto for backwards compatibility
Field Name Required Nullable Type Description Format

id

String

name

String

StorageComplianceDomaindeployment

This must mirror the tags _exactly_ in deployment.proto for backwards compatibility
Field Name Required Nullable Type Description Format

id

String

name

String

type

String

namespace

String

namespaceId

String

clusterId

String

clusterName

String

StorageComplianceDomainNode

These must mirror the tags _exactly_ in node.proto for backwards compatibility
Field Name Required Nullable Type Description Format

id

String

name

String

clusterId

String

clusterName

String

StorageComplianceResultValue

Field Name Required Nullable Type Description Format

evidence

List of ComplianceResultValueEvidence

overallState

StorageComplianceState

COMPLIANCE_STATE_UNKNOWN, COMPLIANCE_STATE_SKIP, COMPLIANCE_STATE_NOTE, COMPLIANCE_STATE_SUCCESS, COMPLIANCE_STATE_FAILURE, COMPLIANCE_STATE_ERROR,

StorageComplianceRunMetadata

Next available tag: 5

StorageComplianceRunResults

Next available tag: 6
Field Name Required Nullable Type Description Format

domain

StorageComplianceDomain

runMetadata

StorageComplianceRunMetadata

clusterResults

ComplianceRunResultsEntityResults

nodeResults

Map of ComplianceRunResultsEntityResults

deploymentResults

Map of ComplianceRunResultsEntityResults

machineConfigResults

Map of ComplianceRunResultsEntityResults

StorageComplianceState

Enum Values

COMPLIANCE_STATE_UNKNOWN

COMPLIANCE_STATE_SKIP

COMPLIANCE_STATE_NOTE

COMPLIANCE_STATE_SUCCESS

COMPLIANCE_STATE_FAILURE

COMPLIANCE_STATE_ERROR

V1ComplianceControl

Field Name Required Nullable Type Description Format

id

String

standardId

String

groupId

String

name

String

description

String

implemented

Boolean

interpretationText

String

V1ComplianceControlGroup

Field Name Required Nullable Type Description Format

id

String

standardId

String

name

String

description

String

numImplementedChecks

Integer

int32

V1ComplianceStandard

Field Name Required Nullable Type Description Format

metadata

V1ComplianceStandardMetadata

groups

List of V1ComplianceControlGroup

controls

List of V1ComplianceControl

V1ComplianceStandardMetadata

V1ComplianceStandardMetadataScope

Enum Values

UNSET

CLUSTER

NAMESPACE

deployment

NODE

V1GetComplianceRunResultsResponse

Field Name Required Nullable Type Description Format

results

StorageComplianceRunResults

failedRuns

List of StorageComplianceRunMetadata

V1GetComplianceStandardResponse

Field Name Required Nullable Type Description Format

standard

V1ComplianceStandard

V1GetComplianceStandardsResponse

Field Name Required Nullable Type Description Format

standards

List of V1ComplianceStandardMetadata

V1UpdateComplianceRequest

Field Name Required Nullable Type Description Format

id

String

hideScanResults

Boolean