emasser 1.0.3 → 3.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (43) hide show
  1. checksums.yaml +4 -4
  2. data/.env-example +2 -0
  3. data/.github/workflows/gh-pages.yml +4 -5
  4. data/.github/workflows/release.yml +9 -9
  5. data/Dockerfile +6 -4
  6. data/Gemfile +1 -1
  7. data/Gemfile.lock +25 -32
  8. data/README.md +87 -78
  9. data/docs/features.md +455 -213
  10. data/docs/images/emasser_architecture.jpg +0 -0
  11. data/emasser.gemspec +5 -3
  12. data/images/emasser_architecture.jpg +0 -0
  13. data/images/emasser_diagram-Page-3.jpg +0 -0
  14. data/lib/emasser/cli.rb +2 -2
  15. data/lib/emasser/configuration.rb +1 -0
  16. data/lib/emasser/constants.rb +11 -3
  17. data/lib/emasser/delete.rb +9 -7
  18. data/lib/emasser/get.rb +323 -49
  19. data/lib/emasser/help/cloudresource_post_mapper.md +62 -0
  20. data/lib/emasser/help/container_post_mapper.md +44 -0
  21. data/lib/emasser/output_converters.rb +101 -4
  22. data/lib/emasser/post.rb +231 -38
  23. data/lib/emasser/put.rb +23 -16
  24. data/lib/emasser/version.rb +1 -1
  25. metadata +15 -27
  26. data/.github/workflows/generate_docs.yml +0 -33
  27. data/docs/developers.md +0 -115
  28. data/docs/swagger/dist/favicon-16x16.png +0 -0
  29. data/docs/swagger/dist/favicon-32x32.png +0 -0
  30. data/docs/swagger/dist/oauth2-redirect.html +0 -75
  31. data/docs/swagger/dist/swagger-ui-bundle.js +0 -3
  32. data/docs/swagger/dist/swagger-ui-bundle.js.map +0 -1
  33. data/docs/swagger/dist/swagger-ui-es-bundle-core.js +0 -3
  34. data/docs/swagger/dist/swagger-ui-es-bundle-core.js.map +0 -1
  35. data/docs/swagger/dist/swagger-ui-es-bundle.js +0 -3
  36. data/docs/swagger/dist/swagger-ui-es-bundle.js.map +0 -1
  37. data/docs/swagger/dist/swagger-ui-standalone-preset.js +0 -3
  38. data/docs/swagger/dist/swagger-ui-standalone-preset.js.map +0 -1
  39. data/docs/swagger/dist/swagger-ui.css +0 -4
  40. data/docs/swagger/dist/swagger-ui.css.map +0 -1
  41. data/docs/swagger/dist/swagger-ui.js +0 -3
  42. data/docs/swagger/dist/swagger-ui.js.map +0 -1
  43. data/docs/swagger/index.html +0 -60
data/docs/features.md CHANGED
@@ -1,9 +1,17 @@
1
1
  # emasser CLI Features
2
2
 
3
- ## Required Environment Variables
4
- To facilitate setting the required environment variables the emasser CLI utilized the zero-dependency module to load these variables from a .env file. An .env-example file is provided with the required fields (listed below).
3
+ ## Environment Variables
4
+ To facilitate setting the required environment variables the `emasser `CLI utilized the zero-dependency module to load these variables from a `.env` file.
5
5
 
6
- emasser environment variables (required):
6
+ ### Configuring the `.env` File
7
+ An `.env-example` file is provided with the required and optional fields.
8
+
9
+ Modify the `.env_example` as necessary and save it as a `.env` file.
10
+
11
+ Place the file on the path where the `emasser` command is executed.
12
+
13
+ ### Required and Optional Environment Variables
14
+ The following environment variables are required:
7
15
  * EMASSER_API_KEY_API_KEY=`<API key>`
8
16
  * EMASSER_API_KEY_USER_UID=`<unique identifier for the API Key (EMASSER_API_KEY_API_KEY)`
9
17
  * EMASSER_HOST=`<FQDN of the eMASS server>`
@@ -11,26 +19,31 @@ emasser environment variables (required):
11
19
  * EMASSER_CERT_FILE_PATH=`<path to your eMASS certificate in PEM format>`
12
20
  * EMASSER_KEY_PASSWORD=`<password for the key given in EMASSER_KEY_FILE_PATH>`
13
21
 
14
- emasser environment variables (optional):
15
- * EMASSER_CLIENT_SIDE_VALIDATION=`<client side validation - true or false>`
16
- * EMASSER_VERIFY_SSL=`<verify SSL - true or false>`
17
- * EMASSER_VERIFY_SSL_HOST=`<verify host SSL - true or false>`
18
- * EMASSER_DEBUGGING=`<set debugging - true or false>`
22
+ The following environment variables are *optional:
23
+ * EMASSER_CLIENT_SIDE_VALIDATION=`<client side validation - true or false (default true)>`
24
+ * EMASSER_VERIFY_SSL=`<verify SSL - true or false (default true)>`
25
+ * EMASSER_VERIFY_SSL_HOST=`<verify host SSL - true or false (default true)>`
26
+ * EMASSER_DEBUGGING=`<set debugging - true or false (default false)>`
27
+ * EMASSER_CLI_DISPLAY_NULL=`<display null value fields - true or false (default true)>`
28
+ * EMASSER_POCH_TO_DATETIME=`<convert epoch to data/time value - true or false (default false)>`
29
+
30
+ \* If not provided defaults are used
19
31
 
32
+ The proper format to set these variables in the `.env` files is as follows:
33
+ ```bash
34
+ export [VARIABLE_NAME]='value'
35
+ ```
36
+ ***NOTE***
37
+ `emasser` requires authentication to an eMASS instance as well as authorization to use the eMASS API. This authentication and authorization is **not** a function of `emasser` and needs to be accomplished with the eMASS instances owner organization. Further information about eMASS credential requirements refer to [Defense Counterintelligence and Security Agency](https://www.dcsa.mil/is/emass/) about eMASS access.
38
+
39
+ ---
20
40
  ## Common emasser Endpoint Requests Information
21
41
  - To invoke any boolean parameters use --parameterName for TRUE and --no-parameterName for FALSE
22
- - The eMASS API provides the capability of updating multiple entries within several endpoints, however this CLI only supports updating one entry at the time.
42
+ - The eMASS API provides the capability of updating multiple entries within several endpoints, however the `emasser` CLI, in some cases only supports updating one entry at the time.
23
43
 
24
44
  ## Invoking emasser CLI Commands
25
45
 
26
- The CLI invoke commands listed in this document shows them when executing from the source code (after a pull from GitHub). If an executable (.gem) is created the command to invoke the endpoint is different. For example:
27
- - Invoking the GET systems endpoint from the source code is:
28
-
29
- bundle exec exe/emasser get systems all
30
-
31
- - Invoking the GET systems endpoint from the compile binary (.gem) is:
32
-
33
- emasser get systems all
46
+ The CLI invoke commands listed in this document shows them when executing from the source code (after a pull from GitHub). Please reference the [`emasser` README](https://mitre.github.io/emasser/) on how to invoke the CLI using other available executables (gem or docker).
34
47
 
35
48
  ## API Endpoints Provided
36
49
 
@@ -38,10 +51,11 @@ The CLI invoke commands listed in this document shows them when executing from t
38
51
  * [/api](#get-test-connection)
39
52
  * [/api/system](#get-system)
40
53
  * [/api/systems](#get-systems)
54
+ * [/api/systems/{systemId}](#get-system)
41
55
  * [/api/system-roles](#get-roles)
42
56
  * [/api/system-roles/{roleCategory}](#get-roles)
43
57
  * [/api/systems/{systemId}/controls](#get-controls)
44
- * [/api/systems/{systemId}/test-results](#get-test_results)
58
+ * [/api/systems/{systemId}/test-results](#get-testresults)
45
59
  * [/api/systems/{systemId}/poams](#get-poams)
46
60
  * [/api/systems/{systemId}/poams/{poamId}](#get-poams)
47
61
  * [/api/systems/{systemId}/poams/{poamId}/milestones](#get-milestones)
@@ -53,7 +67,23 @@ The CLI invoke commands listed in this document shows them when executing from t
53
67
  * [/api/cmmc-assessments](#get-cmmc)
54
68
  * [/api/workflow-definitions](#get-workflow_definitions)
55
69
  * [/api/systems/{systemId}/workflow-instances](#get-workflow_instances)
56
-
70
+ * [/api/dashboards/system-status-details](#get-dashboards)
71
+ * [/api/dashboards/system-control-compliance-summary](#get-dashboards)
72
+ * [/api/dashboards/system-security-controls-details](#get-dashboards)
73
+ * [/api/dashboards/system-assessment-procedures-details](#get-dashboards)
74
+ * [/api/dashboards/system-poam-summary](#get-dashboards)
75
+ * [/api/dashboards/system-poam-details](#get-dashboards)
76
+ * [/api/dashboards/system-hardware-summary](#get-dashboards)
77
+ * [/api/dashboards/system-hardware-details](#get-dashboards)
78
+ * [/api/dashboards/system-associations-details](#get-dashboards)
79
+ * [/api/dashboards/user-system-assignments-details](#get-dashboards)
80
+ * [/api/dashboards/system-privacy-summary](#get-dashboards)
81
+ * [/api/dashboards/va-omb-fisma-saop-summary](#get-dashboards)
82
+ * [/api/dashboards/va-system-aa-summary](#get-dashboards)
83
+ * [/api/dashboards/va-system-a2-summary](#get-dashboards)
84
+ * [/api/dashboards/va-system-pl-109-reporting-summary](#get-dashboards)
85
+ * [/api/dashboards/va-system-fisma-inventory-summary](#get-dashboards)
86
+
57
87
  ### POST
58
88
  * [/api/systems/{systemId}/test-results](#post-test_results)
59
89
  * [/api/systems/{systemId}/poam](#post-poams)
@@ -62,7 +92,9 @@ The CLI invoke commands listed in this document shows them when executing from t
62
92
  * [/api/systems/{systemId}/approval/cac](#post-cac)
63
93
  * [/api/systems/{systemId}/approval/pac](#post-pac)
64
94
  * [/api/systems/{systemId}/static-code-scans](#post-static_code_scan)
65
-
95
+ * [/api/systems/{systemId}/cloud-resource-results](#post-cloudresource)
96
+ * [/api/systems/{systemId}/container-scan-results](#post-container)
97
+
66
98
  ### PUT
67
99
  * [/api/systems/{systemId}/controls](#put-controls)
68
100
  * [/api/systems/{systemId}/poams](#put-poams)
@@ -77,77 +109,77 @@ The CLI invoke commands listed in this document shows them when executing from t
77
109
  ## Endpoints CLI help
78
110
 
79
111
  Each CLI endpoint command has several layers of help.
80
- - Using `help` after a `get, put, post, or delete` command lists all available endpoint calls
112
+ - Using `help` after a `get, put, post, or delete` command lists all available endpoint calls. The following command would list all available `GET` endpoints commands.
81
113
 
82
- ```
114
+ ```bash
83
115
  $ bundle exec exe/emasser get help
116
+ Commands:
117
+ emasser get artifacts # Get system Artifacts
118
+ emasser get cac # Get location of one or many controls in...
119
+ emasser get cmmc # Get CMMC assessment information
120
+ emasser get controls # Get system Controls
121
+ emasser get dashboards # Get dashboard information
122
+ emasser get help [COMMAND] # Describe subcommands or one specific su...
123
+ emasser get milestones # Get system Milestones
124
+ emasser get pac # Get status of active workflows in a system
125
+ emasser get poams # Get system Poams
126
+ emasser get roles # Get all system roles or by category Id
127
+ emasser get system # Get a system ID given name/owner, or ge...
128
+ emasser get systems # Get all systems
129
+ emasser get test # Test connection to the configured eMASS...
130
+ emasser get test_results # Get system Test Results
131
+ emasser get workflow_definitions # Get workflow definitions in a site
132
+ emasser get workflow_instances # Get workflow instance by system and/or ...
84
133
  ```
85
-
86
- would list all available `GET` endpoint Commands:
87
-
88
- - emasser get approval ...
89
- - emasser get artifacts ...
90
- - emasser get controls ...
91
- - emasser get help [COMMAND] ...
92
- - emasser get poams ...
93
- - emasser get roles ...
94
- - emasser get system [--system-name [SYSTEM_NAME]] [--system-owner [SYSTEM_OW...
95
- - emasser get systems [options] ...
96
- - emasser get test_results ...
97
-
98
- - Preceding any command with `help` provides help for the command
99
-
100
- ```
134
+ - Preceding any command with `help` provides help for the command. The following command would list all available sub-commands and options for the `get artifacts` endpoint command.
135
+ ```bash
101
136
  $ bundle exec exe/emasser get help artifacts
137
+ commands:
138
+ emasser get artifacts export --filename=FILENAME --systemId=N # Get artifa...
139
+ emasser get artifacts forSystem --systemId=N # Get all sy...
140
+ emasser get artifacts help [COMMAND] # Describe s...
102
141
  ```
103
- would list all available sub-commands and options for the `get artifacts` endpoint commands:
104
- - emasser get artifacts export --filename=FILENAME --systemId=N # Get artifa...
105
- - emasser get artifacts help [COMMAND] # Describe s...
106
- - emasser get artifacts system --systemId=N # Get all sy...
107
-
108
- - Using `help` after any command lists all available options
109
-
110
- ```
142
+ - Using `help` after any command lists all available options. The following command would list all available options for the `get artifacts export` endpoint command.
143
+ ```bash
111
144
  $ bundle exec exe/emasser get artifacts help export
112
- ```
113
- would list all available options for the `get artifacts export` endpoint command:
114
- - Usage:
115
- - emasser get artifacts export --filename=FILENAME --systemId=N
116
- - Options:
117
- - --systemId=N # A numeric value representing the system identification
118
- - --filename=FILENAME # The artifact file name
119
- - --compress # BOOLEAN - true or false.
145
+ Usage:
146
+ emasser get artifacts export --filename=FILENAME --systemId=N
120
147
 
121
- **The same format is applicable to POST, PUT and DELETE requests as well, however there may be additional help content**
148
+ Options:
149
+ --systemId=N # A numeric value representing the system identification
150
+ --filename=FILENAME # The artifact file name
151
+ [--compress], [--no-compress] # BOOLEAN - true or false.
152
+ ```
153
+ **The same format is applicable for POST, PUT and DELETE requests as well, however there may be additional help content**
122
154
 
123
155
 
124
156
  ## Usage - GET
125
157
 
126
- ### ```get test connection```
127
- [top](#api-endpoints-provided)
128
-
158
+ ### ```get test connection```
129
159
  ---
130
160
  The Test Connection endpoint provides the ability to verify connection to the web service.
131
161
 
132
162
  $ bundle exec exe/emasser get test connection
133
163
 
134
164
  A return of success from the call indicates that the CLI can reach the configure server URL.
135
- References [Required Environment Variables](#required-environment-variables) list above.
165
+ References [Required Environment Variables](#required-environment-variables) for the necessary environment variables.
136
166
 
137
- ### ```get system```
138
167
  [top](#api-endpoints-provided)
139
168
 
169
+ ### ```get system```
170
+
140
171
  ---
141
- The `get system id` is a notified call by the CLI to find a system ID based on the system `name` or `owner`
172
+ The `get system` command is not a sanctioned eMASS endpoint, it makes use of the `get systems` endpoint with added business logic.
142
173
 
143
- The `get system byId` is an eMASS GET request
174
+ There are two commands provided by the get system:
175
+
176
+ - The `get system id` - returns system ID's based on the system `name` or `owner`
177
+ - The `get system byId` - returns the system content for parameter system ID
144
178
 
145
179
  ### get system id
146
180
  Retrieves a system identification based on the SYSTEM_NAME (name) or SYSTEM_OWNER (systemOwner) fields.
147
181
 
148
- **NOTE** This call is based on the /api/systems endpoint
149
-
150
- To invoke the `get system` use the following command:
182
+ To invoke the `get system id` use the following command:
151
183
 
152
184
  $ bundle exec exe/emasser get system id --system_name "system name" --system_owner "system owner"
153
185
 
@@ -157,7 +189,7 @@ If using a platform that has `awk` installed the following command can be used t
157
189
 
158
190
 
159
191
  ### get system byId
160
- To view a system by its identification (Id) use the following command:
192
+ Retrieves the system content for provided identification (ID) number. To invoke the endpoint use the following command:
161
193
 
162
194
  $ bundle exec exe/emasser get system byId
163
195
 
@@ -174,14 +206,16 @@ To view a system by its identification (Id) use the following command:
174
206
  |--includePackage |BOOLEAN - true or false |
175
207
  |--policy |Possible values: diacap, rmf, reporting |
176
208
 
209
+ [top](#api-endpoints-provided)
177
210
 
178
211
  ### ```get systems```
179
- [top](#api-endpoints-provided)
180
212
 
181
213
  ----
182
- To view systems use the following command:
183
-
214
+ To retrieve controls use the following command:
215
+ - all - Retrieves all available systems
216
+ ```
184
217
  $ bundle exec exe/emasser get systems all
218
+ ```
185
219
 
186
220
  - Optional parameters are:
187
221
 
@@ -194,12 +228,11 @@ To view systems use the following command:
194
228
  |--includePackage |BOOLEAN - true or false |
195
229
  |--policy |Possible values: diacap, rmf, reporting |
196
230
  |--registrationType |Possible values: assessAndAuthorize, assessOnly, guest, regular, functional, |
197
- | | loudServiceProvider, commonControlProvider |
231
+ | | cloudServiceProvider, commonControlProvider |
198
232
  |--reportsForScorecard |BOOLEAN - true or false |
199
233
 
200
-
201
- ### ```get roles```
202
234
  [top](#api-endpoints-provided)
235
+ ### ```get roles```
203
236
 
204
237
  ----
205
238
  There are two get endpoints for system roles:
@@ -225,12 +258,11 @@ There are two get endpoints for system roles:
225
258
  |--policy |Possible values: diacap, rmf, reporting |
226
259
  |--includeDecommissioned |BOOLEAN - true or false |
227
260
 
228
-
229
- ### ```get controls```
230
261
  [top](#api-endpoints-provided)
262
+ ### ```get controls```
231
263
 
232
264
  ----
233
- To view controls use the following command:
265
+ To retrieve controls use the following command:
234
266
 
235
267
  $ bundle exec exe/emasser get controls forSystem --systemId=SYSTEMID
236
268
 
@@ -246,12 +278,11 @@ To view controls use the following command:
246
278
  |-------------|:------------------------------------------|
247
279
  |--acronyms |The system acronym(s) e.g "AC-1, AC-2" - if not provided all controls for systemId are returned |
248
280
 
249
-
250
- ### ```get test_results```
251
281
  [top](#api-endpoints-provided)
282
+ ### ```get test_results```
252
283
 
253
284
  ----
254
- To view test results use the following command:
285
+ To retrieve test results use the following command:
255
286
 
256
287
  $ bundle exec exe/emasser get test_results forSystem --systemId=SYSTEMID
257
288
 
@@ -269,9 +300,8 @@ To view test results use the following command:
269
300
  |--ccis |String - The system CCIS string numerical value |
270
301
  |--latestOnly |BOOLEAN - true or false|
271
302
 
272
-
273
- ### ```get poams```
274
303
  [top](#api-endpoints-provided)
304
+ ### ```get poams```
275
305
 
276
306
  ----
277
307
  There are two get endpoints for system poams:
@@ -307,9 +337,8 @@ There are two get endpoints for system poams:
307
337
  |--systemId |Integer - Unique system identifier |
308
338
  |--poamId |Integer - Unique poam identifier |
309
339
 
310
-
311
- ### ```get milestones```
312
340
  [top](#api-endpoints-provided)
341
+ ### ```get milestones```
313
342
 
314
343
  ----
315
344
  There are two get endpoints for system milestones:
@@ -344,9 +373,8 @@ There are two get endpoints for system milestones:
344
373
  |--poamId |Integer - Unique poam identifier |
345
374
  |--milestoneId |Integer - Unique milestone identifier |
346
375
 
347
-
348
- ### ```get artifacts```
349
376
  [top](#api-endpoints-provided)
377
+ ### ```get artifacts```
350
378
 
351
379
  ----
352
380
  There are two get endpoints that provides the ability to view existing `Artifacts` in a system:
@@ -370,21 +398,26 @@ There are two get endpoints that provides the ability to view existing `Artifact
370
398
  |--ccis |String - The system CCIS string numerical value|
371
399
  |--systemOnly |BOOLEAN - true or false|
372
400
 
401
+
373
402
  - export - Retrieves the file artifacts (if compress is true the file binary contents are returned, otherwise the file textual contents are returned.)
374
- ````
375
- $ bundle exec exe/emasser get artifacts export --systemId=SYSTEMID
376
- ````
403
+ ````
404
+ $ bundle exec exe/emasser get artifacts export --systemId=SYSTEMID
405
+ ````
377
406
  - required parameters are:
378
407
 
379
408
  |parameter | type or values |
380
409
  |-------------|:----------------------------------|
381
410
  |--systemId |Integer - Unique system identifier |
382
411
  |--filename |The artifact file name |
412
+
413
+ - optional parameter is:
414
+
415
+ |parameter | type or values |
416
+ |-------------|:----------------------------------|
383
417
  |--compress |BOOLEAN - true or false. |
384
418
 
385
-
386
- ### ```get cac```
387
419
  [top](#api-endpoints-provided)
420
+ ### ```get cac```
388
421
 
389
422
  ----
390
423
  To view one or many Control Approval Chain (CAC) in a system specified system ID use the following command:
@@ -403,9 +436,8 @@ To view one or many Control Approval Chain (CAC) in a system specified system ID
403
436
  |-------------------------------|:----------------------------------------------|
404
437
  |--controlAcronyms |String - The system acronym(s) e.g "AC-1, AC-2"|
405
438
 
406
-
407
- ### ```get pac```
408
439
  [top](#api-endpoints-provided)
440
+ ### ```get pac```
409
441
 
410
442
  ----
411
443
  To view one or many Package Approval Chain (PAC) in a system specified system ID use the following command:
@@ -419,24 +451,22 @@ To view one or many Package Approval Chain (PAC) in a system specified system ID
419
451
  |-------------|:----------------------------------|
420
452
  |--systemId |Integer - Unique system identifier |
421
453
 
422
-
423
- ### ```get cmmc```
424
454
  [top](#api-endpoints-provided)
455
+ ### ```get cmmc```
425
456
 
426
457
  ----
427
458
  To view Cybersecurity Maturity Model Certification (CMMC) Assessments use the following command:
428
459
 
429
460
  $ bundle exec exe/emasser get workflow_definitions forSite --sinceDate=SINCEDATE
430
461
 
431
- - Required parameters are:
462
+ - Required parameter is:
432
463
 
433
464
  |parameter | type or values |
434
465
  |----------------|:--------------------------------------|
435
466
  |--sinceDate |Date - The CMMC date. Unix date format |
436
467
 
437
-
438
- ### ```get workflow_definitions```
439
468
  [top](#api-endpoints-provided)
469
+ ### ```get workflow_definitions```
440
470
 
441
471
  ----
442
472
  To view Workflow Definitions use the following command:
@@ -449,23 +479,17 @@ To view Workflow Definitions use the following command:
449
479
  |---------------------|:----------------------------------------------------------------------------|
450
480
  |--includeInactive |BOOLEAN - true or false |
451
481
  |--registrationType |Possible values: assessAndAuthorize, assessOnly, guest, regular, functional, |
452
- | | loudServiceProvider, commonControlProvider |
453
-
482
+ | | cloudServiceProvider, commonControlProvider |
454
483
 
455
- ### ```get workflow_instances```
456
484
  [top](#api-endpoints-provided)
485
+ ### ```get workflow_instances```
457
486
 
458
487
  ----
459
488
  There are two get endpoints to view workflow instances:
460
- - forSystem
461
- $ bundle exec exe/emasser get workflow_instances forSystem --systemId=SYSTEMID
462
-
463
- - required parameter is:
464
-
465
- |parameter | type or values |
466
- |-------------|:----------------------------------|
467
- |--systemId |Integer - Unique system identifier |
468
-
489
+ - all
490
+ ```
491
+ $ bundle exec exe/emasser get workflow_instances all
492
+ ```
469
493
  - Optional parameters are:
470
494
 
471
495
  |parameter | type or values |
@@ -476,21 +500,106 @@ There are two get endpoints to view workflow instances:
476
500
  |--status |Possible values: active, inactive, all |
477
501
 
478
502
  - byWorkflowInstanceId
479
- $ bundle exec exe/emasser get workflow_instances byWorkflowInstanceId --systemId=SYSTEMID --workflowInstanceId=--WORKFLOWID
480
-
503
+ ```
504
+ $ bundle exec exe/emasser get workflow_instances byWorkflowInstanceId --workflowInstanceId=WORKFLOWID
505
+ ```
481
506
  - required parameter is:
482
507
 
483
508
  |parameter | type or values |
484
509
  |---------------------|:---------------------------------------------|
485
- |--systemId |Integer - Unique system identifier |
486
510
  |--workflowInstanceId |Integer - Unique workflow instance identifier |
487
511
 
512
+ [top](#api-endpoints-provided)
513
+ ### ```get dashboards```
488
514
 
489
- ## Usage - POST
515
+ ----
516
+ The Dashboards endpoints provide the ability to view data contained in dashboard exports. In the eMASS front end, these dashboard exports are generated as Excel exports.
517
+
518
+ All endpoint calls utilize the same parameter values, they are:
519
+ - Required parameter is:
520
+
521
+ |parameter | type or values |
522
+ |--------------|:------------------------------------------------|
523
+ |--orgId |Integer - The organization identification number |
524
+
525
+ - Optional parameters are:
526
+
527
+ |parameter | type or values |
528
+ |-------------|:--------------------------------------------------------------|
529
+ |--pageIndex |Integer - The index of the starting page (default first page 0)|
530
+ |--pageSize |Integer - The number of entries per page (default 20000) |
531
+
532
+ Available commands are:
533
+ - Get systems status detail dashboard information
534
+ ```
535
+ $ bundle exec exe/emasser get status_details --orgId=ORGID
536
+ ```
537
+ - Get systems control compliance summary dashboard information
538
+ ```
539
+ $ bundle exec exe/emasser get control_compliance_summary --orgId=ORGID
540
+ ```
541
+ - Get systems security control details dashboard information
542
+ ```
543
+ $ bundle exec exe/emasser get security_control_details --orgId=ORGID
544
+ ```
545
+ - Get systems assessment procedures details dashboard information
546
+ ```
547
+ $ bundle exec exe/emasser get assessment_procedures_details --orgId=ORGID
548
+ ```
549
+ - Get systems POA&Ms summary dashboard information
550
+ ```
551
+ $ bundle exec exe/emasser get poam_summary --orgId=ORGID
552
+ ```
553
+ - Get system POA&Ms details dashboard information
554
+ ```
555
+ $ bundle exec exe/emasser get poam_details --orgId=ORGID
556
+ ```
557
+ - Get system hardware summary dashboard information
558
+ ```
559
+ $ bundle exec exe/emasser get hardware_summary --orgId=ORGID
560
+ ```
561
+ - Get system hardware details dashboard information
562
+ ```
563
+ $ bundle exec exe/emasser get hardware_details --orgId=ORGID
564
+ ```
565
+ - Get system associations details dashboard information
566
+ ```
567
+ $ bundle exec exe/emasser get associations_details --orgId=ORGID
568
+ ```
569
+ - Get user system assignments details dashboard information
570
+ ```
571
+ $ bundle exec exe/emasser get assignments_details --orgId=ORGID
572
+ ```
573
+ - Get user system privacy summary dashboard information
574
+ ```
575
+ $ bundle exec exe/emasser get privacy_summary --orgId=ORGID
576
+ ```
577
+ - Get VA OMB-FISMA SAOP summary dashboard information
578
+ ```
579
+ $ bundle exec exe/emasser get fisma_saop_summary --orgId=ORGID
580
+ ```
581
+ - Get VA system A&A summary dashboard information
582
+ ```
583
+ $ bundle exec exe/emasser get va_aa_summary --orgId=ORGID
584
+ ```
585
+ - Get VA system A2.0 summary dashboard information
586
+ ```
587
+ $ bundle exec exe/emasser get va_a2_summary --orgId=ORGID
588
+ ```
589
+ - Get VA System P.L. 109 reporting summary dashboard information
590
+ ```
591
+ $ bundle exec exe/emasser get va_pl_109_summary --orgId=ORGID
592
+ ```
593
+ - Get VA system FISMA inventory summary dashboard information
594
+ ```
595
+ $ bundle exec exe/emasser get fisma_inventory_summary --orgId=ORGID
596
+ ```
490
597
 
491
- ### ``post test_results``
492
598
  [top](#api-endpoints-provided)
493
599
 
600
+ ## Usage - POST
601
+
602
+ ### ``post test_results``
494
603
  ---
495
604
  Test Result add (POST) endpoint API business rules.
496
605
 
@@ -531,11 +640,9 @@ For information at the command line use:
531
640
  ```
532
641
  $ bundle exec exe/emasser post test_results help add
533
642
  ```
534
-
643
+ [top](#post)
535
644
 
536
645
  ### ``post poams``
537
- [top](#api-endpoints-provided)
538
-
539
646
  ---
540
647
  Plan of Action and Milestones (POA&M) add (POST) endpoint API business rules.
541
648
 
@@ -573,19 +680,23 @@ Business logic, the following rules apply when adding POA&Ms
573
680
  - If the Security Control or Assessment Procedure does not exist in the system we may have to just import POA&M Item at the System Level.
574
681
 
575
682
 
576
- The following parameters/fields have the following character limitations:
577
- - POA&M Item cannot be saved if the Point of Contact fields exceed 100 characters:
578
- - Office / Organization (pocOrganization)
579
- - First Name (pocFirstName)
580
- - Last Name (pocLastName)
581
- - Email (email)
582
- - Phone Number (pocPhoneNumber)
583
- - POA&M Items cannot be saved if Mitigation field (mitigation) exceeds 2000 characters.
584
- - POA&M Items cannot be saved if Source Identifying Vulnerability field exceeds 2000 characters.
585
- - POA&M Items cannot be saved if Comments (comments) field exceeds 2000 characters
586
- - POA&M Items cannot be saved if Resource (resource) field exceeds 250 characters.
587
- - POA&M Items cannot be saved if Milestone Description exceeds 2000 characters.
588
-
683
+ The following POA&M parameters/fields have the following character limitations:
684
+ - Fields that can not exceed 100 characters:
685
+ - Office / Organization (`pocOrganization`)
686
+ - First Name (`pocFirstName`)
687
+ - Last Name (`pocLastName`)
688
+ - Email (`email`)
689
+ - Phone Number (`pocPhoneNumber`)
690
+ - External Unique ID (`externalUid`)
691
+ - Fields that can not exceed 250 characters:
692
+ - Resource (`resource`)
693
+ - Fields have can not exceed 2000 character:
694
+ - Vulnerability Description (`vulnerabilityDescription`)
695
+ - Source Identifying Vulnerability (`sourceIdentVuln`)
696
+ - Recommendations (`recommendations`)
697
+ - Risk Accepted Comments (`comments`)
698
+ - Milestone Description (`description`)
699
+ - Mitigation Justification (`mitigation`)
589
700
 
590
701
  To add (POST) POA&Ms use the following command:
591
702
  ```
@@ -604,30 +715,30 @@ $ bundle exec exe/emasser post poams add --systemId [value] --status [value] --v
604
715
  Client API parameters/fields (required, conditional, and optional).
605
716
  - required parameter are:
606
717
 
607
- |parameter | type or values |
608
- |---------------------------|:-----------------------------------------------------------------------|
609
- |--systemId |Integer - Unique system identifier |
610
- |--status |Possible Values: Ongoing,Risk Accepted,Completed,Not Applicable |
611
- |--vulnerabilityDescription |String - Vulnerability description for the POA&M Item. 2000 Characters |
612
- |--sourceIdentVuln |String - Include Source Identifying Vulnerability text. 2000 Characters |
613
- |--pocOrganization |String - Organization/Office represented. 100 Characters |
614
- |--resources |String - List of resources used. Character Limit = 250 |
718
+ |parameter | type or values |
719
+ |---------------------------|:---------------------------------------------------------------|
720
+ |--systemId |Integer - Unique system identifier |
721
+ |--status |Possible Values: Ongoing,Risk Accepted,Completed,Not Applicable |
722
+ |--vulnerabilityDescription |String - Vulnerability description for the POA&M Item |
723
+ |--sourceIdentVuln |String - Include Source Identifying Vulnerability text |
724
+ |--pocOrganization |String - Organization/Office represented |
725
+ |--resources |String - List of resources used. Character Limit = 250 |
615
726
 
616
727
  ** If any poc information is provided all POC fields are required. See additional details for POC fields below.
617
728
 
618
729
  - conditional parameters are:
619
730
 
620
- |parameter | type or values |
621
- |--------------------------|:--------------------------------------------------------------------------------------|
622
- |--milestones |JSON - see milestone format |
623
- |--pocFirstName |String - First name of POC. 100 Characters |
624
- |--pocLastName |String - Last name of POC. 100 Characters |
625
- |--pocEmail |String - Email address of POC. 100 Characters |
626
- |--pocPhoneNumber |String - Phone number of POC (area code) ***-**** format. 100 Characters |
627
- |--severity |Possible values - Very Low, Low, Moderate, High, Very High |
628
- |--scheduledCompletionDate |Date - Required for ongoing and completed POA&M items. Unix time format |
629
- |--completionDate |Date - Field is required for completed POA&M items. Unix time format |
630
- |--comments |String - Field is required for completed and risk accepted POA&M items. 2000 Characters|
731
+ |parameter | type or values |
732
+ |--------------------------|:------------------------------------------------------------------------|
733
+ |--milestones |JSON - see milestone format |
734
+ |--pocFirstName |String - First name of POC |
735
+ |--pocLastName |String - Last name of POC |
736
+ |--pocEmail |String - Email address of POC |
737
+ |--pocPhoneNumber |String - Phone number of POC (area code) ***-**** format |
738
+ |--severity |Possible values - Very Low, Low, Moderate, High, Very High |
739
+ |--scheduledCompletionDate |Date - Required for ongoing and completed POA&M items. Unix time format |
740
+ |--completionDate |Date - Field is required for completed POA&M items. Unix time format |
741
+ |--comments |String - Field is required for completed and risk accepted POA&M items. |
631
742
 
632
743
  ** If a POC email is supplied, the application will attempt to locate a user already registered within the application and pre-populate any information not explicitly supplied in the request. If no such user is found, these fields are required within the request:
633
744
  pocFirstName, pocLastName, pocPhoneNumber
@@ -639,7 +750,7 @@ Client API parameters/fields (required, conditional, and optional).
639
750
 
640
751
  |parameter | type or values |
641
752
  |--------------------|:-----------------------------------------------------------------------------------------|
642
- |--externalUid |String - External unique identifier for use with associating POA&M Items. 100 Characters |
753
+ |--externalUid |String - External unique identifier for use with associating POA&M Items |
643
754
  |--controlAcronym |String - Control acronym associated with the POA&M Item. NIST SP 800-53 Revision 4 defined|
644
755
  |--cci |String - CCI associated with the test result |
645
756
  |--securityChecks |String - Security Checks that are associated with the POA&M |
@@ -649,8 +760,8 @@ Client API parameters/fields (required, conditional, and optional).
649
760
  |--impact |Possible values: Very Low, Low, Moderate, High, Very High |
650
761
  |--impactDescription |String - Include description of Security Control’s impact |
651
762
  |--residualRiskLevel |Possible values: Very Low, Low, Moderate, High, Very High |
652
- |--recommendations |String - Include recommendations. Character Limit 2,000 |
653
- |--mitigation |String - Include mitigation explanation. 2000 Characters |
763
+ |--recommendations |String - Include recommendations |
764
+ |--mitigation |String - Include mitigation explanation |
654
765
 
655
766
 
656
767
  **Note**
@@ -658,11 +769,9 @@ For information at the command line use:
658
769
  ```
659
770
  $ bundle exec exe/emasser post poams help add
660
771
  ```
661
-
772
+ [top](#post)
662
773
 
663
774
  ### ``post milestones``
664
- [top](#api-endpoints-provided)
665
-
666
775
  ---
667
776
  To add (POST) milestones in a system for one or more POA&M items use the following command:
668
777
 
@@ -684,11 +793,9 @@ For information at the command line use:
684
793
  ```
685
794
  $ bundle exec exe/emasser post milestones help add
686
795
  ```
687
-
796
+ [top](#post)
688
797
 
689
798
  ### ``post artifacts``
690
- [top](#api-endpoints-provided)
691
-
692
799
  ---
693
800
  The add (POST) artifacts endpoint accepts a single binary file with file extension.zip only. The command line (CI) reads the files provided and zips them before sending to eMASS.
694
801
 
@@ -745,11 +852,9 @@ For information at the command line use:
745
852
  ```
746
853
  $ bundle exec exe/emasser post artifacts help upload
747
854
  ```
748
-
855
+ [top](#post)
749
856
 
750
857
  ### ``post cac``
751
- [top](#api-endpoints-provided)
752
-
753
858
  ----
754
859
  Submit control to second role of CAC
755
860
 
@@ -779,11 +884,9 @@ For information at the command line use:
779
884
  ```
780
885
  $ bundle exec exe/emasser post cac help add
781
886
  ```
782
-
887
+ [top](#post)
783
888
 
784
889
  ### ``post pac``
785
- [top](#api-endpoints-provided)
786
-
787
890
  ----
788
891
  Submit control to second role of CAC
789
892
 
@@ -799,20 +902,17 @@ To add (POST) test PAC use the following command:
799
902
  |--systemId |Integer - Unique system identifier |
800
903
  |--workflow |Possible Values: Assess and Authorize, Assess Only, Security Plan Approval |
801
904
  |--name |String - Package name. 100 Characters |
802
- |--comments |Strings - Comments submitted upon initiation of the indicated workflow, 4,000 character|
905
+ |--comments |String - Comments submitted upon initiation of the indicated workflow, 4,000 character|
803
906
 
804
907
  **Note**
805
908
  For information at the command line use:
806
909
  ```
807
910
  $ bundle exec exe/emasser post pac help add
808
911
  ```
809
-
912
+ [top](#post)
810
913
 
811
914
  ### ``post static_code_scan``
812
- [top](#api-endpoints-provided)
813
-
814
915
  ----
815
-
816
916
  To add (POST) static code scans use the following command:
817
917
 
818
918
  ````
@@ -858,12 +958,139 @@ For information at the command line use:
858
958
  ```
859
959
  $ bundle exec exe/emasser post scan_findings help add
860
960
  ```
961
+ [top](#post)
962
+
963
+ ### ```post cloud_resource```
964
+ ---
965
+
966
+ The following Cloud Resource parameters/fields have the following character limitations:
967
+ - Fields that can not exceed 50 characters:
968
+ - Policy Deployment Version (`policyDeploymentVersion`)
969
+ - Fields that can not exceed 100 characters:
970
+ - Assessment Procedure (`assessmentProcedure`)
971
+ - Security Control Acronym (`control`)
972
+ - CSP Account ID (`cspAccountId`)
973
+ - CSP Region (`cspRegion`)
974
+ - Email of POC (`initiatedBy`)
975
+ - Cloud Service Provider (`provider`)
976
+ - Type of Cloud resource (`resourceType`)
977
+ - Fields that can not exceed 500 characters:
978
+ - CSP/Resource’s Policy ID (`cspPolicyDefinitionId`)
979
+ - Policy Deployment Name (`policyDeploymentName`)
980
+ - Policy Compliance ID (`resourceId`)
981
+ - Cloud Resource Name (`resourceName`)
982
+ - Fields that can not exceed 1000 characters:
983
+ - Reason for Compliance (`complianceReason`)
984
+ - Fields that can not exceed 2000 characters:
985
+ - Policy Short Title (`policyDefinitionTitle`)
986
+
987
+ To add a cloud resource and their scan results in the assets module for a system use the following command:
988
+ ````
989
+ $ bundle exec exe/emasser post cloud_resource add --systemId [value] --provider [value] --resourceId [value] --resourceName [value] --resourceType [value] --cspPolicyDefinitionId [value] --isCompliant or --is-not-Compliant --policyDefinitionTitle [value] --test [value]
990
+ ````
991
+ - required parameter are:
992
+
993
+ |parameter | type or values |
994
+ |------------------------|:--------------------------------------------------------------------------|
995
+ |--systemId |Integer - Unique system identifier |
996
+ |--provider |string - Cloud service provider name |
997
+ |--resourceId |String - Unique identifier/resource namespace for policy compliance result |
998
+ |--resourceName |String - Friendly name of Cloud resource |
999
+ |--resourceType |String - Type of Cloud resource |
1000
+ |--cspPolicyDefinitionId |String - Unique identifier/compliance namespace for CSP/Resource\'s policy definition/compliance check|
1001
+ |--isCompliant | Boolean - Compliance status of the policy for the identified cloud resource |
1002
+ |--policyDefinitionTitle | String - Friendly policy/compliance check title. Recommend short title |
1003
+
1004
+ - optional parameters are:
1005
+
1006
+ |parameter | type or values |
1007
+ |-------------------|:------------------------------------------------------|
1008
+ |--initiatedBy |String - Person initiating the process email address |
1009
+ |--cspAccountId |String - System/owner\'s CSP account ID/number |
1010
+ |--cspRegion |String - CSP region of system |
1011
+ |--isBaseline |Boolean - Flag that indicates in results is a baseline |
1012
+ |Tags Object (tags)|
1013
+ |--text | String - Text that specifies the tag type |
1014
+ |Compliance Results Array Objects (complianceResults)|
1015
+ |--assessmentProcedure |String - Comma separated correlation to Assessment Procedure (i.e. CCI number for DoD Control Set) |
1016
+ |--complianceCheckTimestamp |Date - The compliance check date - Unix time format |
1017
+ |--complianceReason |String - Reason/comments for compliance result |
1018
+ |--control |String - Comma separated correlation to Security Control (e.g. exact NIST Control acronym) |
1019
+ |--policyDeploymentName |String - Name of policy deployment |
1020
+ |--policyDeploymentVersion |String - Version of policy deployment |
1021
+ |--severity |Possible Values: Low, Medium, High, Critical |
1022
+
1023
+
1024
+ **Note**
1025
+ For information at the command line use:
1026
+ ```
1027
+ $ bundle exec exe/emasser post cloud_resource help add
1028
+ ```
1029
+
1030
+ [top](#post)
1031
+
1032
+
1033
+ ### ```post container```
1034
+ ---
1035
+ The following Container parameters/fields have the following character limitations:
1036
+ - Fields that can not exceed 100 characters:
1037
+ - STIG Benchmark ID (`benchmark`)
1038
+ - Container Namespace (`namespace`)
1039
+ - Kubernetes assigned IP (`podIp`)
1040
+ - Kubernetes Pod Name) (`podName`)
1041
+ - Fields that can not exceed 500 characters:
1042
+ - Container ID (`containerId`)
1043
+ - Friendly Container Name (`containerName`)
1044
+ - Fields that can not exceed 1000 characters:
1045
+ - Result Comments (`message`)
1046
+
1047
+
1048
+
1049
+ To add containers and their scan results in the assets module for a system use the following command:
1050
+ ````
1051
+ $ bundle exec ruby exe/emasser post container add --systemId [value] --containerId [value] --containerName [value] --time [value] --benchmark [value] --lastSeen [value] --ruleId [value] --status [value]
1052
+
1053
+ ````
1054
+
1055
+ - required parameter are:
1056
+
1057
+ |parameter | type or values |
1058
+ |------------------------|:--------------------------------------------------------------------------|
1059
+ |--systemId |Integer - Unique system identifier |
1060
+ |--containerId |String - Unique identifier of the container |
1061
+ |--containerName |String - Friendly name of the container |
1062
+ |--time |Date - Datetime of scan/result. Unix date format |
1063
+ |Bench Marks Object (benchmarks)|
1064
+ |--benchmark |String - Identifier of the benchmark/grouping of compliance results |
1065
+ |benchmarks.results |Object
1066
+ |--ruleId |String - Identifier for the compliance result, vulnerability, etc.
1067
+ |--status |String - Benchmark result status
1068
+ |--lastSeen |Date - Date last seen, Unix date format
1069
+
1070
+ - optional parameters are:
1071
+
1072
+ |parameter | type or values |
1073
+ |----------------------------|:------------------------------------------------------|
1074
+ |--podName |String - Name of pod (e.g. Kubernetes pod) |
1075
+ |--podIp |String - IP address of pod |
1076
+ |--namespace |String - Namespace of container in container orchestration (e.g. Kubernetes namespace)|
1077
+ |Tags Object (tags)|
1078
+ |--text | String - Text that specifies the tag type |
1079
+ |Bench Marks Object (benchmarks)
1080
+ |--isBaseline |Boolean - True/false flag for providing results as baseline. If true, all existing compliance results for the provided benchmark within the container will be replaced by results in the current call|
1081
+ |benchmarks.results |Object
1082
+ |--message |String - Comments for the result
861
1083
 
1084
+ **Note**
1085
+ For information at the command line use:
1086
+ ```
1087
+ $ bundle exec exe/emasser post container help add
1088
+ ```
1089
+ [top](#post)
862
1090
 
863
1091
  ## Usage - PUT
864
1092
 
865
1093
  ### ``put controls``
866
- [top](#api-endpoints-provided)
867
1094
 
868
1095
  ----
869
1096
  Business Rules
@@ -882,16 +1109,16 @@ Implementation Plan cannot be updated if a Security Control is "Inherited" excep
882
1109
 
883
1110
  The following parameters/fields have the following character limitations:
884
1111
  - Implementation Plan information cannot be saved if the fields below exceed 2,000 character limits:
885
- - N/A Justification (naJustification)
886
- - Responsible Entities (responsibleEntities)
887
- - Implementation Narrative (implementationNarrative)
888
- - Criticality (slcmCriticality)
889
- - Reporting (slcmReporting)
890
- - Tracking (slcmTracking)
891
- - Vulnerability Summary (vulnerabilitySummary)
892
- - Recommendations (recommendations)
1112
+ - N/A Justification (`naJustification`)
1113
+ - Responsible Entities (`responsibleEntities`)
1114
+ - Implementation Narrative (`implementationNarrative`)
1115
+ - Criticality (`slcmCriticality`)
1116
+ - Reporting (`slcmReporting`)
1117
+ - Tracking (`slcmTracking`)
1118
+ - Vulnerability Summary (`vulnerabilitySummary`)
1119
+ - Recommendations (`recommendations`)
893
1120
  - Implementation Plan information cannot be saved if the fields below exceed 4,000 character limits:
894
- - SLCM Comments (slcmComments)
1121
+ - SLCM Comments (`slcmComments`)
895
1122
 
896
1123
  Implementation Plan information cannot be updated if Security Control does not exist in the system record.
897
1124
 
@@ -943,10 +1170,9 @@ For information at the command line use:
943
1170
  ```
944
1171
  $ bundle exec exe/emasser put controls help update
945
1172
  ```
946
-
1173
+ [top](#put)
947
1174
 
948
1175
  ### ``put poams``
949
- [top](#api-endpoints-provided)
950
1176
 
951
1177
  ----
952
1178
  Business Rules
@@ -996,6 +1222,26 @@ The following parameters/fields have the following character limitations:
996
1222
  - POA&M Item cannot be saved if Resource field (resource) exceeds 250 characters.
997
1223
  - POA&M Items cannot be saved if Milestone Description (description) exceeds 2,000 characters.
998
1224
 
1225
+
1226
+ The following POA&M parameters/fields have the following character limitations:
1227
+ - Fields that can not exceed 100 characters:
1228
+ - Office / Organization (`pocOrganization`)
1229
+ - First Name (`pocFirstName`)
1230
+ - Last Name (`pocLastName`)
1231
+ - Email (`email`)
1232
+ - Phone Number (`pocPhoneNumber`)
1233
+ - External Unique ID (`externalUid`)
1234
+ - Fields that can not exceed 250 characters:
1235
+ - Resource (`resource`)
1236
+ - Fields have can not exceed 2000 character:
1237
+ - Vulnerability Description (`vulnerabilityDescription`)
1238
+ - Source Identifying Vulnerability (`sourceIdentVuln`)
1239
+ - Recommendations (`recommendations`)
1240
+ - Risk Accepted Comments (`comments`)
1241
+ - Milestone Description (`description`)
1242
+ - Mitigation Justification (`mitigation`)
1243
+
1244
+
999
1245
  ---
1000
1246
  Updating (PUT) a POA&M can be accomplished by invoking the following command:
1001
1247
  ````
@@ -1003,32 +1249,32 @@ Updating (PUT) a POA&M can be accomplished by invoking the following command:
1003
1249
  ````
1004
1250
  - required parameter are:
1005
1251
 
1006
- |parameter | type or values |
1007
- |---------------------------|:-----------------------------------------------------------------------|
1008
- |--systemId |Integer - Unique system identifier |
1009
- |--displayPoamId |Integer - Globally unique identifier for individual POA&M Items |
1010
- |--status |Possible Values: Ongoing,Risk Accepted,Completed,Not Applicable |
1011
- |--vulnerabilityDescription |String - Vulnerability description for the POA&M Item. 2000 Characters |
1012
- |--sourceIdentVuln |String - Include Source Identifying Vulnerability text. 2000 Characters |
1013
- |--pocOrganization |String - Organization/Office represented. 100 Characters |
1014
- |--resources |String - List of resources used. Character Limit = 250 |
1252
+ |parameter | type or values |
1253
+ |---------------------------|:---------------------------------------------------------------|
1254
+ |--systemId |Integer - Unique system identifier |
1255
+ |--displayPoamId |Integer - Globally unique identifier for individual POA&M Items |
1256
+ |--status |Possible Values: Ongoing,Risk Accepted,Completed,Not Applicable |
1257
+ |--vulnerabilityDescription |String - Vulnerability description for the POA&M Item |
1258
+ |--sourceIdentVuln |String - Include Source Identifying Vulnerability text |
1259
+ |--pocOrganization |String - Organization/Office represented |
1260
+ |--resources |String - List of resources used. Character Limit = 250 |
1015
1261
 
1016
1262
  ** If any poc information is provided all POC fields are required. See additional details for POC fields below.
1017
1263
 
1018
1264
  - conditional parameters are:
1019
1265
 
1020
- |parameter | type or values |
1021
- |--------------------------|:--------------------------------------------------------------------------------------|
1022
- |--milestones |JSON - see milestone format |
1023
- |--pocFirstName |String - First name of POC. 100 Characters |
1024
- |--pocLastName |String - Last name of POC. 100 Characters |
1025
- |--pocEmail |String - Email address of POC. 100 Characters |
1026
- |--pocPhoneNumber |String - Phone number of POC (area code) ***-**** format. 100 Characters |
1027
- |--severity |Possible values - Very Low, Low, Moderate, High, Very High |
1028
- |--scheduledCompletionDate |Date - Required for ongoing and completed POA&M items. Unix time format |
1029
- |--completionDate |Date - Field is required for completed POA&M items. Unix time format |
1030
- |--comments |String - Field is required for completed and risk accepted POA&M items. 2000 Characters|
1031
- |--isActive |Boolean - Used to delete milestones when updating a POA&M |
1266
+ |parameter | type or values |
1267
+ |--------------------------|:-----------------------------------------------------------------------|
1268
+ |--milestones |JSON - see milestone format |
1269
+ |--pocFirstName |String - First name of POC |
1270
+ |--pocLastName |String - Last name of POC |
1271
+ |--pocEmail |String - Email address of POC |
1272
+ |--pocPhoneNumber |String - Phone number of POC (area code) ***-**** format |
1273
+ |--severity |Possible values - Very Low, Low, Moderate, High, Very High |
1274
+ |--scheduledCompletionDate |Date - Required for ongoing and completed POA&M items. Unix time format |
1275
+ |--completionDate |Date - Field is required for completed POA&M items. Unix time format |
1276
+ |--comments |String - Field is required for completed and risk accepted POA&M items |
1277
+ |--isActive |Boolean - Used to delete milestones when updating a POA&M |
1032
1278
 
1033
1279
  ** If a POC email is supplied, the application will attempt to locate a user already registered within the application and pre-populate any information not explicitly supplied in the request. If no such user is found, these fields are required within the request:
1034
1280
  pocFirstName, pocLastName, pocPhoneNumber
@@ -1041,7 +1287,7 @@ Updating (PUT) a POA&M can be accomplished by invoking the following command:
1041
1287
 
1042
1288
  |parameter | type or values |
1043
1289
  |--------------------|:-----------------------------------------------------------------------------------------|
1044
- |--externalUid |String - External unique identifier for use with associating POA&M Items. 100 Characters |
1290
+ |--externalUid |String - External unique identifier for use with associating POA&M Items |
1045
1291
  |--controlAcronym |String - Control acronym associated with the POA&M Item. NIST SP 800-53 Revision 4 defined|
1046
1292
  |--cci |String - CCI associated with the test result |
1047
1293
  |--securityChecks |String - Security Checks that are associated with the POA&M |
@@ -1051,7 +1297,7 @@ Updating (PUT) a POA&M can be accomplished by invoking the following command:
1051
1297
  |--impact |Possible values: Very Low, Low, Moderate, High, Very High |
1052
1298
  |--impactDescription |String - Include description of Security Control’s impact |
1053
1299
  |--residualRiskLevel |Possible values: Very Low, Low, Moderate, High, Very High |
1054
- |--recommendations |String - Include recommendations. Character Limit 2,000 |
1300
+ |--recommendations |String - Include recommendations |
1055
1301
  |--mitigation |String - Include mitigation explanation. 2000 Characters |
1056
1302
 
1057
1303
  **Note**
@@ -1059,10 +1305,9 @@ For information at the command line use:
1059
1305
  ```
1060
1306
  $ bundle exec exe/emasser put poams help update
1061
1307
  ```
1062
-
1308
+ [top](#put)
1063
1309
 
1064
1310
  ### ``put milestones``
1065
- [top](#api-endpoints-provided)
1066
1311
 
1067
1312
  ----
1068
1313
 
@@ -1087,10 +1332,9 @@ For information at the command line use:
1087
1332
  ```
1088
1333
  $ bundle exec exe/emasser put milestones help update
1089
1334
  ```
1090
-
1335
+ [top](#put)
1091
1336
 
1092
1337
  ### ``put artifacts``
1093
- [top](#api-endpoints-provided)
1094
1338
 
1095
1339
  ----
1096
1340
  Business Rules
@@ -1143,12 +1387,11 @@ For information at the command line use:
1143
1387
  ```
1144
1388
  $ bundle exec exe/emasser put artifacts help update
1145
1389
  ```
1146
-
1390
+ [top](#put)
1147
1391
 
1148
1392
  ## Usage - DELETE
1149
1393
 
1150
1394
  ### ``delete poams``
1151
- [top](#api-endpoints-provided)
1152
1395
 
1153
1396
  ----
1154
1397
  Remove one or many poa&m items in a system
@@ -1157,10 +1400,9 @@ To remove (DELETE) one or more POA&M items use the following command:
1157
1400
  ```
1158
1401
  bundle exec exe/emasser delete poams remove --systemId [value] --poamId [value]
1159
1402
  ```
1160
-
1403
+ [top](#delete)
1161
1404
 
1162
1405
  ### ``delete milestones``
1163
- [top](#api-endpoints-provided)
1164
1406
 
1165
1407
  ----
1166
1408
  Remove milestones in a system for one or many POA&M items
@@ -1175,10 +1417,9 @@ To remove (DELETE) one or more Milestones in a system use the following command:
1175
1417
  ```
1176
1418
  bundle exec exe/emasser delete milestones remove--systemId [value] --poamId [value] --milestoneId [value]
1177
1419
  ```
1178
-
1420
+ [top](#delete)
1179
1421
 
1180
1422
  ### ``delete artifacts``
1181
- [top](#api-endpoints-provided)
1182
1423
 
1183
1424
  ---
1184
1425
  Remove one or many artifacts in a system
@@ -1193,3 +1434,4 @@ bundle exec exe/emasser delete artifacts remove --systemId [value] --files [valu
1193
1434
  or
1194
1435
  bundle exec exe/emasser delete artifacts remove --systemId [value] --files [value, value...]
1195
1436
  ```
1437
+ [top](#delete)