emasser 1.0.6 → 3.4.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (61) hide show
  1. checksums.yaml +4 -4
  2. data/.dockerignore +8 -8
  3. data/.env-example +12 -12
  4. data/.github/release-drafter.yml +15 -15
  5. data/.github/workflows/codeql-analysis.yml +70 -70
  6. data/.github/workflows/draft-release.yml +15 -15
  7. data/.github/workflows/gh-pages.yml +32 -32
  8. data/.github/workflows/push-to-docker-mail.yml +28 -28
  9. data/.github/workflows/push-to-docker.yml +35 -35
  10. data/.github/workflows/release.yml +42 -42
  11. data/.github/workflows/rubocop.yml +23 -23
  12. data/.github/workflows/test-cli.yml +72 -72
  13. data/.gitignore +19 -19
  14. data/.mergify.yml +25 -25
  15. data/.rubocop.yml +80 -80
  16. data/.rubocop_todo.yml +27 -27
  17. data/CHANGELOG.md +16 -16
  18. data/Dockerfile +44 -44
  19. data/Gemfile +8 -8
  20. data/Gemfile.lock +104 -104
  21. data/LICENSE.md +15 -15
  22. data/README.md +178 -178
  23. data/Rakefile +18 -18
  24. data/_config.yml +1 -1
  25. data/docs/features.md +1436 -1330
  26. data/docs/redoc/index.html +1230 -1230
  27. data/emasser.gemspec +44 -44
  28. data/exe/emasser +5 -5
  29. data/lib/emasser/cli.rb +37 -37
  30. data/lib/emasser/configuration.rb +49 -49
  31. data/lib/emasser/constants.rb +26 -26
  32. data/lib/emasser/delete.rb +148 -148
  33. data/lib/emasser/errors.rb +14 -14
  34. data/lib/emasser/get.rb +949 -670
  35. data/lib/emasser/help/approvalCac_post_mapper.md +20 -20
  36. data/lib/emasser/help/approvalPac_post_mapper.md +20 -20
  37. data/lib/emasser/help/artifacts_del_mapper.md +9 -9
  38. data/lib/emasser/help/artifacts_post_mapper.md +59 -59
  39. data/lib/emasser/help/artifacts_put_mapper.md +34 -34
  40. data/lib/emasser/help/cloudresource_post_mapper.md +62 -62
  41. data/lib/emasser/help/cmmc_get_mapper.md +4 -4
  42. data/lib/emasser/help/container_post_mapper.md +44 -44
  43. data/lib/emasser/help/controls_put_mapper.md +74 -74
  44. data/lib/emasser/help/milestone_del_mapper.md +11 -11
  45. data/lib/emasser/help/milestone_post_mapper.md +14 -14
  46. data/lib/emasser/help/milestone_put_mapper.md +23 -23
  47. data/lib/emasser/help/poam_del_mapper.md +5 -5
  48. data/lib/emasser/help/poam_post_mapper.md +93 -93
  49. data/lib/emasser/help/poam_put_mapper.md +107 -107
  50. data/lib/emasser/help/staticcode_clear_mapper.md +16 -16
  51. data/lib/emasser/help/staticcode_post_mapper.md +21 -21
  52. data/lib/emasser/help/testresults_post_mapper.md +21 -21
  53. data/lib/emasser/help.rb +11 -11
  54. data/lib/emasser/input_converters.rb +21 -21
  55. data/lib/emasser/options_parser.rb +20 -20
  56. data/lib/emasser/output_converters.rb +111 -111
  57. data/lib/emasser/post.rb +830 -802
  58. data/lib/emasser/put.rb +588 -588
  59. data/lib/emasser/version.rb +5 -5
  60. data/lib/emasser.rb +19 -19
  61. metadata +10 -16
@@ -1,20 +1,20 @@
1
- Submit control to second role of CAC
2
-
3
- Endpoint request parameters/fields
4
-
5
- Field Data Type Details
6
- -------------------------------------------------------------------------------------------------
7
- systemId Integer [Required] Unique system identifier
8
- controlAcronym String [Required] Control acronym associated with the POA&M Item. NIST SP 800-53 Revision 4 defined.
9
- complianceStatus String [Read-Only] Compliance status of the control.
10
- currentStageName String [Read-Only] Current role.
11
- currentStage Integer [Read-Only] Current step in the Control Approval Chain.
12
- totalStages Integer [Read-Only] Total number of steps in Control Approval Chain.
13
- comments* String [Conditional] Comments related to package approval chain. 10,000 Characters.
14
-
15
- *Comments are not a required field at the first role of the CAC but are required at the second
16
- role of the CAC. Comments cannot exceed 10,000 characters.
17
-
18
- Example:
19
-
20
- bundle exec exe/emasser post cac add --systemId [value] --controlAcronym [value] --comments [value]
1
+ Submit control to second role of CAC
2
+
3
+ Endpoint request parameters/fields
4
+
5
+ Field Data Type Details
6
+ -------------------------------------------------------------------------------------------------
7
+ systemId Integer [Required] Unique system identifier
8
+ controlAcronym String [Required] Control acronym associated with the POA&M Item. NIST SP 800-53 Revision 4 defined.
9
+ complianceStatus String [Read-Only] Compliance status of the control.
10
+ currentStageName String [Read-Only] Current role.
11
+ currentStage Integer [Read-Only] Current step in the Control Approval Chain.
12
+ totalStages Integer [Read-Only] Total number of steps in Control Approval Chain.
13
+ comments* String [Conditional] Comments related to package approval chain. 10,000 Characters.
14
+
15
+ *Comments are not a required field at the first role of the CAC but are required at the second
16
+ role of the CAC. Comments cannot exceed 10,000 characters.
17
+
18
+ Example:
19
+
20
+ bundle exec exe/emasser post cac add --systemId [value] --controlAcronym [value] --comments [value]
@@ -1,20 +1,20 @@
1
- Submit system package for review
2
-
3
- Endpoint request parameters/fields
4
-
5
- Field Data Type Details
6
- -------------------------------------------------------------------------------------------------
7
- systemId Integer [Required] Unique system identifier
8
- workflow String [Required] Values include the following: (Assess and Authorize
9
- Assess Only, Security Plan Approval)
10
- name String [Required] Package name. 100 Characters.
11
- comments String [Required] Comments related to package approval chain. 4000 Characters.
12
-
13
- currentRole String [Read-Only] Current role in active package.
14
- currentStep Integer [Read-Only] Current step in the package Approval Chain.
15
- totalSteps Integer [Read-Only] Total number of steps in Package Approval Chain.
16
-
17
-
18
- Example:
19
-
20
- bundle exec exe/emasser post pac add --systemId [value] --workflow [value] --name [value] --comments [value]
1
+ Submit system package for review
2
+
3
+ Endpoint request parameters/fields
4
+
5
+ Field Data Type Details
6
+ -------------------------------------------------------------------------------------------------
7
+ systemId Integer [Required] Unique system identifier
8
+ workflow String [Required] Values include the following: (Assess and Authorize
9
+ Assess Only, Security Plan Approval)
10
+ name String [Required] Package name. 100 Characters.
11
+ comments String [Required] Comments related to package approval chain. 4000 Characters.
12
+
13
+ currentRole String [Read-Only] Current role in active package.
14
+ currentStep Integer [Read-Only] Current step in the package Approval Chain.
15
+ totalSteps Integer [Read-Only] Total number of steps in Package Approval Chain.
16
+
17
+
18
+ Example:
19
+
20
+ bundle exec exe/emasser post pac add --systemId [value] --workflow [value] --name [value] --comments [value]
@@ -1,9 +1,9 @@
1
- Remove one or many artifacts in a system
2
-
3
- Provide single file or a space/comma delimited list of file names to be removed from the system (systemId)
4
-
5
- Example:
6
-
7
- bundle exec exe/emasser delete artifacts remove --systemId [value] --files [value]
8
- or
9
- bundle exec exe/emasser delete artifacts remove --systemId [value] --files [value ... value]
1
+ Remove one or many artifacts in a system
2
+
3
+ Provide single file or a space/comma delimited list of file names to be removed from the system (systemId)
4
+
5
+ Example:
6
+
7
+ bundle exec exe/emasser delete artifacts remove --systemId [value] --files [value]
8
+ or
9
+ bundle exec exe/emasser delete artifacts remove --systemId [value] --files [value ... value]
@@ -1,59 +1,59 @@
1
- Endpoint request parameters/fields
2
-
3
- Field Data Type Details
4
- -------------------------------------------------------------------------------------------------
5
- systemId Integer [Required] Unique eMASS identifier. Will need to provide correct number.
6
- isTemplate Boolean [Required] Indicates whether an artifact is a template.
7
- type* String [Required] Values include the following: (Procedure, Diagram, Policy, Labor,
8
- Document, Image, Other, Scan Result, Auditor Report)
9
- category* String [Required] Values include the following: (Implementation Guidance, Evidence)
10
- files String [Required] File names (to include path) to be uploaded into eMASS as artifacts
11
-
12
- description String [Optional] Artifact description. 2000 Characters.
13
- refPageNumber String [Optional] Artifact reference page number. 50 Characters.
14
- ccis String [Optional] CCIs associated with artifact.
15
- controls String [Optional] Control acronym associated with the artifact. NIST SP 800-53 Revision 4 defined.
16
- artifactExpirationDate Date [Optional] Date Artifact expires and requires review. In Unix Date Format
17
- lastReviewedDate Date [Optional] Date Artifact was last reviewed. In Unix Date Format
18
-
19
- isInherited Boolean [Read-Only] Indicates whether an artifact is inherited.
20
- mimeContentType String [Read-Only] Standard MIME content type derived from file extension.
21
- fileSize String [Read-Only] File size of attached artifact.
22
-
23
- * May also accept custom artifact type or category values set by system administrators.
24
-
25
- The request body of a POST request through the Artifact Endpoint accepts a single binary file with file extension.zip only.
26
-
27
- This accepted .zip file should contain one or more files corresponding to existing artifacts or new artifacts that will be created upon successful receipt.
28
-
29
- Filename uniqueness throughout eMASS will be enforced by the API.
30
-
31
- Upon successful receipt of a file, if a file within the .zip is matched via filename to an artifact existing within the application, the file associated with the artifact will be updated.
32
-
33
- If no artifact is matched via filename to the application, a new artifact will be created with the following default values. Any values not specified below will be blank.
34
- - isTemplate: false
35
- - type: other
36
- - category: evidence
37
-
38
- To update values other than the file itself, please submit a PUT request.
39
-
40
- Business Rules
41
- - Artifact cannot be saved if the file does not have the following file extensions:
42
- - .docx,.doc,.txt,.rtf,.xfdl,.xml,.mht,.mhtml,.html,.htm,.pdf
43
- - .mdb,.accdb,.ppt,.pptx,.xls,.xlsx,.csv,.log
44
- - .jpeg,.jpg,.tiff,.bmp,.tif,.png,.gif
45
- - .zip,.rar,.msg,.vsd,.vsw,.vdx, .z{#}, .ckl,.avi,.vsdx
46
- - Artifact cannot be saved if File Name (fileName) exceeds 1,000 characters
47
- - Artifact cannot be saved if Description (description) exceeds 2,000 characters
48
- - Artifact cannot be saved if Reference Page Number (refPageNumber) exceeds 50 characters
49
- - Artifact cannot be saved if the file does not have an allowable file extension/type.
50
- - Artifact version cannot be saved if an Artifact with the same file name already exist in the system.
51
- - Artifact cannot be saved if the file size exceeds 30MB.
52
- - Artifact cannot be saved if the Last Review Date is set in the future.
53
-
54
-
55
- Example:
56
-
57
- bundle exec exe/emasser post artifacts upload --systemId [value] [--isTemplate or --no-isTemplate] --type [value] --category [value] --files[value...value]
58
-
59
- Note: The example does not list any optional fields
1
+ Endpoint request parameters/fields
2
+
3
+ Field Data Type Details
4
+ -------------------------------------------------------------------------------------------------
5
+ systemId Integer [Required] Unique eMASS identifier. Will need to provide correct number.
6
+ isTemplate Boolean [Required] Indicates whether an artifact is a template.
7
+ type* String [Required] Values include the following: (Procedure, Diagram, Policy, Labor,
8
+ Document, Image, Other, Scan Result, Auditor Report)
9
+ category* String [Required] Values include the following: (Implementation Guidance, Evidence)
10
+ files String [Required] File names (to include path) to be uploaded into eMASS as artifacts
11
+
12
+ description String [Optional] Artifact description. 2000 Characters.
13
+ refPageNumber String [Optional] Artifact reference page number. 50 Characters.
14
+ ccis String [Optional] CCIs associated with artifact.
15
+ controls String [Optional] Control acronym associated with the artifact. NIST SP 800-53 Revision 4 defined.
16
+ artifactExpirationDate Date [Optional] Date Artifact expires and requires review. In Unix Date Format
17
+ lastReviewedDate Date [Optional] Date Artifact was last reviewed. In Unix Date Format
18
+
19
+ isInherited Boolean [Read-Only] Indicates whether an artifact is inherited.
20
+ mimeContentType String [Read-Only] Standard MIME content type derived from file extension.
21
+ fileSize String [Read-Only] File size of attached artifact.
22
+
23
+ * May also accept custom artifact type or category values set by system administrators.
24
+
25
+ The request body of a POST request through the Artifact Endpoint accepts a single binary file with file extension.zip only.
26
+
27
+ This accepted .zip file should contain one or more files corresponding to existing artifacts or new artifacts that will be created upon successful receipt.
28
+
29
+ Filename uniqueness throughout eMASS will be enforced by the API.
30
+
31
+ Upon successful receipt of a file, if a file within the .zip is matched via filename to an artifact existing within the application, the file associated with the artifact will be updated.
32
+
33
+ If no artifact is matched via filename to the application, a new artifact will be created with the following default values. Any values not specified below will be blank.
34
+ - isTemplate: false
35
+ - type: other
36
+ - category: evidence
37
+
38
+ To update values other than the file itself, please submit a PUT request.
39
+
40
+ Business Rules
41
+ - Artifact cannot be saved if the file does not have the following file extensions:
42
+ - .docx,.doc,.txt,.rtf,.xfdl,.xml,.mht,.mhtml,.html,.htm,.pdf
43
+ - .mdb,.accdb,.ppt,.pptx,.xls,.xlsx,.csv,.log
44
+ - .jpeg,.jpg,.tiff,.bmp,.tif,.png,.gif
45
+ - .zip,.rar,.msg,.vsd,.vsw,.vdx, .z{#}, .ckl,.avi,.vsdx
46
+ - Artifact cannot be saved if File Name (fileName) exceeds 1,000 characters
47
+ - Artifact cannot be saved if Description (description) exceeds 2,000 characters
48
+ - Artifact cannot be saved if Reference Page Number (refPageNumber) exceeds 50 characters
49
+ - Artifact cannot be saved if the file does not have an allowable file extension/type.
50
+ - Artifact version cannot be saved if an Artifact with the same file name already exist in the system.
51
+ - Artifact cannot be saved if the file size exceeds 30MB.
52
+ - Artifact cannot be saved if the Last Review Date is set in the future.
53
+
54
+
55
+ Example:
56
+
57
+ bundle exec exe/emasser post artifacts upload --systemId [value] [--isTemplate or --no-isTemplate] --type [value] --category [value] --files[value...value]
58
+
59
+ Note: The example does not list any optional fields
@@ -1,34 +1,34 @@
1
- Endpoint request parameters/fields
2
-
3
- Field Data Type Details
4
- -------------------------------------------------------------------------------------------------
5
- systemId Integer [Required] Unique eMASS identifier. Will need to provide correct number.
6
- filename String [Required] File name should match exactly one file within the provided zip file.
7
- Binary [Required] Application/zip file. Max 30MB per artifact.
8
- isTemplate Boolean [Required] Indicates whether an artifact is a template.
9
- type* String [Required] Values include the following: (Procedure, Diagram, Policy, Labor,
10
- Document, Image, Other, Scan Result, Auditor Report)
11
- category* String [Required] Values include the following: (Implementation Guidance, Evidence)
12
-
13
- description String [Optional] Artifact description. 2000 Characters.
14
- refPageNumber String [Optional] Artifact reference page number. 50 Characters.
15
- ccis String [Optional] CCIs associated with artifact.
16
- controls String [Optional] Control acronym associated with the artifact. NIST SP 800-53 Revision 4 defined.
17
- artifactExpirationDate Date [Optional] Date Artifact expires and requires review. In Unix Date Format
18
- lastReviewedDate Date [Optional] Date Artifact was last reviewed. In Unix Date Format
19
-
20
- isInherited Boolean [Read-Only] Indicates whether an artifact is inherited.
21
- mimeContentType String [Read-Only] Standard MIME content type derived from file extension.
22
- fileSize String [Read-Only] File size of attached artifact.
23
-
24
- * May also accept custom artifact category values set by system administrators.
25
-
26
-
27
- Updates one artifact in a system - the API endpoint provide the capability of updating multiple artifacts concurrently, however this CLI only supports updating one Artifact at the time.
28
-
29
- The file name provided should match exactly one file within the previously uploaded zip file.
30
-
31
-
32
- Example:
33
-
34
- bundle exec exe/emasser put artifacts update --systemId [value] [--isTemplate or --no-isTemplate] --type [value] --category [value] --files[value...value]
1
+ Endpoint request parameters/fields
2
+
3
+ Field Data Type Details
4
+ -------------------------------------------------------------------------------------------------
5
+ systemId Integer [Required] Unique eMASS identifier. Will need to provide correct number.
6
+ filename String [Required] File name should match exactly one file within the provided zip file.
7
+ Binary [Required] Application/zip file. Max 30MB per artifact.
8
+ isTemplate Boolean [Required] Indicates whether an artifact is a template.
9
+ type* String [Required] Values include the following: (Procedure, Diagram, Policy, Labor,
10
+ Document, Image, Other, Scan Result, Auditor Report)
11
+ category* String [Required] Values include the following: (Implementation Guidance, Evidence)
12
+
13
+ description String [Optional] Artifact description. 2000 Characters.
14
+ refPageNumber String [Optional] Artifact reference page number. 50 Characters.
15
+ ccis String [Optional] CCIs associated with artifact.
16
+ controls String [Optional] Control acronym associated with the artifact. NIST SP 800-53 Revision 4 defined.
17
+ artifactExpirationDate Date [Optional] Date Artifact expires and requires review. In Unix Date Format
18
+ lastReviewedDate Date [Optional] Date Artifact was last reviewed. In Unix Date Format
19
+
20
+ isInherited Boolean [Read-Only] Indicates whether an artifact is inherited.
21
+ mimeContentType String [Read-Only] Standard MIME content type derived from file extension.
22
+ fileSize String [Read-Only] File size of attached artifact.
23
+
24
+ * May also accept custom artifact category values set by system administrators.
25
+
26
+
27
+ Updates one artifact in a system - the API endpoint provide the capability of updating multiple artifacts concurrently, however this CLI only supports updating one Artifact at the time.
28
+
29
+ The file name provided should match exactly one file within the previously uploaded zip file.
30
+
31
+
32
+ Example:
33
+
34
+ bundle exec exe/emasser put artifacts update --systemId [value] [--isTemplate or --no-isTemplate] --type [value] --category [value] --files[value...value]
@@ -1,62 +1,62 @@
1
- Add cloud resource and scan results in the assets module for a system
2
-
3
- Endpoint request parameters/fields
4
-
5
- Field Data Type Details
6
- -------------------------------------------------------------------------------------------------
7
- systemId Integer [Required] Unique eMASS identifier. Will need to provide correct number.
8
- provider String [Required] Cloud service provider name.
9
- resourceId String [Required] Unique identifier/resource namespace for policy compliance result.
10
- resourceName String [Required] Friendly name of Cloud resource.
11
- resourceType String [Required] Type of Cloud resource.
12
-
13
- initiatedBy String [Optional] Email of POC.
14
- cspAccountId String [Optional] System/owner's CSP account ID/number.
15
- cspRegion String [Optional] CSP region of system.
16
- isBaseline Boolean [Optional] True/false flag for providing results as baseline.
17
- If true, all existing compliance results for the resourceId will be replaced by results in the current call.
18
-
19
- tags Object [Optional] Informational tags associated to results for other metadata
20
- text String [Optional] Tag metadata information
21
-
22
- complianceResults Object [Required] Compliance result information
23
- cspPolicyDefinitionId String [Required] Unique identifier/compliance namespace for CSP/Resource’s
24
- policy definition/compliance check.
25
- policyDefinitionTitle String [Required] Friendly policy/compliance check title. Recommend short title
26
- isCompliant Boolean [Required] Compliance status of the policy for the identified cloud resource.
27
-
28
- complianceCheckTimestamp Date [Optional] Unix date format
29
- control String [Optional] Comma separated correlation to Security Control
30
- (e.g. exact NIST Control acronym).
31
- assessmentProcedure String [Optional] Comma separated correlation to Assessment Procedure
32
- (i.e. CCI number for DoD Control Set).
33
- complianceReason String [Optional] Reason/comments for compliance result
34
- policyDeploymentName String [Optional] Name of policy deployment
35
- policyDeploymentVersion String [Optional] Version of policy deployment.
36
- severity String [Optional] Values include the following: (Low, Medium, High, Critical)
37
-
38
-
39
- The following Cloud Resource parameters/fields have the following character limitations:
40
- - Fields that can not exceed 50 characters:
41
- - Policy Deployment Version (`policyDeploymentVersion`)
42
- - Fields that can not exceed 100 characters:
43
- - Assessment Procedure (`assessmentProcedure`)
44
- - Security Control Acronym (`control`)
45
- - CSP Account ID (`cspAccountId`)
46
- - CSP Region (`cspRegion`)
47
- - Email of POC (`initiatedBy`)
48
- - Cloud Service Provider (`provider`)
49
- - Type of Cloud resource (`resourceType`)
50
- - Fields that can not exceed 500 characters:
51
- - CSP/Resource’s Policy ID (`cspPolicyDefinitionId`)
52
- - Policy Deployment Name (`policyDeploymentName`)
53
- - Policy Compliance ID (`resourceId`)
54
- - Cloud Resource Name (`resourceName`)
55
- - Fields that can not exceed 1000 characters:
56
- - Reason for Compliance (`complianceReason`)
57
- - Fields that can not exceed 2000 characters:
58
- - Policy Short Title (`policyDefinitionTitle`)
59
-
60
- Example:
61
-
62
- bundle exec exe/emasser post cloud_resource add --systemId [value] --provider [value] --resourceId [value] --resourceName [value] --resourceType [value] --cspPolicyDefinitionId [value] --isCompliant or --is-not-Compliant --policyDefinitionTitle [value] --test [value]
1
+ Add cloud resource and scan results in the assets module for a system
2
+
3
+ Endpoint request parameters/fields
4
+
5
+ Field Data Type Details
6
+ -------------------------------------------------------------------------------------------------
7
+ systemId Integer [Required] Unique eMASS identifier. Will need to provide correct number.
8
+ provider String [Required] Cloud service provider name.
9
+ resourceId String [Required] Unique identifier/resource namespace for policy compliance result.
10
+ resourceName String [Required] Friendly name of Cloud resource.
11
+ resourceType String [Required] Type of Cloud resource.
12
+
13
+ initiatedBy String [Optional] Email of POC.
14
+ cspAccountId String [Optional] System/owner's CSP account ID/number.
15
+ cspRegion String [Optional] CSP region of system.
16
+ isBaseline Boolean [Optional] True/false flag for providing results as baseline.
17
+ If true, all existing compliance results for the resourceId will be replaced by results in the current call.
18
+
19
+ tags Object [Optional] Informational tags associated to results for other metadata
20
+ text String [Optional] Tag metadata information
21
+
22
+ complianceResults Object [Required] Compliance result information
23
+ cspPolicyDefinitionId String [Required] Unique identifier/compliance namespace for CSP/Resource’s
24
+ policy definition/compliance check.
25
+ policyDefinitionTitle String [Required] Friendly policy/compliance check title. Recommend short title
26
+ isCompliant Boolean [Required] Compliance status of the policy for the identified cloud resource.
27
+
28
+ complianceCheckTimestamp Date [Optional] Unix date format
29
+ control String [Optional] Comma separated correlation to Security Control
30
+ (e.g. exact NIST Control acronym).
31
+ assessmentProcedure String [Optional] Comma separated correlation to Assessment Procedure
32
+ (i.e. CCI number for DoD Control Set).
33
+ complianceReason String [Optional] Reason/comments for compliance result
34
+ policyDeploymentName String [Optional] Name of policy deployment
35
+ policyDeploymentVersion String [Optional] Version of policy deployment.
36
+ severity String [Optional] Values include the following: (Low, Medium, High, Critical)
37
+
38
+
39
+ The following Cloud Resource parameters/fields have the following character limitations:
40
+ - Fields that can not exceed 50 characters:
41
+ - Policy Deployment Version (`policyDeploymentVersion`)
42
+ - Fields that can not exceed 100 characters:
43
+ - Assessment Procedure (`assessmentProcedure`)
44
+ - Security Control Acronym (`control`)
45
+ - CSP Account ID (`cspAccountId`)
46
+ - CSP Region (`cspRegion`)
47
+ - Email of POC (`initiatedBy`)
48
+ - Cloud Service Provider (`provider`)
49
+ - Type of Cloud resource (`resourceType`)
50
+ - Fields that can not exceed 500 characters:
51
+ - CSP/Resource’s Policy ID (`cspPolicyDefinitionId`)
52
+ - Policy Deployment Name (`policyDeploymentName`)
53
+ - Policy Compliance ID (`resourceId`)
54
+ - Cloud Resource Name (`resourceName`)
55
+ - Fields that can not exceed 1000 characters:
56
+ - Reason for Compliance (`complianceReason`)
57
+ - Fields that can not exceed 2000 characters:
58
+ - Policy Short Title (`policyDefinitionTitle`)
59
+
60
+ Example:
61
+
62
+ bundle exec exe/emasser post cloud_resource add --systemId [value] --provider [value] --resourceId [value] --resourceName [value] --resourceType [value] --cspPolicyDefinitionId [value] --isCompliant or --is-not-Compliant --policyDefinitionTitle [value] --test [value]
@@ -1,4 +1,4 @@
1
- The Cybersecurity Maturity Model Certification (CMMC) Assessments endpoint provides
2
- the ability to view CMMC assessment information.
3
-
4
- **It is available to CMMC eMASS only.**
1
+ The Cybersecurity Maturity Model Certification (CMMC) Assessments endpoint provides
2
+ the ability to view CMMC assessment information.
3
+
4
+ **It is available to CMMC eMASS only.**
@@ -1,44 +1,44 @@
1
- Add cloud resource and scan results in the assets module for a system
2
-
3
- Endpoint request parameters/fields
4
-
5
- Field Data Type Details
6
- -------------------------------------------------------------------------------------------------
7
- systemId Integer [Required] Unique eMASS identifier. Will need to provide correct number.
8
- containerId String [Required] Unique identifier of the container.
9
- containerName String [Required] Friendly name of the container.
10
- time Date [Required] Datetime of scan/result. Unix date format.
11
-
12
- podName String [Optional] Name of pod (e.g. Kubernetes pod).
13
- podIp String [Optional] IP address of pod.
14
- namespace String [Optional] Namespace of container in container orchestration (e.g. Kubernetes namespace).
15
-
16
- tags Object [Optional] Informational tags associated to results for other metadata.
17
- text String [Optional] Tag metadata information.
18
-
19
- benchmarks Object
20
- benchmark String [Required] Identifier of the benchmark/grouping of compliance results.
21
- (e.g. for STIG results, provide the benchmark id for the STIG technology).
22
- isBaseline Boolean [Optional] True/false flag for providing results as baseline. If true, all existing
23
- compliance results for the provided benchmark within the container will be replaced
24
- by results in the current call.
25
- results Object
26
- ruleId String [Required] Identifier for the compliance result, vulnerability, etc.
27
- status String [Required] Benchmark result status
28
- lastSeen Date [Required] Date last seen, Unix date format
29
- message String [Optional] Comments for the result
30
-
31
- The following Container parameters/fields have the following character limitations:
32
- - Fields that can not exceed 100 characters:
33
- - STIG Benchmark ID (`benchmark`)
34
- - Container Namespace (`namespace`)
35
- - Kubernetes assigned IP (`podIp`)
36
- - Kubernetes Pod Name) (`podName`)
37
- - Fields that can not exceed 500 characters:
38
- - Container ID (`containerId`)
39
- - Friendly Container Name (`containerName`)
40
- - Fields that can not exceed 1000 characters:
41
- - Result Comments (`message`)
42
-
43
- Example:
44
- bundle exec ruby exe/emasser post container add --systemId [value] --containerId [value] --containerName [value] --time [value] --benchmark [value] --lastSeen [value] --ruleId [value] --status [value]
1
+ Add cloud resource and scan results in the assets module for a system
2
+
3
+ Endpoint request parameters/fields
4
+
5
+ Field Data Type Details
6
+ -------------------------------------------------------------------------------------------------
7
+ systemId Integer [Required] Unique eMASS identifier. Will need to provide correct number.
8
+ containerId String [Required] Unique identifier of the container.
9
+ containerName String [Required] Friendly name of the container.
10
+ time Date [Required] Datetime of scan/result. Unix date format.
11
+
12
+ podName String [Optional] Name of pod (e.g. Kubernetes pod).
13
+ podIp String [Optional] IP address of pod.
14
+ namespace String [Optional] Namespace of container in container orchestration (e.g. Kubernetes namespace).
15
+
16
+ tags Object [Optional] Informational tags associated to results for other metadata.
17
+ text String [Optional] Tag metadata information.
18
+
19
+ benchmarks Object
20
+ benchmark String [Required] Identifier of the benchmark/grouping of compliance results.
21
+ (e.g. for STIG results, provide the benchmark id for the STIG technology).
22
+ isBaseline Boolean [Optional] True/false flag for providing results as baseline. If true, all existing
23
+ compliance results for the provided benchmark within the container will be replaced
24
+ by results in the current call.
25
+ results Object
26
+ ruleId String [Required] Identifier for the compliance result, vulnerability, etc.
27
+ status String [Required] Benchmark result status
28
+ lastSeen Date [Required] Date last seen, Unix date format
29
+ message String [Optional] Comments for the result
30
+
31
+ The following Container parameters/fields have the following character limitations:
32
+ - Fields that can not exceed 100 characters:
33
+ - STIG Benchmark ID (`benchmark`)
34
+ - Container Namespace (`namespace`)
35
+ - Kubernetes assigned IP (`podIp`)
36
+ - Kubernetes Pod Name) (`podName`)
37
+ - Fields that can not exceed 500 characters:
38
+ - Container ID (`containerId`)
39
+ - Friendly Container Name (`containerName`)
40
+ - Fields that can not exceed 1000 characters:
41
+ - Result Comments (`message`)
42
+
43
+ Example:
44
+ bundle exec ruby exe/emasser post container add --systemId [value] --containerId [value] --containerName [value] --time [value] --benchmark [value] --lastSeen [value] --ruleId [value] --status [value]