rapid7_vm_console 1.0.0.pre.6.5.50

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. checksums.yaml +7 -0
  2. metadata +713 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: 35f0d5c4f53dcd616ba0d3f67ef395d7cce1818dbd184d061a3d9ccef9e484a9
4
+ data.tar.gz: 1f8144241c0278b5d2ba4a8b3ccb3c3911b03da6b4ed18fdbda5ebd6c4c06702
5
+ SHA512:
6
+ metadata.gz: f170423750276e3498081eaaba1b9524a72f03d1b754aa2a80eaef662828b7d8818edff5b6a17b2957d9a73cc24b4300b392035c8d3ad86832cee5392bae2453
7
+ data.tar.gz: 6703361d5bfad5c8f437e718abdc306fb4b6bf22dbce8d2c2d36fd13782aab230e55aa1dfd3f1642c99efd960eaa7c3f1e914bfefa1b25658c588a6572318228
metadata ADDED
@@ -0,0 +1,713 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: rapid7_vm_console
3
+ version: !ruby/object:Gem::Version
4
+ version: 1.0.0.pre.6.5.50
5
+ platform: ruby
6
+ authors:
7
+ - Swagger-Codegen
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2020-06-01 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: typhoeus
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '1.0'
20
+ - - ">="
21
+ - !ruby/object:Gem::Version
22
+ version: 1.0.1
23
+ type: :runtime
24
+ prerelease: false
25
+ version_requirements: !ruby/object:Gem::Requirement
26
+ requirements:
27
+ - - "~>"
28
+ - !ruby/object:Gem::Version
29
+ version: '1.0'
30
+ - - ">="
31
+ - !ruby/object:Gem::Version
32
+ version: 1.0.1
33
+ - !ruby/object:Gem::Dependency
34
+ name: json
35
+ requirement: !ruby/object:Gem::Requirement
36
+ requirements:
37
+ - - ">="
38
+ - !ruby/object:Gem::Version
39
+ version: 2.1.0
40
+ - - "~>"
41
+ - !ruby/object:Gem::Version
42
+ version: '2.1'
43
+ type: :runtime
44
+ prerelease: false
45
+ version_requirements: !ruby/object:Gem::Requirement
46
+ requirements:
47
+ - - ">="
48
+ - !ruby/object:Gem::Version
49
+ version: 2.1.0
50
+ - - "~>"
51
+ - !ruby/object:Gem::Version
52
+ version: '2.1'
53
+ - !ruby/object:Gem::Dependency
54
+ name: rspec
55
+ requirement: !ruby/object:Gem::Requirement
56
+ requirements:
57
+ - - ">="
58
+ - !ruby/object:Gem::Version
59
+ version: 3.6.0
60
+ - - "~>"
61
+ - !ruby/object:Gem::Version
62
+ version: '3.6'
63
+ type: :development
64
+ prerelease: false
65
+ version_requirements: !ruby/object:Gem::Requirement
66
+ requirements:
67
+ - - ">="
68
+ - !ruby/object:Gem::Version
69
+ version: 3.6.0
70
+ - - "~>"
71
+ - !ruby/object:Gem::Version
72
+ version: '3.6'
73
+ - !ruby/object:Gem::Dependency
74
+ name: vcr
75
+ requirement: !ruby/object:Gem::Requirement
76
+ requirements:
77
+ - - "~>"
78
+ - !ruby/object:Gem::Version
79
+ version: '3.0'
80
+ - - ">="
81
+ - !ruby/object:Gem::Version
82
+ version: 3.0.1
83
+ type: :development
84
+ prerelease: false
85
+ version_requirements: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - "~>"
88
+ - !ruby/object:Gem::Version
89
+ version: '3.0'
90
+ - - ">="
91
+ - !ruby/object:Gem::Version
92
+ version: 3.0.1
93
+ - !ruby/object:Gem::Dependency
94
+ name: webmock
95
+ requirement: !ruby/object:Gem::Requirement
96
+ requirements:
97
+ - - "~>"
98
+ - !ruby/object:Gem::Version
99
+ version: '1.24'
100
+ - - ">="
101
+ - !ruby/object:Gem::Version
102
+ version: 1.24.3
103
+ type: :development
104
+ prerelease: false
105
+ version_requirements: !ruby/object:Gem::Requirement
106
+ requirements:
107
+ - - "~>"
108
+ - !ruby/object:Gem::Version
109
+ version: '1.24'
110
+ - - ">="
111
+ - !ruby/object:Gem::Version
112
+ version: 1.24.3
113
+ - !ruby/object:Gem::Dependency
114
+ name: autotest
115
+ requirement: !ruby/object:Gem::Requirement
116
+ requirements:
117
+ - - "~>"
118
+ - !ruby/object:Gem::Version
119
+ version: '4.4'
120
+ - - ">="
121
+ - !ruby/object:Gem::Version
122
+ version: 4.4.6
123
+ type: :development
124
+ prerelease: false
125
+ version_requirements: !ruby/object:Gem::Requirement
126
+ requirements:
127
+ - - "~>"
128
+ - !ruby/object:Gem::Version
129
+ version: '4.4'
130
+ - - ">="
131
+ - !ruby/object:Gem::Version
132
+ version: 4.4.6
133
+ - !ruby/object:Gem::Dependency
134
+ name: autotest-rails-pure
135
+ requirement: !ruby/object:Gem::Requirement
136
+ requirements:
137
+ - - "~>"
138
+ - !ruby/object:Gem::Version
139
+ version: '4.1'
140
+ - - ">="
141
+ - !ruby/object:Gem::Version
142
+ version: 4.1.2
143
+ type: :development
144
+ prerelease: false
145
+ version_requirements: !ruby/object:Gem::Requirement
146
+ requirements:
147
+ - - "~>"
148
+ - !ruby/object:Gem::Version
149
+ version: '4.1'
150
+ - - ">="
151
+ - !ruby/object:Gem::Version
152
+ version: 4.1.2
153
+ - !ruby/object:Gem::Dependency
154
+ name: autotest-growl
155
+ requirement: !ruby/object:Gem::Requirement
156
+ requirements:
157
+ - - "~>"
158
+ - !ruby/object:Gem::Version
159
+ version: '0.2'
160
+ - - ">="
161
+ - !ruby/object:Gem::Version
162
+ version: 0.2.16
163
+ type: :development
164
+ prerelease: false
165
+ version_requirements: !ruby/object:Gem::Requirement
166
+ requirements:
167
+ - - "~>"
168
+ - !ruby/object:Gem::Version
169
+ version: '0.2'
170
+ - - ">="
171
+ - !ruby/object:Gem::Version
172
+ version: 0.2.16
173
+ - !ruby/object:Gem::Dependency
174
+ name: autotest-fsevent
175
+ requirement: !ruby/object:Gem::Requirement
176
+ requirements:
177
+ - - "~>"
178
+ - !ruby/object:Gem::Version
179
+ version: '0.2'
180
+ - - ">="
181
+ - !ruby/object:Gem::Version
182
+ version: 0.2.12
183
+ type: :development
184
+ prerelease: false
185
+ version_requirements: !ruby/object:Gem::Requirement
186
+ requirements:
187
+ - - "~>"
188
+ - !ruby/object:Gem::Version
189
+ version: '0.2'
190
+ - - ">="
191
+ - !ruby/object:Gem::Version
192
+ version: 0.2.12
193
+ description: '# Overview This guide documents the InsightVM Application Programming
194
+ Interface (API) Version 3. This API supports the Representation State Transfer (REST)
195
+ design pattern. Unless noted otherwise this API accepts and produces the `application/json`
196
+ media type. This API uses Hypermedia as the Engine of Application State (HATEOAS)
197
+ and is hypermedia friendly. All API connections must be made to the security console
198
+ using HTTPS. ## Versioning Versioning is specified in the URL and the base path
199
+ of this API is: `https://<host>:<port>/api/3/`. ## Specification An <a target="_blank"
200
+ href="https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md">OpenAPI
201
+ v2</a> specification (also known as Swagger 2) of this API is available. Tools
202
+ such as <a target="_blank" href="https://github.com/swagger-api/swagger-codegen">swagger-codegen</a>
203
+ can be used to generate an API client in the language of your choosing using this
204
+ specification document. <p class="openapi">Download the specification: <a class="openapi-button"
205
+ target="_blank" download="" href="/api/3/json"> Download </a></p> ## Authentication Authorization
206
+ to the API uses HTTP Basic Authorization (see <a target="_blank" href="https://www.ietf.org/rfc/rfc2617.txt">RFC
207
+ 2617</a> for more information). Requests must supply authorization credentials
208
+ in the `Authorization` header using a Base64 encoded hash of `"username:password"`. <!--
209
+ ReDoc-Inject: <security-definitions> --> ### 2FA This API supports two-factor
210
+ authentication (2FA) by supplying an authentication token in addition to the Basic
211
+ Authorization. The token is specified using the `Token` request header. To leverage
212
+ two-factor authentication, this must be enabled on the console and be configured
213
+ for the account accessing the API. ## Resources ### Naming Resource names represent
214
+ nouns and identify the entity being manipulated or accessed. All collection resources
215
+ are pluralized to indicate to the client they are interacting with a collection
216
+ of multiple resources of the same type. Singular resource names are used when there
217
+ exists only one resource available to interact with. The following naming conventions
218
+ are used by this API: | Type | Case |
219
+ | --------------------------------------------- | ------------------------ | | Resource
220
+ names | `lower_snake_case` | | Header, body,
221
+ and query parameters parameters | `camelCase` | | JSON fields and property
222
+ names | `camelCase` | #### Collections A collection
223
+ resource is a parent resource for instance resources, but can itself be retrieved
224
+ and operated on independently. Collection resources use a pluralized resource name.
225
+ The resource path for collection resources follow the convention: ``` /api/3/{resource_name}
226
+ ``` #### Instances An instance resource is a "leaf" level resource that may be
227
+ retrieved, optionally nested within a collection resource. Instance resources are
228
+ usually retrievable with opaque identifiers. The resource path for instance resources
229
+ follows the convention: ``` /api/3/{resource_name}/{instance_id}... ``` ## Verbs The
230
+ following HTTP operations are supported throughout this API. The general usage of
231
+ the operation and both its failure and success status codes are outlined below. |
232
+ Verb | Usage |
233
+ Success | Failure | |
234
+ --------- | -------------------------------------------------------------------------------------
235
+ | ----------- | -------------------------------------------------------------- |
236
+ | `GET` | Used to retrieve a resource by identifier, or a collection of resources
237
+ by type. | `200` | `400`, `401`, `402`, `404`, `405`, `408`, `410`, `415`,
238
+ `500` | | `POST` | Creates a resource with an application-specified identifier. |
239
+ `201` | `400`, `401`, `404`, `405`, `408`, `413`, `415`, `500` | |
240
+ `POST` | Performs a request to queue an asynchronous job. |
241
+ `202` | `400`, `401`, `405`, `408`, `410`, `413`, `415`, `500` | |
242
+ `PUT` | Creates a resource with a client-specified identifier. |
243
+ `200` | `400`, `401`, `403`, `405`, `408`, `410`, `413`, `415`, `500` | |
244
+ `PUT` | Performs a full update of a resource with a specified identifier. |
245
+ `201` | `400`, `401`, `403`, `405`, `408`, `410`, `413`, `415`, `500` | |
246
+ `DELETE` | Deletes a resource by identifier or an entire collection of resources. |
247
+ `204` | `400`, `401`, `405`, `408`, `410`, `413`, `415`, `500` | |
248
+ `OPTIONS` | Requests what operations are available on a resource. |
249
+ `200` | `401`, `404`, `405`, `408`, `500` | ###
250
+ Common Operations #### OPTIONS All resources respond to the `OPTIONS` request,
251
+ which allows discoverability of available operations that are supported. The `OPTIONS`
252
+ response returns the acceptable HTTP operations on that resource within the `Allow`
253
+ header. The response is always a `200 OK` status. ### Collection Resources Collection
254
+ resources can support the `GET`, `POST`, `PUT`, and `DELETE` operations. #### GET The
255
+ `GET` operation invoked on a collection resource indicates a request to retrieve
256
+ all, or some, of the entities contained within the collection. This also includes
257
+ the optional capability to filter or search resources during the request. The response
258
+ from a collection listing is a paginated document. See [hypermedia links](#section/Overview/Paging)
259
+ for more information. #### POST The `POST` is a non-idempotent operation that
260
+ allows for the creation of a new resource when the resource identifier is not provided
261
+ by the system during the creation operation (i.e. the Security Console generates
262
+ the identifier). The content of the `POST` request is sent in the request body.
263
+ The response to a successful `POST` request should be a `201 CREATED` with a valid
264
+ `Location` header field set to the URI that can be used to access to the newly created
265
+ resource. The `POST` to a collection resource can also be used to interact with
266
+ asynchronous resources. In this situation, instead of a `201 CREATED` response,
267
+ the `202 ACCEPTED` response indicates that processing of the request is not fully complete
268
+ but has been accepted for future processing. This request will respond similarly
269
+ with a `Location` header with link to the job-oriented asynchronous resource that
270
+ was created and/or queued. #### PUT The `PUT` is an idempotent operation that
271
+ either performs a create with user-supplied identity, or a full replace or update
272
+ of a resource by a known identifier. The response to a `PUT` operation to create
273
+ an entity is a `201 Created` with a valid `Location` header field set to the URI
274
+ that can be used to access to the newly created resource. `PUT` on a collection
275
+ resource replaces all values in the collection. The typical response to a `PUT`
276
+ operation that updates an entity is hypermedia links, which may link to related
277
+ resources caused by the side-effects of the changes performed. #### DELETE The
278
+ `DELETE` is an idempotent operation that physically deletes a resource, or removes
279
+ an association between resources. The typical response to a `DELETE` operation is
280
+ hypermedia links, which may link to related resources caused by the side-effects
281
+ of the changes performed. ### Instance Resources Instance resources can support
282
+ the `GET`, `PUT`, `POST`, `PATCH` and `DELETE` operations. #### GET Retrieves
283
+ the details of a specific resource by its identifier. The details retrieved can
284
+ be controlled through property selection and property views. The content of the
285
+ resource is returned within the body of the response in the acceptable media type. ####
286
+ PUT Allows for and idempotent "full update" (complete replacement) on a specific
287
+ resource. If the resource does not exist, it will be created; if it does exist,
288
+ it is completely overwritten. Any omitted properties in the request are assumed
289
+ to be undefined/null. For "partial updates" use `POST` or `PATCH` instead. The
290
+ content of the `PUT` request is sent in the request body. The identifier of the
291
+ resource is specified within the URL (not the request body). The response to a
292
+ successful `PUT` request is a `201 CREATED` to represent the created status, with
293
+ a valid `Location` header field set to the URI that can be used to access to the
294
+ newly created (or fully replaced) resource. #### POST Performs a non-idempotent
295
+ creation of a new resource. The `POST` of an instance resource most commonly occurs
296
+ with the use of nested resources (e.g. searching on a parent collection resource).
297
+ The response to a `POST` of an instance resource is typically a `200 OK` if the
298
+ resource is non-persistent, and a `201 CREATED` if there is a resource created/persisted
299
+ as a result of the operation. This varies by endpoint. #### PATCH The `PATCH`
300
+ operation is used to perform a partial update of a resource. `PATCH` is a non-idempotent
301
+ operation that enforces an atomic mutation of a resource. Only the properties specified
302
+ in the request are to be overwritten on the resource it is applied to. If a property
303
+ is missing, it is assumed to not have changed. #### DELETE Permanently removes
304
+ the individual resource from the system. If the resource is an association between
305
+ resources, only the association is removed, not the resources themselves. A successful
306
+ deletion of the resource should return `204 NO CONTENT` with no response body.
307
+ This operation is not fully idempotent, as follow-up requests to delete a non-existent
308
+ resource should return a `404 NOT FOUND`. ## Requests Unless otherwise indicated,
309
+ the default request body media type is `application/json`. ### Headers Commonly
310
+ used request headers include: | Header | Example |
311
+ Purpose | |
312
+ ------------------ | --------------------------------------------- | ----------------------------------------------------------------------------------------------
313
+ | | `Accept` | `application/json` | Defines
314
+ what acceptable content types are allowed by the client. For all types, use `*/*`. |
315
+ | `Accept-Encoding` | `deflate, gzip` | Allows for
316
+ the encoding to be specified (such as gzip). |
317
+ | `Accept-Language` | `en-US` | Indicates
318
+ to the server the client''s locale (defaults `en-US`). |
319
+ | `Authorization ` | `Basic Base64("username:password")` | Basic authentication |
320
+ | `Token ` | `123456` | Two-factor
321
+ authentication token (if enabled) | ###
322
+ Dates & Times Dates and/or times are specified as strings in the ISO 8601 format(s).
323
+ The following formats are supported as input: | Value | Format |
324
+ Notes | | ---------------------------
325
+ | ------------------------------------------------------ | -----------------------------------------------------
326
+ | | Date | YYYY-MM-DD |
327
+ Defaults to 12 am UTC (if used for a date & time | | Date & time only |
328
+ YYYY-MM-DD''T''hh:mm:ss[.nnn] | Defaults to UTC |
329
+ | Date & time in UTC | YYYY-MM-DD''T''hh:mm:ss[.nnn]Z | |
330
+ | Date & time w/ offset | YYYY-MM-DD''T''hh:mm:ss[.nnn][+&#124;-]hh:mm | |
331
+ | Date & time w/ zone-offset | YYYY-MM-DD''T''hh:mm:ss[.nnn][+&#124;-]hh:mm[<zone-id>] | | ###
332
+ Timezones Timezones are specified in the regional zone format, such as `"America/Los_Angeles"`,
333
+ `"Asia/Tokyo"`, or `"GMT"`. ### Paging Pagination is supported on certain collection
334
+ resources using a combination of two query parameters, `page` and `size`. As these
335
+ are control parameters, they are prefixed with the underscore character. The page
336
+ parameter dictates the zero-based index of the page to retrieve, and the `size`
337
+ indicates the size of the page. For example, `/resources?page=2&size=10` will
338
+ return page 3, with 10 records per page, giving results 21-30. The maximum page
339
+ size for a request is 500. ### Sorting Sorting is supported on paginated resources
340
+ with the `sort` query parameter(s). The sort query parameter(s) supports identifying
341
+ a single or multi-property sort with a single or multi-direction output. The format
342
+ of the parameter is: ``` sort=property[,ASC|DESC]... ``` Therefore, the request
343
+ `/resources?sort=name,title,DESC` would return the results sorted by the name and
344
+ title descending, in that order. The sort directions are either ascending `ASC`
345
+ or descending `DESC`. With single-order sorting, all properties are sorted in the
346
+ same direction. To sort the results with varying orders by property, multiple sort
347
+ parameters are passed. For example, the request `/resources?sort=name,ASC&sort=title,DESC`
348
+ would sort by name ascending and title descending, in that order. ## Responses The
349
+ following response statuses may be returned by this API. | Status | Meaning |
350
+ Usage |
351
+ | ------ | ------------------------ |-------------------------------------------------------------------------------------------------------------------------------------------------------------------------
352
+ | | `200` | OK | The operation performed without error according
353
+ to the specification of the request, and no more specific 2xx code is suitable. |
354
+ | `201` | Created | A create request has been fulfilled and a
355
+ resource has been created. The resource is available as the URI specified in the
356
+ response, including the `Location` header. | | `202` | Accepted |
357
+ An asynchronous task has been accepted, but not guaranteed, to be processed in the
358
+ future. |
359
+ | `400` | Bad Request | The request was invalid or cannot be otherwise
360
+ served. The request is not likely to succeed in the future without modifications. |
361
+ | `401` | Unauthorized | The user is unauthorized to perform the operation
362
+ requested, or does not maintain permissions to perform the operation on the resource
363
+ specified. | | `403` | Forbidden | The resource
364
+ exists to which the user has access, but the operating requested is not permitted. |
365
+ | `404` | Not Found | The resource specified could not be located,
366
+ does not exist, or an unauthenticated client does not have permissions to a resource. |
367
+ | `405` | Method Not Allowed | The operations may not be performed on the
368
+ specific resource. Allowed operations are returned and may be performed on the resource. |
369
+ | `408` | Request Timeout | The client has failed to complete a request
370
+ in a timely manner and the request has been discarded. |
371
+ | `413` | Request Entity Too Large | The request being provided is too large for
372
+ the server to accept processing. |
373
+ | `415` | Unsupported Media Type | The media type is not supported for the requested
374
+ resource. |
375
+ | `500` | Internal Server Error | An internal and unexpected error has occurred
376
+ on the server at no fault of the client. | ###
377
+ Security The response statuses 401, 403 and 404 need special consideration for
378
+ security purposes. As necessary, error statuses and messages may be obscured to
379
+ strengthen security and prevent information exposure. The following is a guideline
380
+ for privileged resource response statuses: | Use Case |
381
+ Access | Resource | Permission | Status | | ------------------------------------------------------------------
382
+ | ------------------ |------------------- | ------------ | ------------ | | Unauthenticated
383
+ access to an unauthenticated resource. | Unauthenticated | Unauthenticated |
384
+ Yes | `20x` | | Unauthenticated access to an authenticated resource. |
385
+ Unauthenticated | Authenticated | No | `401` | | Unauthenticated
386
+ access to an authenticated resource. | Unauthenticated | Non-existent |
387
+ No | `401` | | Authenticated access to a unauthenticated resource. |
388
+ Authenticated | Unauthenticated | Yes | `20x` | | Authenticated
389
+ access to an authenticated, unprivileged resource. | Authenticated | Authenticated |
390
+ No | `404` | | Authenticated access to an authenticated, privileged
391
+ resource. | Authenticated | Authenticated | Yes | `20x` |
392
+ | Authenticated access to an authenticated, non-existent resource | Authenticated |
393
+ Non-existent | Yes | `404` | ### Headers Commonly used response
394
+ headers include: | Header | Example |
395
+ Purpose | | --------------------------
396
+ | --------------------------------- | ---------------------------------------------------------------
397
+ | | `Allow` | `OPTIONS, GET` | Defines the
398
+ allowable HTTP operations on a resource. | | `Cache-Control` |
399
+ `no-store, must-revalidate` | Disables caching of resources (as they are all
400
+ dynamic). | | `Content-Encoding` | `gzip` |
401
+ The encoding of the response body (if any). | | `Location` | |
402
+ Refers to the URI of the resource created by a request. | | `Transfer-Encoding` |
403
+ `chunked` | Specified the encoding used to transform response. |
404
+ | `Retry-After` | 5000 | Indicates the
405
+ time to wait before retrying a request. | | `X-Content-Type-Options` |
406
+ `nosniff` | Disables MIME type sniffing. |
407
+ | `X-XSS-Protection` | `1; mode=block` | Enables XSS filter
408
+ protection. | | `X-Frame-Options` | `SAMEORIGIN` |
409
+ Prevents rendering in a frame from a different origin. | | `X-UA-Compatible` |
410
+ `IE=edge,chrome=1` | Specifies the browser mode to render in. | ###
411
+ Format When `application/json` is returned in the response body it is always pretty-printed
412
+ (indented, human readable output). Additionally, gzip compression/encoding is supported
413
+ on all responses. #### Dates & Times Dates or times are returned as strings in
414
+ the ISO 8601 ''extended'' format. When a date and time is returned (instant) the
415
+ value is converted to UTC. For example: | Value | Format |
416
+ Example | | --------------- | ------------------------------ | ---------------------
417
+ | | Date | `YYYY-MM-DD` | 2017-12-03 | |
418
+ Date & Time | `YYYY-MM-DD''T''hh:mm:ss[.nnn]Z` | 2017-12-03T10:15:30Z | ####
419
+ Content In some resources a Content data type is used. This allows for multiple
420
+ formats of representation to be returned within resource, specifically `"html"`
421
+ and `"text"`. The `"text"` property returns a flattened representation suitable
422
+ for output in textual displays. The `"html"` property returns an HTML fragment suitable
423
+ for display within an HTML element. Note, the HTML returned is not a valid stand-alone
424
+ HTML document. #### Paging The response to a paginated request follows the format: ```json
425
+ { resources": [ ... ], "page": { "number" : ..., "size"
426
+ : ..., "totalResources" : ..., "totalPages" : ... }, "links":
427
+ [ "first" : { "href" : "..." }, "prev" : { "href"
428
+ : "..." }, "self" : { "href" : "..." }, "next"
429
+ : { "href" : "..." }, "last" : { "href" : "..." } ]
430
+ } ``` The `resources` property is an array of the resources being retrieved from
431
+ the endpoint, each which should contain at minimum a "self" relation hypermedia
432
+ link. The `page` property outlines the details of the current page and total possible
433
+ pages. The object for the page includes the following properties: - number - The
434
+ page number (zero-based) of the page returned. - size - The size of the pages, which
435
+ is less than or equal to the maximum page size. - totalResources - The total amount
436
+ of resources available across all pages. - totalPages - The total amount of pages. The
437
+ last property of the paged response is the `links` array, which contains all available
438
+ hypermedia links. For paginated responses, the "self", "next", "previous", "first",
439
+ and "last" links are returned. The "self" link must always be returned and should
440
+ contain a link to allow the client to replicate the original request against the collection
441
+ resource in an identical manner to that in which it was invoked. The "next" and
442
+ "previous" links are present if either or both there exists a previous or next page,
443
+ respectively. The "next" and "previous" links have hrefs that allow "natural movement"
444
+ to the next page, that is all parameters required to move the next page are provided
445
+ in the link. The "first" and "last" links provide references to the first and last
446
+ pages respectively. Requests outside the boundaries of the pageable will result
447
+ in a `404 NOT FOUND`. Paginated requests do not provide a "stateful cursor" to
448
+ the client, nor does it need to provide a read consistent view. Records in adjacent
449
+ pages may change while pagination is being traversed, and the total number of pages
450
+ and resources may change between requests within the same filtered/queries resource
451
+ collection. #### Property Views The "depth" of the response of a resource can
452
+ be configured using a "view". All endpoints supports two views that can tune the
453
+ extent of the information returned in the resource. The supported views are `summary`
454
+ and `details` (the default). View are specified using a query parameter, in this
455
+ format: ```bash /<resource>?view={viewName} ``` #### Error Any error responses
456
+ can provide a response body with a message to the client indicating more information
457
+ (if applicable) to aid debugging of the error. All 40x and 50x responses will return
458
+ an error response in the body. The format of the response is as follows: ```json
459
+ { "status": <statusCode>, "message": <message>, "links" : [ { "rel"
460
+ : "...", "href" : "..." } ] } ``` The `status` property is the same
461
+ as the HTTP status returned in the response, to ease client parsing. The message property
462
+ is a localized message in the request client''s locale (if applicable) that articulates
463
+ the nature of the error. The last property is the `links` property. This may contain
464
+ additional [hypermedia links](#section/Overview/Authentication) to troubleshoot. ####
465
+ Search Criteria <a section="section/Responses/SearchCriteria"></a> Multiple resources
466
+ make use of search criteria to match assets. Search criteria is an array of search
467
+ filters. Each search filter has a generic format of: ```json { "field": "<field-name>", "operator":
468
+ "<operator>", ["value": "<value>",] ["lower": "<value>",] ["upper": "<value>"]
469
+ } ``` Every filter defines two required properties `field` and `operator`.
470
+ The field is the name of an asset property that is being filtered on. The operator
471
+ is a type and property-specific operating performed on the filtered property. The
472
+ valid values for fields and operators are outlined in the table below. Every filter
473
+ also defines one or more values that are supplied to the operator. The valid values
474
+ vary by operator and are outlined below. ##### Fields The following table outlines
475
+ the search criteria fields and the available operators: | Field |
476
+ Operators |
477
+ | --------------------------------- | ------------------------------------------------------------------------------------------------------------------------------
478
+ | | `alternate-address-type` | `in` |
479
+ | `container-image` | `is` ` is-not` ` starts-with` ` ends-with`
480
+ ` contains` ` does-not-contain` ` is-like` ` not-like` |
481
+ | `container-status` | `is` ` is-not` |
482
+ | `containers` | `are` |
483
+ | `criticality-tag` | `is` ` is-not` ` is-greater-than` ` is-less-than`
484
+ ` is-applied` ` is-not-applied` | |
485
+ `custom-tag` | `is` ` is-not` ` starts-with` ` ends-with` `
486
+ contains` ` does-not-contain` ` is-applied` ` is-not-applied` |
487
+ | `cve` | `is` ` is-not` ` contains` ` does-not-contain` |
488
+ | `cvss-access-complexity` | `is` ` is-not` |
489
+ | `cvss-authentication-required` | `is` ` is-not` |
490
+ | `cvss-access-vector` | `is` ` is-not` |
491
+ | `cvss-availability-impact` | `is` ` is-not` |
492
+ | `cvss-confidentiality-impact` | `is` ` is-not` |
493
+ | `cvss-integrity-impact` | `is` ` is-not` |
494
+ | `cvss-v3-confidentiality-impact` | `is` ` is-not` |
495
+ | `cvss-v3-integrity-impact` | `is` ` is-not` |
496
+ | `cvss-v3-availability-impact` | `is` ` is-not` |
497
+ | `cvss-v3-attack-vector` | `is` ` is-not` |
498
+ | `cvss-v3-attack-complexity` | `is` ` is-not` |
499
+ | `cvss-v3-user-interaction` | `is` ` is-not` |
500
+ | `cvss-v3-privileges-required` | `is` ` is-not` |
501
+ | `host-name` | `is` ` is-not` ` starts-with` ` ends-with`
502
+ ` contains` ` does-not-contain` ` is-empty` ` is-not-empty` ` is-like` ` not-like` |
503
+ | `host-type` | `in` ` not-in` |
504
+ | `ip-address` | `is` ` is-not` ` in-range` ` not-in-range`
505
+ ` is-like` ` not-like` |
506
+ | `ip-address-type` | `in` ` not-in` |
507
+ | `last-scan-date` | `is-on-or-before` ` is-on-or-after` ` is-between`
508
+ ` is-earlier-than` ` is-within-the-last` | |
509
+ `location-tag` | `is` ` is-not` ` starts-with` ` ends-with` `
510
+ contains` ` does-not-contain` ` is-applied` ` is-not-applied` |
511
+ | `mobile-device-last-sync-time` | `is-within-the-last` ` is-earlier-than` |
512
+ | `open-ports` | `is` ` is-not` ` in-range` |
513
+ | `operating-system` | `contains` ` does-not-contain` ` is-empty`
514
+ ` is-not-empty` |
515
+ | `owner-tag` | `is` ` is-not` ` starts-with` ` ends-with`
516
+ ` contains` ` does-not-contain` ` is-applied` ` is-not-applied` |
517
+ | `pci-compliance` | `is` |
518
+ | `risk-score` | `is` ` is-not` ` in-range` ` greater-than`
519
+ ` less-than` |
520
+ | `service-name` | `contains` ` does-not-contain` |
521
+ | `site-id` | `in` ` not-in` |
522
+ | `software` | `contains` ` does-not-contain` |
523
+ | `vAsset-cluster` | `is` ` is-not` ` contains` ` does-not-contain`
524
+ ` starts-with` |
525
+ | `vAsset-datacenter` | `is` ` is-not` |
526
+ | `vAsset-host-name` | `is` ` is-not` ` contains` ` does-not-contain`
527
+ ` starts-with` |
528
+ | `vAsset-power-state` | `in` ` not-in` |
529
+ | `vAsset-resource-pool-path` | `contains` ` does-not-contain` |
530
+ | `vulnerability-assessed` | `is-on-or-before` ` is-on-or-after` ` is-between`
531
+ ` is-earlier-than` ` is-within-the-last` | |
532
+ `vulnerability-category` | `is` ` is-not` ` starts-with` ` ends-with` `
533
+ contains` ` does-not-contain` |
534
+ | `vulnerability-cvss-v3-score` | `is` ` is-not` |
535
+ | `vulnerability-cvss-score` | `is` ` is-not` ` in-range` ` is-greater-than`
536
+ ` is-less-than` |
537
+ | `vulnerability-exposures` | `includes` ` does-not-include` |
538
+ | `vulnerability-title` | `contains` ` does-not-contain` ` is` ` is-not`
539
+ ` starts-with` ` ends-with` |
540
+ | `vulnerability-validated-status` | `are` | #####
541
+ Enumerated Properties The following fields have enumerated values: | Field |
542
+ Acceptable Values |
543
+ | ----------------------------------------- | -------------------------------------------------------------------------------------------------------------
544
+ | | `alternate-address-type` | 0=IPv4, 1=IPv6 |
545
+ | `containers` | 0=present, 1=not present |
546
+ | `container-status` | `created` `running` `paused` `restarting`
547
+ `exited` `dead` `unknown` | | `cvss-access-complexity` |
548
+ <ul><li><code>L</code> = Low</li><li><code>M</code> = Medium</li><li><code>H</code>
549
+ = High</li></ul> | | `cvss-integrity-impact` | <ul><li><code>N</code>
550
+ = None</li><li><code>P</code> = Partial</li><li><code>C</code> = Complete</li></ul> |
551
+ | `cvss-confidentiality-impact` | <ul><li><code>N</code> = None</li><li><code>P</code>
552
+ = Partial</li><li><code>C</code> = Complete</li></ul> | | `cvss-availability-impact` |
553
+ <ul><li><code>N</code> = None</li><li><code>P</code> = Partial</li><li><code>C</code>
554
+ = Complete</li></ul> | | `cvss-access-vector` | <ul><li><code>L</code>
555
+ = Local</li><li><code>A</code> = Adjacent</li><li><code>N</code> = Network</li></ul> |
556
+ | `cvss-authentication-required` | <ul><li><code>N</code> = None</li><li><code>S</code>
557
+ = Single</li><li><code>M</code> = Multiple</li></ul> | | `cvss-v3-confidentiality-impact` |
558
+ <ul><li><code>L</code> = Local</li><li><code>L</code> = Low</li><li><code>N</code>
559
+ = None</li><li><code>H</code> = High</li></ul> | | `cvss-v3-integrity-impact` |
560
+ <ul><li><code>L</code> = Local</li><li><code>L</code> = Low</li><li><code>N</code>
561
+ = None</li><li><code>H</code> = High</li></ul> | | `cvss-v3-availability-impact` |
562
+ <ul><li><code>N</code> = None</li><li><code>L</code> = Low</li><li><code>H</code>
563
+ = High</li></ul> | | `cvss-v3-attack-vector` | <ul><li><code>N</code>
564
+ = Network</li><li><code>A</code> = Adjacent</li><li><code>L</code> = Local</li><li><code>P</code>
565
+ = Physical</li></ul> | | `cvss-v3-attack-complexity` | <ul><li><code>L</code>
566
+ = Low</li><li><code>H</code> = High</li></ul> | | `cvss-v3-user-interaction` |
567
+ <ul><li><code>N</code> = None</li><li><code>R</code> = Required</li></ul> |
568
+ | `cvss-v3-privileges-required` | <ul><li><code>N</code> = None</li><li><code>L</code>
569
+ = Low</li><li><code>H</code> = High</li></ul> | | `host-type` |
570
+ 0=Unknown, 1=Guest, 2=Hypervisor, 3=Physical, 4=Mobile |
571
+ | `ip-address-type` | 0=IPv4, 1=IPv6 |
572
+ | `pci-compliance` | 0=fail, 1=pass |
573
+ | `vulnerability-validated-status` | 0=present, 1=not present | #####
574
+ Operator Properties <a section="section/Responses/SearchCriteria/OperatorProperties"></a> The
575
+ following table outlines which properties are required for each operator and the
576
+ appropriate data type(s): | Operator | `value` | `lower` |
577
+ `upper` | | ----------------------|-----------------------|-----------------------|-----------------------|
578
+ | `are` | `string` | | |
579
+ | `contains` | `string` | | |
580
+ | `does-not-contain` | `string` | | |
581
+ | `ends with` | `string` | | |
582
+ | `in` | `Array[ string ]` | | |
583
+ | `in-range` | | `numeric` | `numeric` |
584
+ | `includes` | `Array[ string ]` | | |
585
+ | `is` | `string` | | |
586
+ | `is-applied` | | | |
587
+ | `is-between` | | `numeric` | `numeric` |
588
+ | `is-earlier-than` | `numeric` | | |
589
+ | `is-empty` | | | |
590
+ | `is-greater-than` | `numeric` | | |
591
+ | `is-on-or-after` | `string` (yyyy-MM-dd) | | |
592
+ | `is-on-or-before` | `string` (yyyy-MM-dd) | | |
593
+ | `is-not` | `string` | | |
594
+ | `is-not-applied` | | | |
595
+ | `is-not-empty` | | | |
596
+ | `is-within-the-last` | `numeric` | | |
597
+ | `less-than` | `string` | | |
598
+ | `like` | `string` | | |
599
+ | `not-contains` | `string` | | |
600
+ | `not-in` | `Array[ string ]` | | |
601
+ | `not-in-range` | | `numeric` | `numeric` |
602
+ | `not-like` | `string` | | |
603
+ | `starts-with` | `string` | | | ####
604
+ Discovery Connection Search Criteria <a section="section/Responses/DiscoverySearchCriteria"></a> Dynamic
605
+ sites make use of search criteria to match assets from a discovery connection. Search
606
+ criteria is an array of search filters. Each search filter has a generic format
607
+ of: ```json { "field": "<field-name>", "operator": "<operator>", ["value":
608
+ "<value>",] ["lower": "<value>",] ["upper": "<value>"] } ``` Every filter
609
+ defines two required properties `field` and `operator`. The field is the name of
610
+ an asset property that is being filtered on. The list of supported fields vary depending
611
+ on the type of discovery connection configured for the dynamic site (e.g vSphere,
612
+ ActiveSync, etc.). The operator is a type and property-specific operating performed
613
+ on the filtered property. The valid values for fields outlined in the tables below
614
+ and are grouped by the type of connection. Every filter also defines one or
615
+ more values that are supplied to the operator. See <a href="#section/Responses/SearchCriteria/OperatorProperties">Search
616
+ Criteria Operator Properties</a> for more information on the valid values for each
617
+ operator. ##### Fields (ActiveSync) This section documents search criteria information
618
+ for ActiveSync discovery connections. The discovery connections must be one of
619
+ the following types: `"activesync-ldap"`, `"activesync-office365"`, or `"activesync-powershell"`. The
620
+ following table outlines the search criteria fields and the available operators
621
+ for ActiveSync connections: | Field | Operators |
622
+ | --------------------------------- | -------------------------------------------------------------
623
+ | | `last-sync-time` | `is-within-the-last` ` is-earlier-than` |
624
+ | `operating-system` | `contains` ` does-not-contain` |
625
+ | `user` | `is` ` is-not` ` contains` ` does-not-contain`
626
+ ` starts-with` | ##### Fields (AWS) This section documents search criteria information
627
+ for AWS discovery connections. The discovery connections must be the type `"aws"`. The
628
+ following table outlines the search criteria fields and the available operators
629
+ for AWS connections: | Field | Operators |
630
+ | ----------------------- | -------------------------------------------------------------
631
+ | | `availability-zone` | `contains` ` does-not-contain` |
632
+ | `guest-os-family` | `contains` ` does-not-contain` |
633
+ | `instance-id` | `contains` ` does-not-contain` |
634
+ | `instance-name` | `is` ` is-not` ` contains` ` does-not-contain` ` starts-with`
635
+ | | `instance-state` | `in` ` not-in` |
636
+ | `instance-type` | `in` ` not-in` |
637
+ | `ip-address` | `in-range` ` not-in-range` ` is` ` is-not` |
638
+ | `region` | `in` ` not-in` |
639
+ | `vpc-id` | `is` ` is-not` ` contains` ` does-not-contain` ` starts-with`
640
+ | ##### Fields (DHCP) This section documents search criteria information for DHCP
641
+ discovery connections. The discovery connections must be the type `"dhcp"`. The
642
+ following table outlines the search criteria fields and the available operators
643
+ for DHCP connections: | Field | Operators |
644
+ | --------------- | -------------------------------------------------------------
645
+ | | `host-name` | `is` ` is-not` ` contains` ` does-not-contain` ` starts-with`
646
+ | | `ip-address` | `in-range` ` not-in-range` ` is` ` is-not` |
647
+ | `mac-address` | `is` ` is-not` ` contains` ` does-not-contain` ` starts-with`
648
+ | ##### Fields (Sonar) This section documents search criteria information for
649
+ Sonar discovery connections. The discovery connections must be the type `"sonar"`. The
650
+ following table outlines the search criteria fields and the available operators
651
+ for Sonar connections: | Field | Operators | | -------------------
652
+ | -------------------- | | `search-domain` | `contains` ` is` | | `ip-address` |
653
+ `in-range` ` is` | | `sonar-scan-date` | `is-within-the-last` | ##### Fields
654
+ (vSphere) This section documents search criteria information for vSphere discovery
655
+ connections. The discovery connections must be the type `"vsphere"`. The following
656
+ table outlines the search criteria fields and the available operators for vSphere
657
+ connections: | Field | Operators |
658
+ | -------------------- | ------------------------------------------------------------------------------------------
659
+ | | `cluster` | `is` ` is-not` ` contains` ` does-not-contain` ` starts-with` |
660
+ | `data-center` | `is` ` is-not` |
661
+ | `discovered-time` | `is-on-or-before` ` is-on-or-after` ` is-between` ` is-earlier-than`
662
+ ` is-within-the-last` | | `guest-os-family` | `contains` ` does-not-contain` |
663
+ | `host-name` | `is` ` is-not` ` contains` ` does-not-contain` ` starts-with` |
664
+ | `ip-address` | `in-range` ` not-in-range` ` is` ` is-not` |
665
+ | `power-state` | `in` ` not-in` |
666
+ | `resource-pool-path` | `contains` ` does-not-contain` |
667
+ | `last-time-seen` | `is-on-or-before` ` is-on-or-after` ` is-between` ` is-earlier-than`
668
+ ` is-within-the-last` | | `vm` | `is` ` is-not` ` contains` ` does-not-contain`
669
+ ` starts-with` | ##### Enumerated Properties (vSphere) The
670
+ following fields have enumerated values: | Field | Acceptable Values |
671
+ | ------------- | ------------------------------------ | | `power-state` | `poweredOn`
672
+ `poweredOff` `suspended` | ## HATEOAS This API follows Hypermedia as the Engine
673
+ of Application State (HATEOAS) principals and is therefore hypermedia friendly. Hyperlinks
674
+ are returned in the `links` property of any given resource and contain a fully-qualified
675
+ hyperlink to the corresponding resource. The format of the hypermedia link adheres
676
+ to both the <a target="_blank" href="http://jsonapi.org">{json:api} v1</a> <a target="_blank"
677
+ href="http://jsonapi.org/format/#document-links">"Link Object"</a> and <a target="_blank"
678
+ href="http://json-schema.org/latest/json-schema-hypermedia.html">JSON Hyper-Schema</a> <a
679
+ target="_blank" href="http://json-schema.org/latest/json-schema-hypermedia.html#rfc.section.5.2">"Link
680
+ Description Object"</a> formats. For example: ```json "links": [{ "rel": "<relation>", "href":
681
+ "<href>" ... }] ``` Where appropriate link objects may also contain additional
682
+ properties than the `rel` and `href` properties, such as `id`, `type`, etc. See
683
+ the [Root](#tag/Root) resources for the entry points into API discovery. '
684
+ email:
685
+ - support@rapid7.com
686
+ executables: []
687
+ extensions: []
688
+ extra_rdoc_files: []
689
+ files: []
690
+ homepage: https://github.com/rapid7/vm-console-client-ruby
691
+ licenses:
692
+ - MIT
693
+ metadata: {}
694
+ post_install_message:
695
+ rdoc_options: []
696
+ require_paths:
697
+ - lib
698
+ required_ruby_version: !ruby/object:Gem::Requirement
699
+ requirements:
700
+ - - ">="
701
+ - !ruby/object:Gem::Version
702
+ version: '1.9'
703
+ required_rubygems_version: !ruby/object:Gem::Requirement
704
+ requirements:
705
+ - - ">"
706
+ - !ruby/object:Gem::Version
707
+ version: 1.3.1
708
+ requirements: []
709
+ rubygems_version: 3.0.3
710
+ signing_key:
711
+ specification_version: 4
712
+ summary: A ruby wrapper for the Rapid7 Nexpose and InsightVM Console API v3
713
+ test_files: []