rapid7_vm_console 1.0.0.pre.6.5.50

Sign up to get free protection for your applications and to get access to all the features.
Files changed (2) hide show
  1. checksums.yaml +7 -0
  2. metadata +713 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: 35f0d5c4f53dcd616ba0d3f67ef395d7cce1818dbd184d061a3d9ccef9e484a9
4
+ data.tar.gz: 1f8144241c0278b5d2ba4a8b3ccb3c3911b03da6b4ed18fdbda5ebd6c4c06702
5
+ SHA512:
6
+ metadata.gz: f170423750276e3498081eaaba1b9524a72f03d1b754aa2a80eaef662828b7d8818edff5b6a17b2957d9a73cc24b4300b392035c8d3ad86832cee5392bae2453
7
+ data.tar.gz: 6703361d5bfad5c8f437e718abdc306fb4b6bf22dbce8d2c2d36fd13782aab230e55aa1dfd3f1642c99efd960eaa7c3f1e914bfefa1b25658c588a6572318228
metadata ADDED
@@ -0,0 +1,713 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: rapid7_vm_console
3
+ version: !ruby/object:Gem::Version
4
+ version: 1.0.0.pre.6.5.50
5
+ platform: ruby
6
+ authors:
7
+ - Swagger-Codegen
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2020-06-01 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: typhoeus
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '1.0'
20
+ - - ">="
21
+ - !ruby/object:Gem::Version
22
+ version: 1.0.1
23
+ type: :runtime
24
+ prerelease: false
25
+ version_requirements: !ruby/object:Gem::Requirement
26
+ requirements:
27
+ - - "~>"
28
+ - !ruby/object:Gem::Version
29
+ version: '1.0'
30
+ - - ">="
31
+ - !ruby/object:Gem::Version
32
+ version: 1.0.1
33
+ - !ruby/object:Gem::Dependency
34
+ name: json
35
+ requirement: !ruby/object:Gem::Requirement
36
+ requirements:
37
+ - - ">="
38
+ - !ruby/object:Gem::Version
39
+ version: 2.1.0
40
+ - - "~>"
41
+ - !ruby/object:Gem::Version
42
+ version: '2.1'
43
+ type: :runtime
44
+ prerelease: false
45
+ version_requirements: !ruby/object:Gem::Requirement
46
+ requirements:
47
+ - - ">="
48
+ - !ruby/object:Gem::Version
49
+ version: 2.1.0
50
+ - - "~>"
51
+ - !ruby/object:Gem::Version
52
+ version: '2.1'
53
+ - !ruby/object:Gem::Dependency
54
+ name: rspec
55
+ requirement: !ruby/object:Gem::Requirement
56
+ requirements:
57
+ - - ">="
58
+ - !ruby/object:Gem::Version
59
+ version: 3.6.0
60
+ - - "~>"
61
+ - !ruby/object:Gem::Version
62
+ version: '3.6'
63
+ type: :development
64
+ prerelease: false
65
+ version_requirements: !ruby/object:Gem::Requirement
66
+ requirements:
67
+ - - ">="
68
+ - !ruby/object:Gem::Version
69
+ version: 3.6.0
70
+ - - "~>"
71
+ - !ruby/object:Gem::Version
72
+ version: '3.6'
73
+ - !ruby/object:Gem::Dependency
74
+ name: vcr
75
+ requirement: !ruby/object:Gem::Requirement
76
+ requirements:
77
+ - - "~>"
78
+ - !ruby/object:Gem::Version
79
+ version: '3.0'
80
+ - - ">="
81
+ - !ruby/object:Gem::Version
82
+ version: 3.0.1
83
+ type: :development
84
+ prerelease: false
85
+ version_requirements: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - "~>"
88
+ - !ruby/object:Gem::Version
89
+ version: '3.0'
90
+ - - ">="
91
+ - !ruby/object:Gem::Version
92
+ version: 3.0.1
93
+ - !ruby/object:Gem::Dependency
94
+ name: webmock
95
+ requirement: !ruby/object:Gem::Requirement
96
+ requirements:
97
+ - - "~>"
98
+ - !ruby/object:Gem::Version
99
+ version: '1.24'
100
+ - - ">="
101
+ - !ruby/object:Gem::Version
102
+ version: 1.24.3
103
+ type: :development
104
+ prerelease: false
105
+ version_requirements: !ruby/object:Gem::Requirement
106
+ requirements:
107
+ - - "~>"
108
+ - !ruby/object:Gem::Version
109
+ version: '1.24'
110
+ - - ">="
111
+ - !ruby/object:Gem::Version
112
+ version: 1.24.3
113
+ - !ruby/object:Gem::Dependency
114
+ name: autotest
115
+ requirement: !ruby/object:Gem::Requirement
116
+ requirements:
117
+ - - "~>"
118
+ - !ruby/object:Gem::Version
119
+ version: '4.4'
120
+ - - ">="
121
+ - !ruby/object:Gem::Version
122
+ version: 4.4.6
123
+ type: :development
124
+ prerelease: false
125
+ version_requirements: !ruby/object:Gem::Requirement
126
+ requirements:
127
+ - - "~>"
128
+ - !ruby/object:Gem::Version
129
+ version: '4.4'
130
+ - - ">="
131
+ - !ruby/object:Gem::Version
132
+ version: 4.4.6
133
+ - !ruby/object:Gem::Dependency
134
+ name: autotest-rails-pure
135
+ requirement: !ruby/object:Gem::Requirement
136
+ requirements:
137
+ - - "~>"
138
+ - !ruby/object:Gem::Version
139
+ version: '4.1'
140
+ - - ">="
141
+ - !ruby/object:Gem::Version
142
+ version: 4.1.2
143
+ type: :development
144
+ prerelease: false
145
+ version_requirements: !ruby/object:Gem::Requirement
146
+ requirements:
147
+ - - "~>"
148
+ - !ruby/object:Gem::Version
149
+ version: '4.1'
150
+ - - ">="
151
+ - !ruby/object:Gem::Version
152
+ version: 4.1.2
153
+ - !ruby/object:Gem::Dependency
154
+ name: autotest-growl
155
+ requirement: !ruby/object:Gem::Requirement
156
+ requirements:
157
+ - - "~>"
158
+ - !ruby/object:Gem::Version
159
+ version: '0.2'
160
+ - - ">="
161
+ - !ruby/object:Gem::Version
162
+ version: 0.2.16
163
+ type: :development
164
+ prerelease: false
165
+ version_requirements: !ruby/object:Gem::Requirement
166
+ requirements:
167
+ - - "~>"
168
+ - !ruby/object:Gem::Version
169
+ version: '0.2'
170
+ - - ">="
171
+ - !ruby/object:Gem::Version
172
+ version: 0.2.16
173
+ - !ruby/object:Gem::Dependency
174
+ name: autotest-fsevent
175
+ requirement: !ruby/object:Gem::Requirement
176
+ requirements:
177
+ - - "~>"
178
+ - !ruby/object:Gem::Version
179
+ version: '0.2'
180
+ - - ">="
181
+ - !ruby/object:Gem::Version
182
+ version: 0.2.12
183
+ type: :development
184
+ prerelease: false
185
+ version_requirements: !ruby/object:Gem::Requirement
186
+ requirements:
187
+ - - "~>"
188
+ - !ruby/object:Gem::Version
189
+ version: '0.2'
190
+ - - ">="
191
+ - !ruby/object:Gem::Version
192
+ version: 0.2.12
193
+ description: '# Overview This guide documents the InsightVM Application Programming
194
+ Interface (API) Version 3. This API supports the Representation State Transfer (REST)
195
+ design pattern. Unless noted otherwise this API accepts and produces the `application/json`
196
+ media type. This API uses Hypermedia as the Engine of Application State (HATEOAS)
197
+ and is hypermedia friendly. All API connections must be made to the security console
198
+ using HTTPS. ## Versioning Versioning is specified in the URL and the base path
199
+ of this API is: `https://<host>:<port>/api/3/`. ## Specification An <a target="_blank"
200
+ href="https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md">OpenAPI
201
+ v2</a> specification (also known as Swagger 2) of this API is available. Tools
202
+ such as <a target="_blank" href="https://github.com/swagger-api/swagger-codegen">swagger-codegen</a>
203
+ can be used to generate an API client in the language of your choosing using this
204
+ specification document. <p class="openapi">Download the specification: <a class="openapi-button"
205
+ target="_blank" download="" href="/api/3/json"> Download </a></p> ## Authentication Authorization
206
+ to the API uses HTTP Basic Authorization (see <a target="_blank" href="https://www.ietf.org/rfc/rfc2617.txt">RFC
207
+ 2617</a> for more information). Requests must supply authorization credentials
208
+ in the `Authorization` header using a Base64 encoded hash of `"username:password"`. <!--
209
+ ReDoc-Inject: <security-definitions> --> ### 2FA This API supports two-factor
210
+ authentication (2FA) by supplying an authentication token in addition to the Basic
211
+ Authorization. The token is specified using the `Token` request header. To leverage
212
+ two-factor authentication, this must be enabled on the console and be configured
213
+ for the account accessing the API. ## Resources ### Naming Resource names represent
214
+ nouns and identify the entity being manipulated or accessed. All collection resources
215
+ are pluralized to indicate to the client they are interacting with a collection
216
+ of multiple resources of the same type. Singular resource names are used when there
217
+ exists only one resource available to interact with. The following naming conventions
218
+ are used by this API: | Type | Case |
219
+ | --------------------------------------------- | ------------------------ | | Resource
220
+ names | `lower_snake_case` | | Header, body,
221
+ and query parameters parameters | `camelCase` | | JSON fields and property
222
+ names | `camelCase` | #### Collections A collection
223
+ resource is a parent resource for instance resources, but can itself be retrieved
224
+ and operated on independently. Collection resources use a pluralized resource name.
225
+ The resource path for collection resources follow the convention: ``` /api/3/{resource_name}
226
+ ``` #### Instances An instance resource is a "leaf" level resource that may be
227
+ retrieved, optionally nested within a collection resource. Instance resources are
228
+ usually retrievable with opaque identifiers. The resource path for instance resources
229
+ follows the convention: ``` /api/3/{resource_name}/{instance_id}... ``` ## Verbs The
230
+ following HTTP operations are supported throughout this API. The general usage of
231
+ the operation and both its failure and success status codes are outlined below. |
232
+ Verb | Usage |
233
+ Success | Failure | |
234
+ --------- | -------------------------------------------------------------------------------------
235
+ | ----------- | -------------------------------------------------------------- |
236
+ | `GET` | Used to retrieve a resource by identifier, or a collection of resources
237
+ by type. | `200` | `400`, `401`, `402`, `404`, `405`, `408`, `410`, `415`,
238
+ `500` | | `POST` | Creates a resource with an application-specified identifier. |
239
+ `201` | `400`, `401`, `404`, `405`, `408`, `413`, `415`, `500` | |
240
+ `POST` | Performs a request to queue an asynchronous job. |
241
+ `202` | `400`, `401`, `405`, `408`, `410`, `413`, `415`, `500` | |
242
+ `PUT` | Creates a resource with a client-specified identifier. |
243
+ `200` | `400`, `401`, `403`, `405`, `408`, `410`, `413`, `415`, `500` | |
244
+ `PUT` | Performs a full update of a resource with a specified identifier. |
245
+ `201` | `400`, `401`, `403`, `405`, `408`, `410`, `413`, `415`, `500` | |
246
+ `DELETE` | Deletes a resource by identifier or an entire collection of resources. |
247
+ `204` | `400`, `401`, `405`, `408`, `410`, `413`, `415`, `500` | |
248
+ `OPTIONS` | Requests what operations are available on a resource. |
249
+ `200` | `401`, `404`, `405`, `408`, `500` | ###
250
+ Common Operations #### OPTIONS All resources respond to the `OPTIONS` request,
251
+ which allows discoverability of available operations that are supported. The `OPTIONS`
252
+ response returns the acceptable HTTP operations on that resource within the `Allow`
253
+ header. The response is always a `200 OK` status. ### Collection Resources Collection
254
+ resources can support the `GET`, `POST`, `PUT`, and `DELETE` operations. #### GET The
255
+ `GET` operation invoked on a collection resource indicates a request to retrieve
256
+ all, or some, of the entities contained within the collection. This also includes
257
+ the optional capability to filter or search resources during the request. The response
258
+ from a collection listing is a paginated document. See [hypermedia links](#section/Overview/Paging)
259
+ for more information. #### POST The `POST` is a non-idempotent operation that
260
+ allows for the creation of a new resource when the resource identifier is not provided
261
+ by the system during the creation operation (i.e. the Security Console generates
262
+ the identifier). The content of the `POST` request is sent in the request body.
263
+ The response to a successful `POST` request should be a `201 CREATED` with a valid
264
+ `Location` header field set to the URI that can be used to access to the newly created
265
+ resource. The `POST` to a collection resource can also be used to interact with
266
+ asynchronous resources. In this situation, instead of a `201 CREATED` response,
267
+ the `202 ACCEPTED` response indicates that processing of the request is not fully complete
268
+ but has been accepted for future processing. This request will respond similarly
269
+ with a `Location` header with link to the job-oriented asynchronous resource that
270
+ was created and/or queued. #### PUT The `PUT` is an idempotent operation that
271
+ either performs a create with user-supplied identity, or a full replace or update
272
+ of a resource by a known identifier. The response to a `PUT` operation to create
273
+ an entity is a `201 Created` with a valid `Location` header field set to the URI
274
+ that can be used to access to the newly created resource. `PUT` on a collection
275
+ resource replaces all values in the collection. The typical response to a `PUT`
276
+ operation that updates an entity is hypermedia links, which may link to related
277
+ resources caused by the side-effects of the changes performed. #### DELETE The
278
+ `DELETE` is an idempotent operation that physically deletes a resource, or removes
279
+ an association between resources. The typical response to a `DELETE` operation is
280
+ hypermedia links, which may link to related resources caused by the side-effects
281
+ of the changes performed. ### Instance Resources Instance resources can support
282
+ the `GET`, `PUT`, `POST`, `PATCH` and `DELETE` operations. #### GET Retrieves
283
+ the details of a specific resource by its identifier. The details retrieved can
284
+ be controlled through property selection and property views. The content of the
285
+ resource is returned within the body of the response in the acceptable media type. ####
286
+ PUT Allows for and idempotent "full update" (complete replacement) on a specific
287
+ resource. If the resource does not exist, it will be created; if it does exist,
288
+ it is completely overwritten. Any omitted properties in the request are assumed
289
+ to be undefined/null. For "partial updates" use `POST` or `PATCH` instead. The
290
+ content of the `PUT` request is sent in the request body. The identifier of the
291
+ resource is specified within the URL (not the request body). The response to a
292
+ successful `PUT` request is a `201 CREATED` to represent the created status, with
293
+ a valid `Location` header field set to the URI that can be used to access to the
294
+ newly created (or fully replaced) resource. #### POST Performs a non-idempotent
295
+ creation of a new resource. The `POST` of an instance resource most commonly occurs
296
+ with the use of nested resources (e.g. searching on a parent collection resource).
297
+ The response to a `POST` of an instance resource is typically a `200 OK` if the
298
+ resource is non-persistent, and a `201 CREATED` if there is a resource created/persisted
299
+ as a result of the operation. This varies by endpoint. #### PATCH The `PATCH`
300
+ operation is used to perform a partial update of a resource. `PATCH` is a non-idempotent
301
+ operation that enforces an atomic mutation of a resource. Only the properties specified
302
+ in the request are to be overwritten on the resource it is applied to. If a property
303
+ is missing, it is assumed to not have changed. #### DELETE Permanently removes
304
+ the individual resource from the system. If the resource is an association between
305
+ resources, only the association is removed, not the resources themselves. A successful
306
+ deletion of the resource should return `204 NO CONTENT` with no response body.
307
+ This operation is not fully idempotent, as follow-up requests to delete a non-existent
308
+ resource should return a `404 NOT FOUND`. ## Requests Unless otherwise indicated,
309
+ the default request body media type is `application/json`. ### Headers Commonly
310
+ used request headers include: | Header | Example |
311
+ Purpose | |
312
+ ------------------ | --------------------------------------------- | ----------------------------------------------------------------------------------------------
313
+ | | `Accept` | `application/json` | Defines
314
+ what acceptable content types are allowed by the client. For all types, use `*/*`. |
315
+ | `Accept-Encoding` | `deflate, gzip` | Allows for
316
+ the encoding to be specified (such as gzip). |
317
+ | `Accept-Language` | `en-US` | Indicates
318
+ to the server the client''s locale (defaults `en-US`). |
319
+ | `Authorization ` | `Basic Base64("username:password")` | Basic authentication |
320
+ | `Token ` | `123456` | Two-factor
321
+ authentication token (if enabled) | ###
322
+ Dates & Times Dates and/or times are specified as strings in the ISO 8601 format(s).
323
+ The following formats are supported as input: | Value | Format |
324
+ Notes | | ---------------------------
325
+ | ------------------------------------------------------ | -----------------------------------------------------
326
+ | | Date | YYYY-MM-DD |
327
+ Defaults to 12 am UTC (if used for a date & time | | Date & time only |
328
+ YYYY-MM-DD''T''hh:mm:ss[.nnn] | Defaults to UTC |
329
+ | Date & time in UTC | YYYY-MM-DD''T''hh:mm:ss[.nnn]Z | |
330
+ | Date & time w/ offset | YYYY-MM-DD''T''hh:mm:ss[.nnn][+&#124;-]hh:mm | |
331
+ | Date & time w/ zone-offset | YYYY-MM-DD''T''hh:mm:ss[.nnn][+&#124;-]hh:mm[<zone-id>] | | ###
332
+ Timezones Timezones are specified in the regional zone format, such as `"America/Los_Angeles"`,
333
+ `"Asia/Tokyo"`, or `"GMT"`. ### Paging Pagination is supported on certain collection
334
+ resources using a combination of two query parameters, `page` and `size`. As these
335
+ are control parameters, they are prefixed with the underscore character. The page
336
+ parameter dictates the zero-based index of the page to retrieve, and the `size`
337
+ indicates the size of the page. For example, `/resources?page=2&size=10` will
338
+ return page 3, with 10 records per page, giving results 21-30. The maximum page
339
+ size for a request is 500. ### Sorting Sorting is supported on paginated resources
340
+ with the `sort` query parameter(s). The sort query parameter(s) supports identifying
341
+ a single or multi-property sort with a single or multi-direction output. The format
342
+ of the parameter is: ``` sort=property[,ASC|DESC]... ``` Therefore, the request
343
+ `/resources?sort=name,title,DESC` would return the results sorted by the name and
344
+ title descending, in that order. The sort directions are either ascending `ASC`
345
+ or descending `DESC`. With single-order sorting, all properties are sorted in the
346
+ same direction. To sort the results with varying orders by property, multiple sort
347
+ parameters are passed. For example, the request `/resources?sort=name,ASC&sort=title,DESC`
348
+ would sort by name ascending and title descending, in that order. ## Responses The
349
+ following response statuses may be returned by this API. | Status | Meaning |
350
+ Usage |
351
+ | ------ | ------------------------ |-------------------------------------------------------------------------------------------------------------------------------------------------------------------------
352
+ | | `200` | OK | The operation performed without error according
353
+ to the specification of the request, and no more specific 2xx code is suitable. |
354
+ | `201` | Created | A create request has been fulfilled and a
355
+ resource has been created. The resource is available as the URI specified in the
356
+ response, including the `Location` header. | | `202` | Accepted |
357
+ An asynchronous task has been accepted, but not guaranteed, to be processed in the
358
+ future. |
359
+ | `400` | Bad Request | The request was invalid or cannot be otherwise
360
+ served. The request is not likely to succeed in the future without modifications. |
361
+ | `401` | Unauthorized | The user is unauthorized to perform the operation
362
+ requested, or does not maintain permissions to perform the operation on the resource
363
+ specified. | | `403` | Forbidden | The resource
364
+ exists to which the user has access, but the operating requested is not permitted. |
365
+ | `404` | Not Found | The resource specified could not be located,
366
+ does not exist, or an unauthenticated client does not have permissions to a resource. |
367
+ | `405` | Method Not Allowed | The operations may not be performed on the
368
+ specific resource. Allowed operations are returned and may be performed on the resource. |
369
+ | `408` | Request Timeout | The client has failed to complete a request
370
+ in a timely manner and the request has been discarded. |
371
+ | `413` | Request Entity Too Large | The request being provided is too large for
372
+ the server to accept processing. |
373
+ | `415` | Unsupported Media Type | The media type is not supported for the requested
374
+ resource. |
375
+ | `500` | Internal Server Error | An internal and unexpected error has occurred
376
+ on the server at no fault of the client. | ###
377
+ Security The response statuses 401, 403 and 404 need special consideration for
378
+ security purposes. As necessary, error statuses and messages may be obscured to
379
+ strengthen security and prevent information exposure. The following is a guideline
380
+ for privileged resource response statuses: | Use Case |
381
+ Access | Resource | Permission | Status | | ------------------------------------------------------------------
382
+ | ------------------ |------------------- | ------------ | ------------ | | Unauthenticated
383
+ access to an unauthenticated resource. | Unauthenticated | Unauthenticated |
384
+ Yes | `20x` | | Unauthenticated access to an authenticated resource. |
385
+ Unauthenticated | Authenticated | No | `401` | | Unauthenticated
386
+ access to an authenticated resource. | Unauthenticated | Non-existent |
387
+ No | `401` | | Authenticated access to a unauthenticated resource. |
388
+ Authenticated | Unauthenticated | Yes | `20x` | | Authenticated
389
+ access to an authenticated, unprivileged resource. | Authenticated | Authenticated |
390
+ No | `404` | | Authenticated access to an authenticated, privileged
391
+ resource. | Authenticated | Authenticated | Yes | `20x` |
392
+ | Authenticated access to an authenticated, non-existent resource | Authenticated |
393
+ Non-existent | Yes | `404` | ### Headers Commonly used response
394
+ headers include: | Header | Example |
395
+ Purpose | | --------------------------
396
+ | --------------------------------- | ---------------------------------------------------------------
397
+ | | `Allow` | `OPTIONS, GET` | Defines the
398
+ allowable HTTP operations on a resource. | | `Cache-Control` |
399
+ `no-store, must-revalidate` | Disables caching of resources (as they are all
400
+ dynamic). | | `Content-Encoding` | `gzip` |
401
+ The encoding of the response body (if any). | | `Location` | |
402
+ Refers to the URI of the resource created by a request. | | `Transfer-Encoding` |
403
+ `chunked` | Specified the encoding used to transform response. |
404
+ | `Retry-After` | 5000 | Indicates the
405
+ time to wait before retrying a request. | | `X-Content-Type-Options` |
406
+ `nosniff` | Disables MIME type sniffing. |
407
+ | `X-XSS-Protection` | `1; mode=block` | Enables XSS filter
408
+ protection. | | `X-Frame-Options` | `SAMEORIGIN` |
409
+ Prevents rendering in a frame from a different origin. | | `X-UA-Compatible` |
410
+ `IE=edge,chrome=1` | Specifies the browser mode to render in. | ###
411
+ Format When `application/json` is returned in the response body it is always pretty-printed
412
+ (indented, human readable output). Additionally, gzip compression/encoding is supported
413
+ on all responses. #### Dates & Times Dates or times are returned as strings in
414
+ the ISO 8601 ''extended'' format. When a date and time is returned (instant) the
415
+ value is converted to UTC. For example: | Value | Format |
416
+ Example | | --------------- | ------------------------------ | ---------------------
417
+ | | Date | `YYYY-MM-DD` | 2017-12-03 | |
418
+ Date & Time | `YYYY-MM-DD''T''hh:mm:ss[.nnn]Z` | 2017-12-03T10:15:30Z | ####
419
+ Content In some resources a Content data type is used. This allows for multiple
420
+ formats of representation to be returned within resource, specifically `"html"`
421
+ and `"text"`. The `"text"` property returns a flattened representation suitable
422
+ for output in textual displays. The `"html"` property returns an HTML fragment suitable
423
+ for display within an HTML element. Note, the HTML returned is not a valid stand-alone
424
+ HTML document. #### Paging The response to a paginated request follows the format: ```json
425
+ { resources": [ ... ], "page": { "number" : ..., "size"
426
+ : ..., "totalResources" : ..., "totalPages" : ... }, "links":
427
+ [ "first" : { "href" : "..." }, "prev" : { "href"
428
+ : "..." }, "self" : { "href" : "..." }, "next"
429
+ : { "href" : "..." }, "last" : { "href" : "..." } ]
430
+ } ``` The `resources` property is an array of the resources being retrieved from
431
+ the endpoint, each which should contain at minimum a "self" relation hypermedia
432
+ link. The `page` property outlines the details of the current page and total possible
433
+ pages. The object for the page includes the following properties: - number - The
434
+ page number (zero-based) of the page returned. - size - The size of the pages, which
435
+ is less than or equal to the maximum page size. - totalResources - The total amount
436
+ of resources available across all pages. - totalPages - The total amount of pages. The
437
+ last property of the paged response is the `links` array, which contains all available
438
+ hypermedia links. For paginated responses, the "self", "next", "previous", "first",
439
+ and "last" links are returned. The "self" link must always be returned and should
440
+ contain a link to allow the client to replicate the original request against the collection
441
+ resource in an identical manner to that in which it was invoked. The "next" and
442
+ "previous" links are present if either or both there exists a previous or next page,
443
+ respectively. The "next" and "previous" links have hrefs that allow "natural movement"
444
+ to the next page, that is all parameters required to move the next page are provided
445
+ in the link. The "first" and "last" links provide references to the first and last
446
+ pages respectively. Requests outside the boundaries of the pageable will result
447
+ in a `404 NOT FOUND`. Paginated requests do not provide a "stateful cursor" to
448
+ the client, nor does it need to provide a read consistent view. Records in adjacent
449
+ pages may change while pagination is being traversed, and the total number of pages
450
+ and resources may change between requests within the same filtered/queries resource
451
+ collection. #### Property Views The "depth" of the response of a resource can
452
+ be configured using a "view". All endpoints supports two views that can tune the
453
+ extent of the information returned in the resource. The supported views are `summary`
454
+ and `details` (the default). View are specified using a query parameter, in this
455
+ format: ```bash /<resource>?view={viewName} ``` #### Error Any error responses
456
+ can provide a response body with a message to the client indicating more information
457
+ (if applicable) to aid debugging of the error. All 40x and 50x responses will return
458
+ an error response in the body. The format of the response is as follows: ```json
459
+ { "status": <statusCode>, "message": <message>, "links" : [ { "rel"
460
+ : "...", "href" : "..." } ] } ``` The `status` property is the same
461
+ as the HTTP status returned in the response, to ease client parsing. The message property
462
+ is a localized message in the request client''s locale (if applicable) that articulates
463
+ the nature of the error. The last property is the `links` property. This may contain
464
+ additional [hypermedia links](#section/Overview/Authentication) to troubleshoot. ####
465
+ Search Criteria <a section="section/Responses/SearchCriteria"></a> Multiple resources
466
+ make use of search criteria to match assets. Search criteria is an array of search
467
+ filters. Each search filter has a generic format of: ```json { "field": "<field-name>", "operator":
468
+ "<operator>", ["value": "<value>",] ["lower": "<value>",] ["upper": "<value>"]
469
+ } ``` Every filter defines two required properties `field` and `operator`.
470
+ The field is the name of an asset property that is being filtered on. The operator
471
+ is a type and property-specific operating performed on the filtered property. The
472
+ valid values for fields and operators are outlined in the table below. Every filter
473
+ also defines one or more values that are supplied to the operator. The valid values
474
+ vary by operator and are outlined below. ##### Fields The following table outlines
475
+ the search criteria fields and the available operators: | Field |
476
+ Operators |
477
+ | --------------------------------- | ------------------------------------------------------------------------------------------------------------------------------
478
+ | | `alternate-address-type` | `in` |
479
+ | `container-image` | `is` ` is-not` ` starts-with` ` ends-with`
480
+ ` contains` ` does-not-contain` ` is-like` ` not-like` |
481
+ | `container-status` | `is` ` is-not` |
482
+ | `containers` | `are` |
483
+ | `criticality-tag` | `is` ` is-not` ` is-greater-than` ` is-less-than`
484
+ ` is-applied` ` is-not-applied` | |
485
+ `custom-tag` | `is` ` is-not` ` starts-with` ` ends-with` `
486
+ contains` ` does-not-contain` ` is-applied` ` is-not-applied` |
487
+ | `cve` | `is` ` is-not` ` contains` ` does-not-contain` |
488
+ | `cvss-access-complexity` | `is` ` is-not` |
489
+ | `cvss-authentication-required` | `is` ` is-not` |
490
+ | `cvss-access-vector` | `is` ` is-not` |
491
+ | `cvss-availability-impact` | `is` ` is-not` |
492
+ | `cvss-confidentiality-impact` | `is` ` is-not` |
493
+ | `cvss-integrity-impact` | `is` ` is-not` |
494
+ | `cvss-v3-confidentiality-impact` | `is` ` is-not` |
495
+ | `cvss-v3-integrity-impact` | `is` ` is-not` |
496
+ | `cvss-v3-availability-impact` | `is` ` is-not` |
497
+ | `cvss-v3-attack-vector` | `is` ` is-not` |
498
+ | `cvss-v3-attack-complexity` | `is` ` is-not` |
499
+ | `cvss-v3-user-interaction` | `is` ` is-not` |
500
+ | `cvss-v3-privileges-required` | `is` ` is-not` |
501
+ | `host-name` | `is` ` is-not` ` starts-with` ` ends-with`
502
+ ` contains` ` does-not-contain` ` is-empty` ` is-not-empty` ` is-like` ` not-like` |
503
+ | `host-type` | `in` ` not-in` |
504
+ | `ip-address` | `is` ` is-not` ` in-range` ` not-in-range`
505
+ ` is-like` ` not-like` |
506
+ | `ip-address-type` | `in` ` not-in` |
507
+ | `last-scan-date` | `is-on-or-before` ` is-on-or-after` ` is-between`
508
+ ` is-earlier-than` ` is-within-the-last` | |
509
+ `location-tag` | `is` ` is-not` ` starts-with` ` ends-with` `
510
+ contains` ` does-not-contain` ` is-applied` ` is-not-applied` |
511
+ | `mobile-device-last-sync-time` | `is-within-the-last` ` is-earlier-than` |
512
+ | `open-ports` | `is` ` is-not` ` in-range` |
513
+ | `operating-system` | `contains` ` does-not-contain` ` is-empty`
514
+ ` is-not-empty` |
515
+ | `owner-tag` | `is` ` is-not` ` starts-with` ` ends-with`
516
+ ` contains` ` does-not-contain` ` is-applied` ` is-not-applied` |
517
+ | `pci-compliance` | `is` |
518
+ | `risk-score` | `is` ` is-not` ` in-range` ` greater-than`
519
+ ` less-than` |
520
+ | `service-name` | `contains` ` does-not-contain` |
521
+ | `site-id` | `in` ` not-in` |
522
+ | `software` | `contains` ` does-not-contain` |
523
+ | `vAsset-cluster` | `is` ` is-not` ` contains` ` does-not-contain`
524
+ ` starts-with` |
525
+ | `vAsset-datacenter` | `is` ` is-not` |
526
+ | `vAsset-host-name` | `is` ` is-not` ` contains` ` does-not-contain`
527
+ ` starts-with` |
528
+ | `vAsset-power-state` | `in` ` not-in` |
529
+ | `vAsset-resource-pool-path` | `contains` ` does-not-contain` |
530
+ | `vulnerability-assessed` | `is-on-or-before` ` is-on-or-after` ` is-between`
531
+ ` is-earlier-than` ` is-within-the-last` | |
532
+ `vulnerability-category` | `is` ` is-not` ` starts-with` ` ends-with` `
533
+ contains` ` does-not-contain` |
534
+ | `vulnerability-cvss-v3-score` | `is` ` is-not` |
535
+ | `vulnerability-cvss-score` | `is` ` is-not` ` in-range` ` is-greater-than`
536
+ ` is-less-than` |
537
+ | `vulnerability-exposures` | `includes` ` does-not-include` |
538
+ | `vulnerability-title` | `contains` ` does-not-contain` ` is` ` is-not`
539
+ ` starts-with` ` ends-with` |
540
+ | `vulnerability-validated-status` | `are` | #####
541
+ Enumerated Properties The following fields have enumerated values: | Field |
542
+ Acceptable Values |
543
+ | ----------------------------------------- | -------------------------------------------------------------------------------------------------------------
544
+ | | `alternate-address-type` | 0=IPv4, 1=IPv6 |
545
+ | `containers` | 0=present, 1=not present |
546
+ | `container-status` | `created` `running` `paused` `restarting`
547
+ `exited` `dead` `unknown` | | `cvss-access-complexity` |
548
+ <ul><li><code>L</code> = Low</li><li><code>M</code> = Medium</li><li><code>H</code>
549
+ = High</li></ul> | | `cvss-integrity-impact` | <ul><li><code>N</code>
550
+ = None</li><li><code>P</code> = Partial</li><li><code>C</code> = Complete</li></ul> |
551
+ | `cvss-confidentiality-impact` | <ul><li><code>N</code> = None</li><li><code>P</code>
552
+ = Partial</li><li><code>C</code> = Complete</li></ul> | | `cvss-availability-impact` |
553
+ <ul><li><code>N</code> = None</li><li><code>P</code> = Partial</li><li><code>C</code>
554
+ = Complete</li></ul> | | `cvss-access-vector` | <ul><li><code>L</code>
555
+ = Local</li><li><code>A</code> = Adjacent</li><li><code>N</code> = Network</li></ul> |
556
+ | `cvss-authentication-required` | <ul><li><code>N</code> = None</li><li><code>S</code>
557
+ = Single</li><li><code>M</code> = Multiple</li></ul> | | `cvss-v3-confidentiality-impact` |
558
+ <ul><li><code>L</code> = Local</li><li><code>L</code> = Low</li><li><code>N</code>
559
+ = None</li><li><code>H</code> = High</li></ul> | | `cvss-v3-integrity-impact` |
560
+ <ul><li><code>L</code> = Local</li><li><code>L</code> = Low</li><li><code>N</code>
561
+ = None</li><li><code>H</code> = High</li></ul> | | `cvss-v3-availability-impact` |
562
+ <ul><li><code>N</code> = None</li><li><code>L</code> = Low</li><li><code>H</code>
563
+ = High</li></ul> | | `cvss-v3-attack-vector` | <ul><li><code>N</code>
564
+ = Network</li><li><code>A</code> = Adjacent</li><li><code>L</code> = Local</li><li><code>P</code>
565
+ = Physical</li></ul> | | `cvss-v3-attack-complexity` | <ul><li><code>L</code>
566
+ = Low</li><li><code>H</code> = High</li></ul> | | `cvss-v3-user-interaction` |
567
+ <ul><li><code>N</code> = None</li><li><code>R</code> = Required</li></ul> |
568
+ | `cvss-v3-privileges-required` | <ul><li><code>N</code> = None</li><li><code>L</code>
569
+ = Low</li><li><code>H</code> = High</li></ul> | | `host-type` |
570
+ 0=Unknown, 1=Guest, 2=Hypervisor, 3=Physical, 4=Mobile |
571
+ | `ip-address-type` | 0=IPv4, 1=IPv6 |
572
+ | `pci-compliance` | 0=fail, 1=pass |
573
+ | `vulnerability-validated-status` | 0=present, 1=not present | #####
574
+ Operator Properties <a section="section/Responses/SearchCriteria/OperatorProperties"></a> The
575
+ following table outlines which properties are required for each operator and the
576
+ appropriate data type(s): | Operator | `value` | `lower` |
577
+ `upper` | | ----------------------|-----------------------|-----------------------|-----------------------|
578
+ | `are` | `string` | | |
579
+ | `contains` | `string` | | |
580
+ | `does-not-contain` | `string` | | |
581
+ | `ends with` | `string` | | |
582
+ | `in` | `Array[ string ]` | | |
583
+ | `in-range` | | `numeric` | `numeric` |
584
+ | `includes` | `Array[ string ]` | | |
585
+ | `is` | `string` | | |
586
+ | `is-applied` | | | |
587
+ | `is-between` | | `numeric` | `numeric` |
588
+ | `is-earlier-than` | `numeric` | | |
589
+ | `is-empty` | | | |
590
+ | `is-greater-than` | `numeric` | | |
591
+ | `is-on-or-after` | `string` (yyyy-MM-dd) | | |
592
+ | `is-on-or-before` | `string` (yyyy-MM-dd) | | |
593
+ | `is-not` | `string` | | |
594
+ | `is-not-applied` | | | |
595
+ | `is-not-empty` | | | |
596
+ | `is-within-the-last` | `numeric` | | |
597
+ | `less-than` | `string` | | |
598
+ | `like` | `string` | | |
599
+ | `not-contains` | `string` | | |
600
+ | `not-in` | `Array[ string ]` | | |
601
+ | `not-in-range` | | `numeric` | `numeric` |
602
+ | `not-like` | `string` | | |
603
+ | `starts-with` | `string` | | | ####
604
+ Discovery Connection Search Criteria <a section="section/Responses/DiscoverySearchCriteria"></a> Dynamic
605
+ sites make use of search criteria to match assets from a discovery connection. Search
606
+ criteria is an array of search filters. Each search filter has a generic format
607
+ of: ```json { "field": "<field-name>", "operator": "<operator>", ["value":
608
+ "<value>",] ["lower": "<value>",] ["upper": "<value>"] } ``` Every filter
609
+ defines two required properties `field` and `operator`. The field is the name of
610
+ an asset property that is being filtered on. The list of supported fields vary depending
611
+ on the type of discovery connection configured for the dynamic site (e.g vSphere,
612
+ ActiveSync, etc.). The operator is a type and property-specific operating performed
613
+ on the filtered property. The valid values for fields outlined in the tables below
614
+ and are grouped by the type of connection. Every filter also defines one or
615
+ more values that are supplied to the operator. See <a href="#section/Responses/SearchCriteria/OperatorProperties">Search
616
+ Criteria Operator Properties</a> for more information on the valid values for each
617
+ operator. ##### Fields (ActiveSync) This section documents search criteria information
618
+ for ActiveSync discovery connections. The discovery connections must be one of
619
+ the following types: `"activesync-ldap"`, `"activesync-office365"`, or `"activesync-powershell"`. The
620
+ following table outlines the search criteria fields and the available operators
621
+ for ActiveSync connections: | Field | Operators |
622
+ | --------------------------------- | -------------------------------------------------------------
623
+ | | `last-sync-time` | `is-within-the-last` ` is-earlier-than` |
624
+ | `operating-system` | `contains` ` does-not-contain` |
625
+ | `user` | `is` ` is-not` ` contains` ` does-not-contain`
626
+ ` starts-with` | ##### Fields (AWS) This section documents search criteria information
627
+ for AWS discovery connections. The discovery connections must be the type `"aws"`. The
628
+ following table outlines the search criteria fields and the available operators
629
+ for AWS connections: | Field | Operators |
630
+ | ----------------------- | -------------------------------------------------------------
631
+ | | `availability-zone` | `contains` ` does-not-contain` |
632
+ | `guest-os-family` | `contains` ` does-not-contain` |
633
+ | `instance-id` | `contains` ` does-not-contain` |
634
+ | `instance-name` | `is` ` is-not` ` contains` ` does-not-contain` ` starts-with`
635
+ | | `instance-state` | `in` ` not-in` |
636
+ | `instance-type` | `in` ` not-in` |
637
+ | `ip-address` | `in-range` ` not-in-range` ` is` ` is-not` |
638
+ | `region` | `in` ` not-in` |
639
+ | `vpc-id` | `is` ` is-not` ` contains` ` does-not-contain` ` starts-with`
640
+ | ##### Fields (DHCP) This section documents search criteria information for DHCP
641
+ discovery connections. The discovery connections must be the type `"dhcp"`. The
642
+ following table outlines the search criteria fields and the available operators
643
+ for DHCP connections: | Field | Operators |
644
+ | --------------- | -------------------------------------------------------------
645
+ | | `host-name` | `is` ` is-not` ` contains` ` does-not-contain` ` starts-with`
646
+ | | `ip-address` | `in-range` ` not-in-range` ` is` ` is-not` |
647
+ | `mac-address` | `is` ` is-not` ` contains` ` does-not-contain` ` starts-with`
648
+ | ##### Fields (Sonar) This section documents search criteria information for
649
+ Sonar discovery connections. The discovery connections must be the type `"sonar"`. The
650
+ following table outlines the search criteria fields and the available operators
651
+ for Sonar connections: | Field | Operators | | -------------------
652
+ | -------------------- | | `search-domain` | `contains` ` is` | | `ip-address` |
653
+ `in-range` ` is` | | `sonar-scan-date` | `is-within-the-last` | ##### Fields
654
+ (vSphere) This section documents search criteria information for vSphere discovery
655
+ connections. The discovery connections must be the type `"vsphere"`. The following
656
+ table outlines the search criteria fields and the available operators for vSphere
657
+ connections: | Field | Operators |
658
+ | -------------------- | ------------------------------------------------------------------------------------------
659
+ | | `cluster` | `is` ` is-not` ` contains` ` does-not-contain` ` starts-with` |
660
+ | `data-center` | `is` ` is-not` |
661
+ | `discovered-time` | `is-on-or-before` ` is-on-or-after` ` is-between` ` is-earlier-than`
662
+ ` is-within-the-last` | | `guest-os-family` | `contains` ` does-not-contain` |
663
+ | `host-name` | `is` ` is-not` ` contains` ` does-not-contain` ` starts-with` |
664
+ | `ip-address` | `in-range` ` not-in-range` ` is` ` is-not` |
665
+ | `power-state` | `in` ` not-in` |
666
+ | `resource-pool-path` | `contains` ` does-not-contain` |
667
+ | `last-time-seen` | `is-on-or-before` ` is-on-or-after` ` is-between` ` is-earlier-than`
668
+ ` is-within-the-last` | | `vm` | `is` ` is-not` ` contains` ` does-not-contain`
669
+ ` starts-with` | ##### Enumerated Properties (vSphere) The
670
+ following fields have enumerated values: | Field | Acceptable Values |
671
+ | ------------- | ------------------------------------ | | `power-state` | `poweredOn`
672
+ `poweredOff` `suspended` | ## HATEOAS This API follows Hypermedia as the Engine
673
+ of Application State (HATEOAS) principals and is therefore hypermedia friendly. Hyperlinks
674
+ are returned in the `links` property of any given resource and contain a fully-qualified
675
+ hyperlink to the corresponding resource. The format of the hypermedia link adheres
676
+ to both the <a target="_blank" href="http://jsonapi.org">{json:api} v1</a> <a target="_blank"
677
+ href="http://jsonapi.org/format/#document-links">"Link Object"</a> and <a target="_blank"
678
+ href="http://json-schema.org/latest/json-schema-hypermedia.html">JSON Hyper-Schema</a> <a
679
+ target="_blank" href="http://json-schema.org/latest/json-schema-hypermedia.html#rfc.section.5.2">"Link
680
+ Description Object"</a> formats. For example: ```json "links": [{ "rel": "<relation>", "href":
681
+ "<href>" ... }] ``` Where appropriate link objects may also contain additional
682
+ properties than the `rel` and `href` properties, such as `id`, `type`, etc. See
683
+ the [Root](#tag/Root) resources for the entry points into API discovery. '
684
+ email:
685
+ - support@rapid7.com
686
+ executables: []
687
+ extensions: []
688
+ extra_rdoc_files: []
689
+ files: []
690
+ homepage: https://github.com/rapid7/vm-console-client-ruby
691
+ licenses:
692
+ - MIT
693
+ metadata: {}
694
+ post_install_message:
695
+ rdoc_options: []
696
+ require_paths:
697
+ - lib
698
+ required_ruby_version: !ruby/object:Gem::Requirement
699
+ requirements:
700
+ - - ">="
701
+ - !ruby/object:Gem::Version
702
+ version: '1.9'
703
+ required_rubygems_version: !ruby/object:Gem::Requirement
704
+ requirements:
705
+ - - ">"
706
+ - !ruby/object:Gem::Version
707
+ version: 1.3.1
708
+ requirements: []
709
+ rubygems_version: 3.0.3
710
+ signing_key:
711
+ specification_version: 4
712
+ summary: A ruby wrapper for the Rapid7 Nexpose and InsightVM Console API v3
713
+ test_files: []