Cloud Workload Protection Public APIs for adding users and exporting assets
Article ID: 191383
Updated On:
Products
Issue/Introduction
This topic contains information about the following Cloud Workload Protection Public APIs:
- Add a new user to the Cloud Workload Protection account
- Export assets to a .csv file
Environment
Resolution
Add user
API for adding a new user to the Cloud Workload Protection account.
Overview
This service lets you add a new user to the Cloud Workload Protection account.
URL
https://scwp.securitycloud.symantec.com/dcs-service/dcscloud/v1/users
Request Method
POST
Request Header
content-type: application/json
Authorization: <token-type> <access-token>
x-epmp-customer-id: <customer-id>
x-epmp-domain-id: <domain-id>
Request Body
{
"given_name":"<NAME>",
"surname":"<SURNAME>",
"email":"<EMAIL ID>",
"email2":"<RETYPE EMAIL ID>",
"role_name":"<ROLE>"
}
Request Parameters
|
Attribute |
Description |
Example |
|
Given Name |
User Name |
John |
|
Surname |
User Surname |
Smith |
|
|
Email ID of user |
|
|
Email2 |
Retype the user email id |
|
|
Role Name |
Role of the user |
Roles: · DCS_CLOUD_USER · DCS_CLOUD_AGENT_PACKAGE_DEPLOYER · DCS_CLOUD_VIEWER · DCS_CLOUD_SUPER_ADMIN |
Asset Export
API for exporting assets to a .csv file.
Overview
This service lets you download assets from the Cloud Workload Protection portal by fulfilling the applied conditions.
URL
https://scwp.securitycloud.symantec.com/dcs-service/dcscloud/v1/ui/assets/downloadAll
Request Method
POST
Request Header
content-type: application/json
Authorization: <token-type> <access-token>
x-epmp-customer-id: <customer-id>
x-epmp-domain-id: <domain-id>
Request Body
{
'limit':<PAGE SIZE>,
'offset':0,
'include':'dcs_device_states,installed_products,dcs_device_command_states,dcs_adapter_configs,dcs_policy_groups',
'include_count': 'true',
'association_count': 'dcs_adapter_configs',
'fields': 'name,instance_id,instance_type,cloud_platform,instance_state,adr_state,ip_addresses,device_status,status_reason,cpe_wfn,policy_applied,policy_applied_date,agent_installed,agent_installed_time,platform,appDiscoverCmdId,region,created,included_dcs_adapter_configs.name,included_dcs_adapter_configs.id,included_dcs_adapter_configs.cross_account_role_arn,included_dcs_device_states.policyRecommendationState,included_installed_products.name,included_installed_products.agent_version,included_installed_products.props,included_installed_products.status,included_installed_products.last_connected_time,included_installed_products.contents,hw,private_ips,subscription_id,subscription_name,resource_group_name',
'search': '',
'treefilter': '',
'where': <CONDITION>, # Details are similar to fetch assets API
'sort': '-created'
}
Request Parameters
It is not mandatory to apply all the attributes on your request parameters. Based on your requirements, apply only the required attributes so that only values for those parameters are exported.
'fields':'name,instance_id,instance_type,cloud_platform,instance_state,adr_state,ip_addresses'
|
Attribute |
Description |
Example |
|
Limit |
The number of records to display on one page. This value can be set up to 1000. |
'limit':10 |
|
Offset |
Specifies the number of pages to skip in the result. An offset 0 denotes the first page. If you set the offset to 2, the result starts from the third page. |
'offset':0 |
|
Where |
Lets you add conditions based on instance attributes and logical and relational operators. |
where=(region=’us_west_1’)or(region=’us_west_2’) |
|
Include |
Includes the specified information in the result. |
'include':'installed_products' The attribute in this example returns all the installed products in the instances. |
Filters that you can use with the 'Where' property
|
Filter Criteria |
Possible filter values that can be used in an example |
|
Recommendations |
This filter gets instances that have a policy recommendation generated or a policy recommendation to be reapplied.
where=(included_dcs_device_states.policyRecommendationState in ['Generated','Reapply']) |
|
Platform |
This filter gets instances belonging to Linux or Windows.
where=(platform in ['Linux','Windows']) |
|
Instance state |
This filter gets instances based on the state of the instance - Running or Stopped.
where=(instance_state in ['Running','Stopped']) |
|
Policy status |
This filter gets instances based on the status of the policy application.
where=(policy_applied in ['pending','failed', 'intermediate','completed','NOTAPPLIED']) |
|
Agent status |
This filter gets instances based on the status of the agent.
where=(agent_installed in ['Not_Installed','Installed','Initializing', 'Installed_Reboot_Required','Uninstalled']) |
|
Source |
This filter gets instances based on the source of the instance.
where=(cloud_platform in ['Private','Azure','AWS']) |
|
Discovery |
This filter gets instances based on the status of the software service discovery.
where=(adr_state in ['Failed','In Progress','Succeeded']) |
|
Instance |
This filter gets instances without a policy group, with a policy group, or without an agent.
where=(policy_applied='completed')and (policy_applied!='completed')and(agent_installed!='Installed') |
|
Discovered on |
This filter gets instances created prior to the current time. The options available are 8 hours, 1 day, 7 days, and 30 days prior to the current date. You can also specify a range as explained in the examples. Note: You must specify the value in a date and time format as yyyy-MM-ddTHH:mm:ss.SSSZ. If the date today is 16th of February 2016, this example gets instances created 30 days prior to the current date. where=(created>='2017-01-16T05:26:22.232Z') |
Response Header
content-type: application/json
Response Data – Example
HTTP/1.1 200 OK
{
"id": "3cKGgHxxxxxxxxxxbeWl1A",
"name": "AzureRHELTest",
},
"policy_applied": "NOTAPPLIED",
"host": "AzureRHELTest",
"mac_address": "00-0D-xx-xx-xx-12",
"ip_addresses": [
"1xx.xx.2xx.1xx"
],
"fqdn": "AzureRHELTest",
"instance_id": "cxxxxx3-fxx-4axx-axx-5xxxxec9xxx7",
"cloud_platform": "Azure",
"instance_state": "Running",
"instance_type": "Standard_Dxx_xx",
"subscription_id": "exxxxxxf-dxx7-xxxd-9xxx-3xxxxc7xxxx4",
"subscription_name": "Visual Studio Enterprise",
"resource_group_name": "Default",
"vm_type": "Microsoft.Compute/virtualMachines",
"machine_image_id": "https://xxxxxxxxxxskvmssxzisa.blob.core.windows.net/vhds/AzureRHELTestxxxxxxxxxx."public_dns": "",
"private_ips": [
"1x.x.x.x"
],
"subnet_id": "/subscriptions/xxxxxxxx-dxxx-4xxx-9xxx-34xxxxxxxx4/resourceGroups/testCloudVM/Microsoft.Network/virtualNetworks/MyVNET/subnets/Subnet",
"firewall_groups": [
"RS-RHEL72"
],
"region": "southeastasia",
"updated": false,
"deleted": false,
"agent_installed": "Not_Installed",
"created": "2016-07-26T05:04:38.105Z",
"modified": "2016-07-26T05:12:02.349Z",
"reconciled": true,
"obj_classes": [
"device",
"dcs_device"
],
"platform": "Linux"
}
Response Codes
Response status codes and their meaning
|
Code |
Description |
|
200 |
Successful operation. |
|
400 |
Invalid operation. The body of the response contains information about the error. |
|
401 |
Authentication required. Make sure that you use a correct account ID and security token. |
|
500 |
Server error. Please try again later, and if the problem persists, contact Symantec Support. |
Examples
Download a list of all instances with agent installed.
https://scwp.securitycloud.symantec.com/dcs-service/dcscloud/v1/ui/assets
Payload will be,
{"limit":10,
"offset":0,
"sort":"created",
"fields":"name,instance_id,instance_type,cloud_platform,instance_state,adr_state,ip_addresses,device_status,status_reason,cpe_wfn,policy_applied,policy_applied_date,agent_installed,agent_installed_time,platform,appDiscoverCmdId,region,created,
"include_count":true,
"where":"(agent_installed in ['Installed','Uninstalled'])"
}
Download all instances with state as Running
https://scwp.securitycloud.symantec.com/dcs-service/dcscloud/v1/ui/assets
Payload will be,
{"limit":10,
"offset":0,
"sort":"created",
"fields":"name,instance_id,instance_type,cloud_platform,instance_state,adr_state,ip_addresses,device_status,status_reason,cpe_wfn,policy_applied,policy_applied_date,agent_installed,agent_installed_time,platform,appDiscoverCmdId,region,created,
"include_count":true,
"where":"instance_state in ['Running'])”
}
Feedback
