hosts
/host-store/api/v1/hosts/searchSearch for hosts
ignore_disabled_sourcesbooleanIgnores the disabled hosts - when enabled, host search searches for disabled hosts as well
keywordsstringComma or space-separated strings to search across all host attributes. The leading and trailing wildcards for the keywords are implicit.
distinguished_namearrayA comma separated list of strings to search for
external_idstringThe external id of the host
instance_idstringThe instance id from the cloud service
source_idstringThe source of the host
common_namearrayAn array of strings to search for
organizationarrayAn array of strings to search for
organizational_unitarrayAn array of strings to search for
addressarrayAn array of strings to search for
access_group_idsarrayAn array of access group IDs to search for
servicearrayAn array of service types to search for (SSH, RDP, WEB, VNC, DB)
portarrayAn array of integers to search for
zonearrayAn array of strings to search for
host_typearrayAn array of strings to search for
host_classificationarrayAn array of strings to search for
rolearrayAn array of strings to search for (role id's)
scopearrayAn array of strings to search for
tagsarrayAn array of host tags to search for
cloud_providersarrayAn array of cloud provider names to search (AWS,GOOGLECLOUD,AZURE,OPENSTACK)
cloud_provider_regionsarrayAn array of cloud provider regions to search for. Valid values depend on cloud provider.
deployablebooleanA host deployable flag status to search for.
statusesarrayAn array of host status strings to search for.
Responses
Request examples
{
"ignore_disabled_sources": true,
"keywords": "string",
"distinguished_name": [
"string"
],
"external_id": "string",
"instance_id": "string",
"source_id": "string",
"common_name": [
"string"
],
"organization": [
"string"
],
"organizational_unit": [
"string"
],
"address": [
"string"
],
"access_group_ids": [
"5bf77342-221c-11ee-be56-0242ac120002"
],
"service": [
"string"
],
"port": [
123
],
"zone": [
"string"
],
"host_type": [
"string"
],
"host_classification": [
"string"
],
"role": [
"string"
],
"scope": [
"string"
],
"tags": [
"string"
],
"cloud_providers": [
"string"
],
"cloud_provider_regions": [
"string"
],
"deployable": true,
"statuses": [
"string"
]
}Response examples
Search successful, return matching hosts
{
"count": 123,
"items": [
{
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"access_group_id": "5bf77342-221c-11ee-be56-0242ac120002",
"deployable": true,
"tofu": true,
"stand_alone_host": true,
"external_id": "string",
"instance_id": "string",
"audit_enabled": true,
"session_recording_options": {
"disable_clipboard_recording": true,
"disable_file_transfer_recording": true
},
"ssh_host_public_keys": [
{
"key": "string",
"fingerprint": "string"
}
],
"host_certificate_raw": "string",
"host_certificate": {
"subject": "string",
"issuer": "string",
"serial": "string",
"not_before": "string",
"not_after": "string",
"dns_names": [
"string"
],
"email_addresses": [
"string"
],
"ip_addresses": [
"string"
],
"fingerprint_sha1": "string",
"fingerprint_sha256": "string"
},
"contact_address": "string",
"services": [
{
"service": "SSH",
"address": "string",
"port": 123,
"use_for_password_rotation": true,
"ssh_tunnel_port": 123,
"source": "string",
"login_page_url": "string",
"username_field_name": "string",
"password_field_name": "string",
"login_request_url": "string",
"login_request_password_property": "string",
"auth_type": "string",
"status": "OK",
"status_updated": "string",
"allowed_domains": [
"string"
],
"service_version": "string",
"use_legacy_cipher_suites": true,
"tls_min_version": "string",
"tls_max_version": "string",
"browser": "string",
"db": {
"protocol": "postgres",
"tls_certificate_validation": "ENABLED",
"tls_certificate_trust_anchors": "string",
"audit_skip_bytes": 123
},
"created": "2017-01-01T15:05:05Z",
"updated": "2017-01-01T15:05:05Z",
"certificate_template": "string"
}
],
"principals": [
{
"principal": "string",
"target_domain": {
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string",
"deleted": true
},
"rotate": true,
"use_for_password_rotation": true,
"use_user_account": true,
"passphrase": "string",
"username_attribute": "string",
"source": "string",
"roles": [
{
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string",
"deleted": true
}
],
"applications": [
{
"name": "string",
"application": "string",
"arguments": "string",
"working_directory": "string"
}
],
"service_options": {
"ssh": {
"shell": true,
"file_transfer": true,
"exec": true,
"tunnels": true,
"x11": true,
"other": true
},
"rdp": {
"file_transfer": true,
"audio": true,
"clipboard": true
},
"web": {
"file_transfer": true,
"audio": true,
"clipboard": true
},
"vnc": {
"file_transfer": true,
"clipboard": true
},
"db": {
"max_bytes_download": 123,
"max_bytes_upload": 123
}
},
"command_restrictions": {
"enabled": true,
"default_whitelist": {
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string",
"deleted": true
},
"rshell_variant": "bash",
"banner": "string",
"allow_no_match": true,
"audit_match": true,
"audit_no_match": true,
"whitelists": [
{
"whitelist": {
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string",
"deleted": true
},
"roles": [
{
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string"
}
]
}
]
}
}
],
"password_rotation_enabled": true,
"password_rotation": {
"access_group_id": "5bf77342-221c-11ee-be56-0242ac120002",
"use_main_account": true,
"operating_system": "LINUX",
"winrm_address": "string",
"winrm_port": 123,
"protocol": "SSH",
"certificate_validation_options": "DISABLED",
"winrm_host_certificate_trust_anchors": "string",
"password_policy_id": "5bf77342-221c-11ee-be56-0242ac120002",
"script_template_id": "5bf77342-221c-11ee-be56-0242ac120002",
"rotation_status": [
{
"principal": "string",
"last_rotated": "2017-01-01T15:05:05Z",
"last_error": "2017-01-01T15:05:05Z",
"last_error_details": "string"
}
],
"created": "2017-01-01T15:05:05Z",
"updated": "2017-01-01T15:05:05Z",
"created_by": "string",
"updated_by": "string"
},
"source_id": "string",
"cloud_provider": "string",
"cloud_provider_region": "string",
"status": [
{
"k": "string",
"v": "string"
}
],
"created": "2017-01-01T15:05:05Z",
"updated": "2017-01-01T15:05:05Z",
"updated_by": "eef4aefc-d64e-4c2c-aba4-4914c86ce059",
"distinguished_name": "string",
"common_name": "string",
"organization": "string",
"organizational_unit": "string",
"zone": "string",
"scope": [
"string"
],
"host_type": "string",
"host_classification": "string",
"comment": "string",
"addresses": [
"string"
],
"tags": [
"string"
],
"disabled": "BY_ADMIN"
}
]
}/host-store/api/v1/hostsGet hosts
offsetintOffset from which to start fetching objects
- Default
- 0
limitintMaximum number of objects to return
- Default
- 50
sortkeystringSort by specific object property
- Default
- "id"
sortdirstringSort direction, asc or desc
- Default
- "ASC"
- Enum
- ASC
- DESC
filterstringFilter hosts - possible values: accessible (filter hosts based on whether the current user has access to them) and configured (list only hosts with services)
- Enum
- accessible
- configured
Responses
Response examples
Successful request, respond with a list of hosts
{
"count": 123,
"items": [
{
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"access_group_id": "5bf77342-221c-11ee-be56-0242ac120002",
"deployable": true,
"tofu": true,
"stand_alone_host": true,
"external_id": "string",
"instance_id": "string",
"audit_enabled": true,
"session_recording_options": {
"disable_clipboard_recording": true,
"disable_file_transfer_recording": true
},
"ssh_host_public_keys": [
{
"key": "string",
"fingerprint": "string"
}
],
"host_certificate_raw": "string",
"host_certificate": {
"subject": "string",
"issuer": "string",
"serial": "string",
"not_before": "string",
"not_after": "string",
"dns_names": [
"string"
],
"email_addresses": [
"string"
],
"ip_addresses": [
"string"
],
"fingerprint_sha1": "string",
"fingerprint_sha256": "string"
},
"contact_address": "string",
"services": [
{
"service": "SSH",
"address": "string",
"port": 123,
"use_for_password_rotation": true,
"ssh_tunnel_port": 123,
"source": "string",
"login_page_url": "string",
"username_field_name": "string",
"password_field_name": "string",
"login_request_url": "string",
"login_request_password_property": "string",
"auth_type": "string",
"status": "OK",
"status_updated": "string",
"allowed_domains": [
"string"
],
"service_version": "string",
"use_legacy_cipher_suites": true,
"tls_min_version": "string",
"tls_max_version": "string",
"browser": "string",
"db": {
"protocol": "postgres",
"tls_certificate_validation": "ENABLED",
"tls_certificate_trust_anchors": "string",
"audit_skip_bytes": 123
},
"created": "2017-01-01T15:05:05Z",
"updated": "2017-01-01T15:05:05Z",
"certificate_template": "string"
}
],
"principals": [
{
"principal": "string",
"target_domain": {
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string",
"deleted": true
},
"rotate": true,
"use_for_password_rotation": true,
"use_user_account": true,
"passphrase": "string",
"username_attribute": "string",
"source": "string",
"roles": [
{
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string",
"deleted": true
}
],
"applications": [
{
"name": "string",
"application": "string",
"arguments": "string",
"working_directory": "string"
}
],
"service_options": {
"ssh": {
"shell": true,
"file_transfer": true,
"exec": true,
"tunnels": true,
"x11": true,
"other": true
},
"rdp": {
"file_transfer": true,
"audio": true,
"clipboard": true
},
"web": {
"file_transfer": true,
"audio": true,
"clipboard": true
},
"vnc": {
"file_transfer": true,
"clipboard": true
},
"db": {
"max_bytes_download": 123,
"max_bytes_upload": 123
}
},
"command_restrictions": {
"enabled": true,
"default_whitelist": {
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string",
"deleted": true
},
"rshell_variant": "bash",
"banner": "string",
"allow_no_match": true,
"audit_match": true,
"audit_no_match": true,
"whitelists": [
{
"whitelist": {
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string",
"deleted": true
},
"roles": [
{
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string"
}
]
}
]
}
}
],
"password_rotation_enabled": true,
"password_rotation": {
"access_group_id": "5bf77342-221c-11ee-be56-0242ac120002",
"use_main_account": true,
"operating_system": "LINUX",
"winrm_address": "string",
"winrm_port": 123,
"protocol": "SSH",
"certificate_validation_options": "DISABLED",
"winrm_host_certificate_trust_anchors": "string",
"password_policy_id": "5bf77342-221c-11ee-be56-0242ac120002",
"script_template_id": "5bf77342-221c-11ee-be56-0242ac120002",
"rotation_status": [
{
"principal": "string",
"last_rotated": "2017-01-01T15:05:05Z",
"last_error": "2017-01-01T15:05:05Z",
"last_error_details": "string"
}
],
"created": "2017-01-01T15:05:05Z",
"updated": "2017-01-01T15:05:05Z",
"created_by": "string",
"updated_by": "string"
},
"source_id": "string",
"cloud_provider": "string",
"cloud_provider_region": "string",
"status": [
{
"k": "string",
"v": "string"
}
],
"created": "2017-01-01T15:05:05Z",
"updated": "2017-01-01T15:05:05Z",
"updated_by": "eef4aefc-d64e-4c2c-aba4-4914c86ce059",
"distinguished_name": "string",
"common_name": "string",
"organization": "string",
"organizational_unit": "string",
"zone": "string",
"scope": [
"string"
],
"host_type": "string",
"host_classification": "string",
"comment": "string",
"addresses": [
"string"
],
"tags": [
"string"
],
"disabled": "BY_ADMIN"
}
]
}/host-store/api/v1/hostsCreate a host to host store
access_group_idstringDefines host's access group
- Format
- uuid
deployablebooleanWhether the host is writable through /deploy end point with deployment credentials
tofubooleanWhether the host key should be accepted and stored on first connection
stand_alone_hostbooleanIndicates it is a standalone host - bound to local host directory
external_idstringThe equipment ID from the originating equipment store
instance_idstringThe instance ID from the originating cloud service (searchable by keyword)
audit_enabledbooleanWheter the host is set to be audited.
session_recording_optionsobjectFlags to disable trail auditing for certain features when auditing is enabled
disable_clipboard_recordingbooleanDisable clipboard trail auditing when auditing is enabled
disable_file_transfer_recordingbooleanDisable file transfer trail auditing when auditing is enabled
ssh_host_public_keysarraykeystringHost public key, used to verify the identity of the accessed host
host_certificate_rawstringHost certificate, used to verify that the target host is the correct one.
contact_addressstringThe host public address scanning script instructs the host store to use in service address-field.
servicesarrayservicestringAllowed protocol - SSH, RDP, VNC, WEB, DB (searchable)
- Enum
- SSH
- RDP
- VNC
- WEB
- DB
addressstringService address, IPv4, IPv6 or FQDN
portintService port
use_for_password_rotationbooleanif service SSH, informs whether this service is used to rotate password
- Default
- false
dbobject (dbservice)sourcestringIdentifies the source of the services object "UI", "SCIM" or "SCAN". Deploy is also treated as "UI".
principalsarrayWhat principals (target server user names/ accounts) the host has
principalstringThe account name
target_domainobject (target_domain_handle)Optional target domain in which principal exists
rotatebooleanRotate password of this account
use_for_password_rotationbooleanmarks account to be used as the account through which password rotation takes place, when flag use_main_account set in rotation_metadata
use_user_accountbooleanUse user account as host principal name
passphrasestringThe account static passphrase or the initial rotating password value. If rotate selected, active in create, disabled/hidden in edit
sourcestringIdentifies the source of the principals object "UI" or "SCAN". Deploy is also treated as "UI".
rolesarrayAn array of roles entitled to access this principal on the host
applicationsarrayAn array of application the principal may launch on the target host
service_optionsobject (service_options)Object for service options
command_restrictionsobject (command_restrictions)SSH shell/exec command restrictions for the principal
password_rotation_enabledbooleanset, if there are accounts, in which passwords need to be rotated
password_rotationobject (rotation_metadata)password rotation settings for host
access_group_idstringSpecify ID of access group, default access group will be used if ID is not specified. Access group will be checked for WinRM trust anchors if certificate validation option is set to enabled.
- Format
- uuid
use_main_accountbooleanrequired
rotate passwords of all accounts in host through one account
operating_systemstringrequired
Bash for Linux, Powershell for windows for shell access
- Enum
- LINUX
- WINDOWS
winrm_addressstringIPv4 address or FQDN to use for winrm connections
winrm_portintport to use for password rotation with winrm, zero for winrm default
protocolstringrequired
- Enum
- SSH
- WINRM
certificate_validation_optionsstringrequired
Disable or enable password rotation certificate validation
- Enum
- DISABLED
- ENABLED
winrm_host_certificate_trust_anchorsstringWinRM host certificate trust anchors in PEM format
password_policy_idstringrequired
password policy to be applied
- Format
- uuid
script_template_idstringrequired
script template to be run in host
- Format
- uuid
rotation_statusarrayFilled by backend. Rotation status per account to be shown in UI
createdstringWhen the object was created. Added by backend
- Format
- date-time
- Example
- "2017-01-01T15:05:05Z"
updatedstringWhen the object was updated. Added by backend
- Format
- date-time
- Example
- "2017-01-01T15:05:05Z"
created_bystringadded by backend
updated_bystringadded by backend
source_idstringA unique import-source identifier for the host entry, for example a hash for AWS account ID. (searchable by keyword)
cloud_providerstringThe cloud provider this host resides in
cloud_provider_regionstringThe cloud provider region the host resides in
distinguished_namestringLDAPv3 Disinguished name (searchable by keyword)
common_namestringX.500 Common name (searchable by keyword)
organizationstringX.500 Organization (searchable by keyword)
organizational_unitstringX.500 Organizational unit (searchable by keyword)
zonestringEquipment zone (development, production, user acceptance testing, ..) (searchable by keyword)
scopearrayUnder what compliance scopes the listed equipment falls under (searchable by keyword)
host_typestringEquipment type (virtual, physical) (searchable by keyword)
host_classificationstringClassification (Windows desktop, Windows server, AIX, Linux RH, ..) (searchable by keyword)
commentstringA comment describing the host
addressesarraytagsarraydisabledstring- Enum
- BY_ADMIN
- BY_LICENSE
certificate_templatestringName of the certificate template used for certificate authentication for this host
Responses
Request examples
{
"access_group_id": "5bf77342-221c-11ee-be56-0242ac120002",
"deployable": true,
"tofu": true,
"stand_alone_host": true,
"external_id": "string",
"instance_id": "string",
"audit_enabled": true,
"session_recording_options": {
"disable_clipboard_recording": true,
"disable_file_transfer_recording": true
},
"ssh_host_public_keys": [
{
"key": "string"
}
],
"host_certificate_raw": "string",
"contact_address": "string",
"services": [
{
"service": "SSH",
"address": "string",
"port": 123,
"use_for_password_rotation": true,
"db": {
"protocol": "postgres",
"tls_certificate_validation": "ENABLED",
"tls_certificate_trust_anchors": "string",
"audit_skip_bytes": 123
},
"source": "string"
}
],
"principals": [
{
"principal": "string",
"target_domain": {
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string",
"deleted": true
},
"rotate": true,
"use_for_password_rotation": true,
"use_user_account": true,
"passphrase": "string",
"source": "string",
"roles": [
{
"id": "5bf77342-221c-11ee-be56-0242ac120002"
}
],
"applications": [
{
"name": "string",
"application": "string",
"arguments": "string",
"working_directory": "string"
}
],
"service_options": {
"ssh": {
"shell": true,
"file_transfer": true,
"exec": true,
"tunnels": true,
"x11": true,
"other": true
},
"rdp": {
"file_transfer": true,
"audio": true,
"clipboard": true
},
"web": {
"file_transfer": true,
"audio": true,
"clipboard": true
},
"vnc": {
"file_transfer": true,
"clipboard": true
},
"db": {
"max_bytes_download": 123,
"max_bytes_upload": 123
}
},
"command_restrictions": {
"enabled": true,
"default_whitelist": {
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string",
"deleted": true
},
"rshell_variant": "bash",
"banner": "string",
"allow_no_match": true,
"audit_match": true,
"audit_no_match": true,
"whitelists": [
{
"whitelist": {
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string",
"deleted": true
},
"roles": [
{
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string"
}
]
}
]
}
}
],
"password_rotation_enabled": true,
"password_rotation": {
"access_group_id": "5bf77342-221c-11ee-be56-0242ac120002",
"use_main_account": true,
"operating_system": "LINUX",
"winrm_address": "string",
"winrm_port": 123,
"protocol": "SSH",
"certificate_validation_options": "DISABLED",
"winrm_host_certificate_trust_anchors": "string",
"password_policy_id": "5bf77342-221c-11ee-be56-0242ac120002",
"script_template_id": "5bf77342-221c-11ee-be56-0242ac120002",
"rotation_status": [
{
"principal": "string",
"last_rotated": "2017-01-01T15:05:05Z",
"last_error": "2017-01-01T15:05:05Z",
"last_error_details": "string"
}
],
"created": "2017-01-01T15:05:05Z",
"updated": "2017-01-01T15:05:05Z",
"created_by": "string",
"updated_by": "string"
},
"source_id": "string",
"cloud_provider": "string",
"cloud_provider_region": "string",
"distinguished_name": "string",
"common_name": "string",
"organization": "string",
"organizational_unit": "string",
"zone": "string",
"scope": [
"string"
],
"host_type": "string",
"host_classification": "string",
"comment": "string",
"addresses": [
"string"
],
"tags": [
"string"
],
"disabled": "BY_ADMIN",
"certificate_template": "string"
}Response examples
Host successfully created
{
"id": "5bf77342-221c-11ee-be56-0242ac120002"
}/host-store/api/v1/hosts/resolveResolve service+address to a single host in host store
servicestringrequired
service type (SSH, RDP, ...)
addressstringrequired
service address
portintrequired
service port
Responses
Request examples
{
"service": "string",
"address": "string",
"port": 123
}Response examples
Host successfully found, if multiple hosts match the query, return 500 internal server error with relevant error codes
{
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"access_group_id": "5bf77342-221c-11ee-be56-0242ac120002",
"deployable": true,
"tofu": true,
"stand_alone_host": true,
"external_id": "string",
"instance_id": "string",
"audit_enabled": true,
"session_recording_options": {
"disable_clipboard_recording": true,
"disable_file_transfer_recording": true
},
"ssh_host_public_keys": [
{
"key": "string",
"fingerprint": "string"
}
],
"host_certificate_raw": "string",
"host_certificate": {
"subject": "string",
"issuer": "string",
"serial": "string",
"not_before": "string",
"not_after": "string",
"dns_names": [
"string"
],
"email_addresses": [
"string"
],
"ip_addresses": [
"string"
],
"fingerprint_sha1": "string",
"fingerprint_sha256": "string"
},
"contact_address": "string",
"services": [
{
"service": "SSH",
"address": "string",
"port": 123,
"use_for_password_rotation": true,
"ssh_tunnel_port": 123,
"source": "string",
"login_page_url": "string",
"username_field_name": "string",
"password_field_name": "string",
"login_request_url": "string",
"login_request_password_property": "string",
"auth_type": "string",
"status": "OK",
"status_updated": "string",
"allowed_domains": [
"string"
],
"service_version": "string",
"use_legacy_cipher_suites": true,
"tls_min_version": "string",
"tls_max_version": "string",
"browser": "string",
"db": {
"protocol": "postgres",
"tls_certificate_validation": "ENABLED",
"tls_certificate_trust_anchors": "string",
"audit_skip_bytes": 123
},
"created": "2017-01-01T15:05:05Z",
"updated": "2017-01-01T15:05:05Z",
"certificate_template": "string"
}
],
"principals": [
{
"principal": "string",
"target_domain": {
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string",
"deleted": true
},
"rotate": true,
"use_for_password_rotation": true,
"use_user_account": true,
"passphrase": "string",
"username_attribute": "string",
"source": "string",
"roles": [
{
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string",
"deleted": true
}
],
"applications": [
{
"name": "string",
"application": "string",
"arguments": "string",
"working_directory": "string"
}
],
"service_options": {
"ssh": {
"shell": true,
"file_transfer": true,
"exec": true,
"tunnels": true,
"x11": true,
"other": true
},
"rdp": {
"file_transfer": true,
"audio": true,
"clipboard": true
},
"web": {
"file_transfer": true,
"audio": true,
"clipboard": true
},
"vnc": {
"file_transfer": true,
"clipboard": true
},
"db": {
"max_bytes_download": 123,
"max_bytes_upload": 123
}
},
"command_restrictions": {
"enabled": true,
"default_whitelist": {
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string",
"deleted": true
},
"rshell_variant": "bash",
"banner": "string",
"allow_no_match": true,
"audit_match": true,
"audit_no_match": true,
"whitelists": [
{
"whitelist": {
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string",
"deleted": true
},
"roles": [
{
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string"
}
]
}
]
}
}
],
"password_rotation_enabled": true,
"password_rotation": {
"access_group_id": "5bf77342-221c-11ee-be56-0242ac120002",
"use_main_account": true,
"operating_system": "LINUX",
"winrm_address": "string",
"winrm_port": 123,
"protocol": "SSH",
"certificate_validation_options": "DISABLED",
"winrm_host_certificate_trust_anchors": "string",
"password_policy_id": "5bf77342-221c-11ee-be56-0242ac120002",
"script_template_id": "5bf77342-221c-11ee-be56-0242ac120002",
"rotation_status": [
{
"principal": "string",
"last_rotated": "2017-01-01T15:05:05Z",
"last_error": "2017-01-01T15:05:05Z",
"last_error_details": "string"
}
],
"created": "2017-01-01T15:05:05Z",
"updated": "2017-01-01T15:05:05Z",
"created_by": "string",
"updated_by": "string"
},
"source_id": "string",
"cloud_provider": "string",
"cloud_provider_region": "string",
"status": [
{
"k": "string",
"v": "string"
}
],
"created": "2017-01-01T15:05:05Z",
"updated": "2017-01-01T15:05:05Z",
"updated_by": "eef4aefc-d64e-4c2c-aba4-4914c86ce059",
"distinguished_name": "string",
"common_name": "string",
"organization": "string",
"organizational_unit": "string",
"zone": "string",
"scope": [
"string"
],
"host_type": "string",
"host_classification": "string",
"comment": "string",
"addresses": [
"string"
],
"tags": [
"string"
],
"disabled": "BY_ADMIN"
}/host-store/api/v1/hosts/{host_id}Get a single host in host store
host_idstringrequired
- Format
- uuid
Responses
Response examples
Host successfully found
{
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"access_group_id": "5bf77342-221c-11ee-be56-0242ac120002",
"deployable": true,
"tofu": true,
"stand_alone_host": true,
"external_id": "string",
"instance_id": "string",
"audit_enabled": true,
"session_recording_options": {
"disable_clipboard_recording": true,
"disable_file_transfer_recording": true
},
"ssh_host_public_keys": [
{
"key": "string",
"fingerprint": "string"
}
],
"host_certificate_raw": "string",
"host_certificate": {
"subject": "string",
"issuer": "string",
"serial": "string",
"not_before": "string",
"not_after": "string",
"dns_names": [
"string"
],
"email_addresses": [
"string"
],
"ip_addresses": [
"string"
],
"fingerprint_sha1": "string",
"fingerprint_sha256": "string"
},
"contact_address": "string",
"services": [
{
"service": "SSH",
"address": "string",
"port": 123,
"use_for_password_rotation": true,
"ssh_tunnel_port": 123,
"source": "string",
"login_page_url": "string",
"username_field_name": "string",
"password_field_name": "string",
"login_request_url": "string",
"login_request_password_property": "string",
"auth_type": "string",
"status": "OK",
"status_updated": "string",
"allowed_domains": [
"string"
],
"service_version": "string",
"use_legacy_cipher_suites": true,
"tls_min_version": "string",
"tls_max_version": "string",
"browser": "string",
"db": {
"protocol": "postgres",
"tls_certificate_validation": "ENABLED",
"tls_certificate_trust_anchors": "string",
"audit_skip_bytes": 123
},
"created": "2017-01-01T15:05:05Z",
"updated": "2017-01-01T15:05:05Z",
"certificate_template": "string"
}
],
"principals": [
{
"principal": "string",
"target_domain": {
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string",
"deleted": true
},
"rotate": true,
"use_for_password_rotation": true,
"use_user_account": true,
"passphrase": "string",
"username_attribute": "string",
"source": "string",
"roles": [
{
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string",
"deleted": true
}
],
"applications": [
{
"name": "string",
"application": "string",
"arguments": "string",
"working_directory": "string"
}
],
"service_options": {
"ssh": {
"shell": true,
"file_transfer": true,
"exec": true,
"tunnels": true,
"x11": true,
"other": true
},
"rdp": {
"file_transfer": true,
"audio": true,
"clipboard": true
},
"web": {
"file_transfer": true,
"audio": true,
"clipboard": true
},
"vnc": {
"file_transfer": true,
"clipboard": true
},
"db": {
"max_bytes_download": 123,
"max_bytes_upload": 123
}
},
"command_restrictions": {
"enabled": true,
"default_whitelist": {
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string",
"deleted": true
},
"rshell_variant": "bash",
"banner": "string",
"allow_no_match": true,
"audit_match": true,
"audit_no_match": true,
"whitelists": [
{
"whitelist": {
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string",
"deleted": true
},
"roles": [
{
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string"
}
]
}
]
}
}
],
"password_rotation_enabled": true,
"password_rotation": {
"access_group_id": "5bf77342-221c-11ee-be56-0242ac120002",
"use_main_account": true,
"operating_system": "LINUX",
"winrm_address": "string",
"winrm_port": 123,
"protocol": "SSH",
"certificate_validation_options": "DISABLED",
"winrm_host_certificate_trust_anchors": "string",
"password_policy_id": "5bf77342-221c-11ee-be56-0242ac120002",
"script_template_id": "5bf77342-221c-11ee-be56-0242ac120002",
"rotation_status": [
{
"principal": "string",
"last_rotated": "2017-01-01T15:05:05Z",
"last_error": "2017-01-01T15:05:05Z",
"last_error_details": "string"
}
],
"created": "2017-01-01T15:05:05Z",
"updated": "2017-01-01T15:05:05Z",
"created_by": "string",
"updated_by": "string"
},
"source_id": "string",
"cloud_provider": "string",
"cloud_provider_region": "string",
"status": [
{
"k": "string",
"v": "string"
}
],
"created": "2017-01-01T15:05:05Z",
"updated": "2017-01-01T15:05:05Z",
"updated_by": "eef4aefc-d64e-4c2c-aba4-4914c86ce059",
"distinguished_name": "string",
"common_name": "string",
"organization": "string",
"organizational_unit": "string",
"zone": "string",
"scope": [
"string"
],
"host_type": "string",
"host_classification": "string",
"comment": "string",
"addresses": [
"string"
],
"tags": [
"string"
],
"disabled": "BY_ADMIN"
}/host-store/api/v1/hosts/{host_id}Update a single host in host store
access_group_idstringDefines host's access group
- Format
- uuid
deployablebooleanWhether the host is writable through /deploy end point with deployment credentials
tofubooleanWhether the host key should be accepted and stored on first connection
stand_alone_hostbooleanIndicates it is a standalone host - bound to local host directory
external_idstringThe equipment ID from the originating equipment store
instance_idstringThe instance ID from the originating cloud service (searchable by keyword)
audit_enabledbooleanWheter the host is set to be audited.
session_recording_optionsobjectFlags to disable trail auditing for certain features when auditing is enabled
disable_clipboard_recordingbooleanDisable clipboard trail auditing when auditing is enabled
disable_file_transfer_recordingbooleanDisable file transfer trail auditing when auditing is enabled
ssh_host_public_keysarraykeystringHost public key, used to verify the identity of the accessed host
host_certificate_rawstringHost certificate, used to verify that the target host is the correct one.
contact_addressstringThe host public address scanning script instructs the host store to use in service address-field.
servicesarrayservicestringAllowed protocol - SSH, RDP, VNC, WEB, DB (searchable)
- Enum
- SSH
- RDP
- VNC
- WEB
- DB
addressstringService address, IPv4, IPv6 or FQDN
portintService port
use_for_password_rotationbooleanif service SSH, informs whether this service is used to rotate password
- Default
- false
dbobject (dbservice)sourcestringIdentifies the source of the services object "UI", "SCIM" or "SCAN". Deploy is also treated as "UI".
principalsarrayWhat principals (target server user names/ accounts) the host has
principalstringThe account name
target_domainobject (target_domain_handle)Optional target domain in which principal exists
rotatebooleanRotate password of this account
use_for_password_rotationbooleanmarks account to be used as the account through which password rotation takes place, when flag use_main_account set in rotation_metadata
use_user_accountbooleanUse user account as host principal name
passphrasestringThe account static passphrase or the initial rotating password value. If rotate selected, active in create, disabled/hidden in edit
sourcestringIdentifies the source of the principals object "UI" or "SCAN". Deploy is also treated as "UI".
rolesarrayAn array of roles entitled to access this principal on the host
applicationsarrayAn array of application the principal may launch on the target host
service_optionsobject (service_options)Object for service options
command_restrictionsobject (command_restrictions)SSH shell/exec command restrictions for the principal
password_rotation_enabledbooleanset, if there are accounts, in which passwords need to be rotated
password_rotationobject (rotation_metadata)password rotation settings for host
access_group_idstringSpecify ID of access group, default access group will be used if ID is not specified. Access group will be checked for WinRM trust anchors if certificate validation option is set to enabled.
- Format
- uuid
use_main_accountbooleanrequired
rotate passwords of all accounts in host through one account
operating_systemstringrequired
Bash for Linux, Powershell for windows for shell access
- Enum
- LINUX
- WINDOWS
winrm_addressstringIPv4 address or FQDN to use for winrm connections
winrm_portintport to use for password rotation with winrm, zero for winrm default
protocolstringrequired
- Enum
- SSH
- WINRM
certificate_validation_optionsstringrequired
Disable or enable password rotation certificate validation
- Enum
- DISABLED
- ENABLED
winrm_host_certificate_trust_anchorsstringWinRM host certificate trust anchors in PEM format
password_policy_idstringrequired
password policy to be applied
- Format
- uuid
script_template_idstringrequired
script template to be run in host
- Format
- uuid
rotation_statusarrayFilled by backend. Rotation status per account to be shown in UI
createdstringWhen the object was created. Added by backend
- Format
- date-time
- Example
- "2017-01-01T15:05:05Z"
updatedstringWhen the object was updated. Added by backend
- Format
- date-time
- Example
- "2017-01-01T15:05:05Z"
created_bystringadded by backend
updated_bystringadded by backend
source_idstringA unique import-source identifier for the host entry, for example a hash for AWS account ID. (searchable by keyword)
cloud_providerstringThe cloud provider this host resides in
cloud_provider_regionstringThe cloud provider region the host resides in
distinguished_namestringLDAPv3 Disinguished name (searchable by keyword)
common_namestringX.500 Common name (searchable by keyword)
organizationstringX.500 Organization (searchable by keyword)
organizational_unitstringX.500 Organizational unit (searchable by keyword)
zonestringEquipment zone (development, production, user acceptance testing, ..) (searchable by keyword)
scopearrayUnder what compliance scopes the listed equipment falls under (searchable by keyword)
host_typestringEquipment type (virtual, physical) (searchable by keyword)
host_classificationstringClassification (Windows desktop, Windows server, AIX, Linux RH, ..) (searchable by keyword)
commentstringA comment describing the host
addressesarraytagsarraydisabledstring- Enum
- BY_ADMIN
- BY_LICENSE
certificate_templatestringName of the certificate template used for certificate authentication for this host
Responses
Request examples
{
"access_group_id": "5bf77342-221c-11ee-be56-0242ac120002",
"deployable": true,
"tofu": true,
"stand_alone_host": true,
"external_id": "string",
"instance_id": "string",
"audit_enabled": true,
"session_recording_options": {
"disable_clipboard_recording": true,
"disable_file_transfer_recording": true
},
"ssh_host_public_keys": [
{
"key": "string"
}
],
"host_certificate_raw": "string",
"contact_address": "string",
"services": [
{
"service": "SSH",
"address": "string",
"port": 123,
"use_for_password_rotation": true,
"db": {
"protocol": "postgres",
"tls_certificate_validation": "ENABLED",
"tls_certificate_trust_anchors": "string",
"audit_skip_bytes": 123
},
"source": "string"
}
],
"principals": [
{
"principal": "string",
"target_domain": {
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string",
"deleted": true
},
"rotate": true,
"use_for_password_rotation": true,
"use_user_account": true,
"passphrase": "string",
"source": "string",
"roles": [
{
"id": "5bf77342-221c-11ee-be56-0242ac120002"
}
],
"applications": [
{
"name": "string",
"application": "string",
"arguments": "string",
"working_directory": "string"
}
],
"service_options": {
"ssh": {
"shell": true,
"file_transfer": true,
"exec": true,
"tunnels": true,
"x11": true,
"other": true
},
"rdp": {
"file_transfer": true,
"audio": true,
"clipboard": true
},
"web": {
"file_transfer": true,
"audio": true,
"clipboard": true
},
"vnc": {
"file_transfer": true,
"clipboard": true
},
"db": {
"max_bytes_download": 123,
"max_bytes_upload": 123
}
},
"command_restrictions": {
"enabled": true,
"default_whitelist": {
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string",
"deleted": true
},
"rshell_variant": "bash",
"banner": "string",
"allow_no_match": true,
"audit_match": true,
"audit_no_match": true,
"whitelists": [
{
"whitelist": {
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string",
"deleted": true
},
"roles": [
{
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string"
}
]
}
]
}
}
],
"password_rotation_enabled": true,
"password_rotation": {
"access_group_id": "5bf77342-221c-11ee-be56-0242ac120002",
"use_main_account": true,
"operating_system": "LINUX",
"winrm_address": "string",
"winrm_port": 123,
"protocol": "SSH",
"certificate_validation_options": "DISABLED",
"winrm_host_certificate_trust_anchors": "string",
"password_policy_id": "5bf77342-221c-11ee-be56-0242ac120002",
"script_template_id": "5bf77342-221c-11ee-be56-0242ac120002",
"rotation_status": [
{
"principal": "string",
"last_rotated": "2017-01-01T15:05:05Z",
"last_error": "2017-01-01T15:05:05Z",
"last_error_details": "string"
}
],
"created": "2017-01-01T15:05:05Z",
"updated": "2017-01-01T15:05:05Z",
"created_by": "string",
"updated_by": "string"
},
"source_id": "string",
"cloud_provider": "string",
"cloud_provider_region": "string",
"distinguished_name": "string",
"common_name": "string",
"organization": "string",
"organizational_unit": "string",
"zone": "string",
"scope": [
"string"
],
"host_type": "string",
"host_classification": "string",
"comment": "string",
"addresses": [
"string"
],
"tags": [
"string"
],
"disabled": "BY_ADMIN",
"certificate_template": "string"
}Response examples
Host successfully updated
Empty response
/host-store/api/v1/hosts/{host_id}Delete a single host from the host store
host_idstringrequired
- Format
- uuid
Responses
Response examples
Host successfully deleted
Empty response
/host-store/api/v1/hosts/deployCreate, update a host in host store
access_group_idstringDefines host's access group
- Format
- uuid
deployablebooleanWhether the host is writable through /deploy end point with deployment credentials
tofubooleanWhether the host key should be accepted and stored on first connection
stand_alone_hostbooleanIndicates it is a standalone host - bound to local host directory
external_idstringThe equipment ID from the originating equipment store
instance_idstringThe instance ID from the originating cloud service (searchable by keyword)
audit_enabledbooleanWheter the host is set to be audited.
session_recording_optionsobjectFlags to disable trail auditing for certain features when auditing is enabled
disable_clipboard_recordingbooleanDisable clipboard trail auditing when auditing is enabled
disable_file_transfer_recordingbooleanDisable file transfer trail auditing when auditing is enabled
ssh_host_public_keysarraykeystringHost public key, used to verify the identity of the accessed host
host_certificate_rawstringHost certificate, used to verify that the target host is the correct one.
contact_addressstringThe host public address scanning script instructs the host store to use in service address-field.
servicesarrayservicestringAllowed protocol - SSH, RDP, VNC, WEB, DB (searchable)
- Enum
- SSH
- RDP
- VNC
- WEB
- DB
addressstringService address, IPv4, IPv6 or FQDN
portintService port
use_for_password_rotationbooleanif service SSH, informs whether this service is used to rotate password
- Default
- false
dbobject (dbservice)sourcestringIdentifies the source of the services object "UI", "SCIM" or "SCAN". Deploy is also treated as "UI".
principalsarrayWhat principals (target server user names/ accounts) the host has
principalstringThe account name
target_domainobject (target_domain_handle)Optional target domain in which principal exists
rotatebooleanRotate password of this account
use_for_password_rotationbooleanmarks account to be used as the account through which password rotation takes place, when flag use_main_account set in rotation_metadata
use_user_accountbooleanUse user account as host principal name
passphrasestringThe account static passphrase or the initial rotating password value. If rotate selected, active in create, disabled/hidden in edit
sourcestringIdentifies the source of the principals object "UI" or "SCAN". Deploy is also treated as "UI".
rolesarrayAn array of roles entitled to access this principal on the host
applicationsarrayAn array of application the principal may launch on the target host
service_optionsobject (service_options)Object for service options
command_restrictionsobject (command_restrictions)SSH shell/exec command restrictions for the principal
password_rotation_enabledbooleanset, if there are accounts, in which passwords need to be rotated
password_rotationobject (rotation_metadata)password rotation settings for host
access_group_idstringSpecify ID of access group, default access group will be used if ID is not specified. Access group will be checked for WinRM trust anchors if certificate validation option is set to enabled.
- Format
- uuid
use_main_accountbooleanrequired
rotate passwords of all accounts in host through one account
operating_systemstringrequired
Bash for Linux, Powershell for windows for shell access
- Enum
- LINUX
- WINDOWS
winrm_addressstringIPv4 address or FQDN to use for winrm connections
winrm_portintport to use for password rotation with winrm, zero for winrm default
protocolstringrequired
- Enum
- SSH
- WINRM
certificate_validation_optionsstringrequired
Disable or enable password rotation certificate validation
- Enum
- DISABLED
- ENABLED
winrm_host_certificate_trust_anchorsstringWinRM host certificate trust anchors in PEM format
password_policy_idstringrequired
password policy to be applied
- Format
- uuid
script_template_idstringrequired
script template to be run in host
- Format
- uuid
rotation_statusarrayFilled by backend. Rotation status per account to be shown in UI
createdstringWhen the object was created. Added by backend
- Format
- date-time
- Example
- "2017-01-01T15:05:05Z"
updatedstringWhen the object was updated. Added by backend
- Format
- date-time
- Example
- "2017-01-01T15:05:05Z"
created_bystringadded by backend
updated_bystringadded by backend
source_idstringA unique import-source identifier for the host entry, for example a hash for AWS account ID. (searchable by keyword)
cloud_providerstringThe cloud provider this host resides in
cloud_provider_regionstringThe cloud provider region the host resides in
distinguished_namestringLDAPv3 Disinguished name (searchable by keyword)
common_namestringX.500 Common name (searchable by keyword)
organizationstringX.500 Organization (searchable by keyword)
organizational_unitstringX.500 Organizational unit (searchable by keyword)
zonestringEquipment zone (development, production, user acceptance testing, ..) (searchable by keyword)
scopearrayUnder what compliance scopes the listed equipment falls under (searchable by keyword)
host_typestringEquipment type (virtual, physical) (searchable by keyword)
host_classificationstringClassification (Windows desktop, Windows server, AIX, Linux RH, ..) (searchable by keyword)
commentstringA comment describing the host
addressesarraytagsarraydisabledstring- Enum
- BY_ADMIN
- BY_LICENSE
certificate_templatestringName of the certificate template used for certificate authentication for this host
Responses
Request examples
{
"access_group_id": "5bf77342-221c-11ee-be56-0242ac120002",
"deployable": true,
"tofu": true,
"stand_alone_host": true,
"external_id": "string",
"instance_id": "string",
"audit_enabled": true,
"session_recording_options": {
"disable_clipboard_recording": true,
"disable_file_transfer_recording": true
},
"ssh_host_public_keys": [
{
"key": "string"
}
],
"host_certificate_raw": "string",
"contact_address": "string",
"services": [
{
"service": "SSH",
"address": "string",
"port": 123,
"use_for_password_rotation": true,
"db": {
"protocol": "postgres",
"tls_certificate_validation": "ENABLED",
"tls_certificate_trust_anchors": "string",
"audit_skip_bytes": 123
},
"source": "string"
}
],
"principals": [
{
"principal": "string",
"target_domain": {
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string",
"deleted": true
},
"rotate": true,
"use_for_password_rotation": true,
"use_user_account": true,
"passphrase": "string",
"source": "string",
"roles": [
{
"id": "5bf77342-221c-11ee-be56-0242ac120002"
}
],
"applications": [
{
"name": "string",
"application": "string",
"arguments": "string",
"working_directory": "string"
}
],
"service_options": {
"ssh": {
"shell": true,
"file_transfer": true,
"exec": true,
"tunnels": true,
"x11": true,
"other": true
},
"rdp": {
"file_transfer": true,
"audio": true,
"clipboard": true
},
"web": {
"file_transfer": true,
"audio": true,
"clipboard": true
},
"vnc": {
"file_transfer": true,
"clipboard": true
},
"db": {
"max_bytes_download": 123,
"max_bytes_upload": 123
}
},
"command_restrictions": {
"enabled": true,
"default_whitelist": {
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string",
"deleted": true
},
"rshell_variant": "bash",
"banner": "string",
"allow_no_match": true,
"audit_match": true,
"audit_no_match": true,
"whitelists": [
{
"whitelist": {
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string",
"deleted": true
},
"roles": [
{
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "string"
}
]
}
]
}
}
],
"password_rotation_enabled": true,
"password_rotation": {
"access_group_id": "5bf77342-221c-11ee-be56-0242ac120002",
"use_main_account": true,
"operating_system": "LINUX",
"winrm_address": "string",
"winrm_port": 123,
"protocol": "SSH",
"certificate_validation_options": "DISABLED",
"winrm_host_certificate_trust_anchors": "string",
"password_policy_id": "5bf77342-221c-11ee-be56-0242ac120002",
"script_template_id": "5bf77342-221c-11ee-be56-0242ac120002",
"rotation_status": [
{
"principal": "string",
"last_rotated": "2017-01-01T15:05:05Z",
"last_error": "2017-01-01T15:05:05Z",
"last_error_details": "string"
}
],
"created": "2017-01-01T15:05:05Z",
"updated": "2017-01-01T15:05:05Z",
"created_by": "string",
"updated_by": "string"
},
"source_id": "string",
"cloud_provider": "string",
"cloud_provider_region": "string",
"distinguished_name": "string",
"common_name": "string",
"organization": "string",
"organizational_unit": "string",
"zone": "string",
"scope": [
"string"
],
"host_type": "string",
"host_classification": "string",
"comment": "string",
"addresses": [
"string"
],
"tags": [
"string"
],
"disabled": "BY_ADMIN",
"certificate_template": "string"
}Response examples
Operation okay
{
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"action": "CREATED"
}/host-store/api/v1/hosts/{host_id}/deployableSet a host to be depoyable or undeployable.
deployablebooleanResponses
Request examples
{
"deployable": true
}Response examples
Host successfully updated
Empty response
/host-store/api/v1/hosts/tagsGet list of host's tags.
offsetintOffset from which to start fetching objects
- Default
- 0
limitintMaximum number of objects to return
- Default
- 50
sortdirstringSort direction, asc or desc
- Default
- "ASC"
- Enum
- ASC
- DESC
querystringQuery string matches the tags
Responses
Response examples
Received list of host's tags
[
"string"
]/host-store/api/v1/hosts/{host_id}/disabledEnable/disable host.
disabledbooleanResponses
Request examples
{
"disabled": true
}Response examples
Host enabled/disabled successfully
Empty response
Was this page helpful?