diff --git a/.gitignore b/.gitignore index 34885fda..94a19870 100644 --- a/.gitignore +++ b/.gitignore @@ -12,3 +12,4 @@ test-results.xml *.log* npm-debug.log package-lock.json +.venv/ \ No newline at end of file diff --git a/api/services/security/v1/parameters/accountId_query.yaml b/api/services/security/v1/parameters/accountId_query.yaml new file mode 100644 index 00000000..95c6d945 --- /dev/null +++ b/api/services/security/v1/parameters/accountId_query.yaml @@ -0,0 +1,10 @@ +description: A comma-separated list of cloud account IDs. For AWS this is the account + ID. For Azure, this is the subscription ID. +in: query +name: accountId +required: false +schema: + description: A comma-separated list of cloud account IDs. For AWS this is the account + ID. For Azure, this is the subscription ID. + title: Accountid + type: string diff --git a/api/services/security/v1/parameters/accountName_query.yaml b/api/services/security/v1/parameters/accountName_query.yaml new file mode 100644 index 00000000..6543f7b1 --- /dev/null +++ b/api/services/security/v1/parameters/accountName_query.yaml @@ -0,0 +1,8 @@ +description: A comma-separated list of cloud account names. +in: query +name: accountName +required: false +schema: + description: A comma-separated list of cloud account names. + title: Accountname + type: string diff --git a/api/services/security/v1/parameters/assetId_query.yaml b/api/services/security/v1/parameters/assetId_query.yaml new file mode 100644 index 00000000..d705a0de --- /dev/null +++ b/api/services/security/v1/parameters/assetId_query.yaml @@ -0,0 +1,8 @@ +description: The asset's ID (a cloud resource). +in: query +name: assetId +required: false +schema: + description: The asset's ID (a cloud resource). + title: Assetid + type: string diff --git a/api/services/security/v1/parameters/assetType_query.yaml b/api/services/security/v1/parameters/assetType_query.yaml new file mode 100644 index 00000000..774f9e65 --- /dev/null +++ b/api/services/security/v1/parameters/assetType_query.yaml @@ -0,0 +1,8 @@ +description: A comma-separated list of cloud resources for the service. +in: query +name: assetType +required: false +schema: + description: A comma-separated list of cloud resources for the service. + title: Assettype + type: string diff --git a/api/services/security/v1/parameters/cloud_query.yaml b/api/services/security/v1/parameters/cloud_query.yaml new file mode 100644 index 00000000..b6c27b7c --- /dev/null +++ b/api/services/security/v1/parameters/cloud_query.yaml @@ -0,0 +1,5 @@ +in: query +name: cloud +required: true +schema: + $ref: "../schemas/cloud__constant__base__CloudProvider.yaml" diff --git a/api/services/security/v1/parameters/complianceName_path.yaml b/api/services/security/v1/parameters/complianceName_path.yaml new file mode 100644 index 00000000..d8949124 --- /dev/null +++ b/api/services/security/v1/parameters/complianceName_path.yaml @@ -0,0 +1,9 @@ +description: The name of the cyber security compliance. +example: SOC_2 +in: path +name: complianceName +required: true +schema: + description: The name of the cyber security compliance. + title: Compliancename + type: string diff --git a/api/services/security/v1/parameters/complianceName_query.yaml b/api/services/security/v1/parameters/complianceName_query.yaml new file mode 100644 index 00000000..ac8c6c4d --- /dev/null +++ b/api/services/security/v1/parameters/complianceName_query.yaml @@ -0,0 +1,9 @@ +description: The name of the cyber security compliance. +example: SOC_2 +in: query +name: complianceName +required: false +schema: + description: The name of the cyber security compliance. + title: Compliancename + type: string diff --git a/api/services/security/v1/parameters/controlId_query.yaml b/api/services/security/v1/parameters/controlId_query.yaml new file mode 100644 index 00000000..f4846140 --- /dev/null +++ b/api/services/security/v1/parameters/controlId_query.yaml @@ -0,0 +1,9 @@ +description: The ID of the control defined in the compliance. +example: A1.2 +in: query +name: controlId +required: false +schema: + description: The ID of the control defined in the compliance. + title: Controlid + type: string diff --git a/api/services/security/v1/parameters/date_query.yaml b/api/services/security/v1/parameters/date_query.yaml new file mode 100644 index 00000000..26b8c74c --- /dev/null +++ b/api/services/security/v1/parameters/date_query.yaml @@ -0,0 +1,10 @@ +description: The date the finding was most recently found (YYYY-MM-DD). +example: '1997-11-11' +in: query +name: date +required: false +schema: + description: The date the finding was most recently found (YYYY-MM-DD). + format: date + title: Date + type: string diff --git a/api/services/security/v1/parameters/isAutomated_query.yaml b/api/services/security/v1/parameters/isAutomated_query.yaml new file mode 100644 index 00000000..9bee385b --- /dev/null +++ b/api/services/security/v1/parameters/isAutomated_query.yaml @@ -0,0 +1,8 @@ +description: If this is not a manual control, the value is True. +in: query +name: isAutomated +required: false +schema: + description: If this is not a manual control, the value is True. + title: Isautomated + type: boolean diff --git a/api/services/security/v1/parameters/notAccountId_query.yaml b/api/services/security/v1/parameters/notAccountId_query.yaml new file mode 100644 index 00000000..abaef797 --- /dev/null +++ b/api/services/security/v1/parameters/notAccountId_query.yaml @@ -0,0 +1,10 @@ +description: A comma-separated list of cloud account IDs to exclude. For AWS this + is the account ID. For Azure, this is the subscription ID. +in: query +name: notAccountId +required: false +schema: + description: A comma-separated list of cloud account IDs to exclude. For AWS this + is the account ID. For Azure, this is the subscription ID. + title: Notaccountid + type: string diff --git a/api/services/security/v1/parameters/notAccountName_query.yaml b/api/services/security/v1/parameters/notAccountName_query.yaml new file mode 100644 index 00000000..2add4be0 --- /dev/null +++ b/api/services/security/v1/parameters/notAccountName_query.yaml @@ -0,0 +1,8 @@ +description: A comma-separated list of cloud account names to exclude +in: query +name: notAccountName +required: false +schema: + description: A comma-separated list of cloud account names to exclude + title: Notaccountname + type: string diff --git a/api/services/security/v1/parameters/notAssetType_query.yaml b/api/services/security/v1/parameters/notAssetType_query.yaml new file mode 100644 index 00000000..e661ebd1 --- /dev/null +++ b/api/services/security/v1/parameters/notAssetType_query.yaml @@ -0,0 +1,8 @@ +description: A comma-separated list of cloud resources for the service to exclude. +in: query +name: notAssetType +required: false +schema: + description: A comma-separated list of cloud resources for the service to exclude. + title: Notassettype + type: string diff --git a/api/services/security/v1/parameters/notRegion_query.yaml b/api/services/security/v1/parameters/notRegion_query.yaml new file mode 100644 index 00000000..8834aa51 --- /dev/null +++ b/api/services/security/v1/parameters/notRegion_query.yaml @@ -0,0 +1,9 @@ +description: A comma-separated list of cloud regions to exclude. +example: us-east-1 +in: query +name: notRegion +required: false +schema: + description: A comma-separated list of cloud regions to exclude. + title: Notregion + type: string diff --git a/api/services/security/v1/parameters/notService_query.yaml b/api/services/security/v1/parameters/notService_query.yaml new file mode 100644 index 00000000..4523f2ee --- /dev/null +++ b/api/services/security/v1/parameters/notService_query.yaml @@ -0,0 +1,8 @@ +description: A comma-separated list of cloud services to exclude. +in: query +name: notService +required: false +schema: + description: A comma-separated list of cloud services to exclude. + title: Notservice + type: string diff --git a/api/services/security/v1/parameters/paginationKey_query.yaml b/api/services/security/v1/parameters/paginationKey_query.yaml new file mode 100644 index 00000000..6a187a9c --- /dev/null +++ b/api/services/security/v1/parameters/paginationKey_query.yaml @@ -0,0 +1,8 @@ +description: Token of the page to return. +in: query +name: paginationKey +required: false +schema: + description: Token of the page to return. + title: Paginationkey + type: string diff --git a/api/services/security/v1/parameters/paginationSize_query.yaml b/api/services/security/v1/parameters/paginationSize_query.yaml new file mode 100644 index 00000000..e0f2aa8c --- /dev/null +++ b/api/services/security/v1/parameters/paginationSize_query.yaml @@ -0,0 +1,11 @@ +description: Number of items to return per page. +in: query +name: paginationSize +required: false +schema: + default: 100 + description: Number of items to return per page. + maximum: 100 + minimum: 1 + title: Paginationsize + type: integer diff --git a/api/services/security/v1/parameters/region_query.yaml b/api/services/security/v1/parameters/region_query.yaml new file mode 100644 index 00000000..0178cd68 --- /dev/null +++ b/api/services/security/v1/parameters/region_query.yaml @@ -0,0 +1,9 @@ +description: A comma-separated list of cloud regions. +example: us-east-1 +in: query +name: region +required: false +schema: + description: A comma-separated list of cloud regions. + title: Region + type: string diff --git a/api/services/security/v1/parameters/ruleName_query.yaml b/api/services/security/v1/parameters/ruleName_query.yaml new file mode 100644 index 00000000..22b3a4ec --- /dev/null +++ b/api/services/security/v1/parameters/ruleName_query.yaml @@ -0,0 +1,8 @@ +description: The unique name of the rule. +in: query +name: ruleName +required: false +schema: + description: The unique name of the rule. + title: Rulename + type: string diff --git a/api/services/security/v1/parameters/service_query.yaml b/api/services/security/v1/parameters/service_query.yaml new file mode 100644 index 00000000..1c67e9cc --- /dev/null +++ b/api/services/security/v1/parameters/service_query.yaml @@ -0,0 +1,8 @@ +description: A comma-separated list of cloud services. +in: query +name: service +required: false +schema: + description: A comma-separated list of cloud services. + title: Service + type: string diff --git a/api/services/security/v1/paths/compliances.yaml b/api/services/security/v1/paths/compliances.yaml new file mode 100644 index 00000000..dc46c272 --- /dev/null +++ b/api/services/security/v1/paths/compliances.yaml @@ -0,0 +1,33 @@ +get: + description: 'A cyber security compliance determines how compliant an asset is. + It checks against specific security standards. + + This API returns list of all compliances supported in Spot. + + A compliance consists of one or more controls.' + operationId: get_compliances_v1_compliances_get + parameters: + - $ref: "../parameters/paginationKey_query.yaml" + - $ref: "../parameters/paginationSize_query.yaml" + responses: + '200': + content: + application/json: + schema: + $ref: "../schemas/SpotResponse_PaginatedResponse_ComplianceModel__.yaml" + description: Successful Response + '400': + content: {} + description: Bad Request + '404': + description: Not Found + '422': + content: + application/json: + schema: + $ref: "../schemas/HTTPValidationError.yaml" + description: Validation Error + summary: Get Compliances + tags: + - Compliance +parameters: [] diff --git a/api/services/security/v1/paths/controls.yaml b/api/services/security/v1/paths/controls.yaml new file mode 100644 index 00000000..be01a8eb --- /dev/null +++ b/api/services/security/v1/paths/controls.yaml @@ -0,0 +1,36 @@ +get: + description: 'A control is countermeasures to avoid, detect, counteract, or minimize + security risks of cloud assets. + + A control may be part of one or more compliances. A control is verified in one + or more rules. + + This API returns the list of controls mapped to a specific compliance.' + operationId: get_compliance_controls_v1_compliances__complianceName__controls_get + parameters: + - $ref: "../parameters/complianceName_path.yaml" + - $ref: "../parameters/isAutomated_query.yaml" + - $ref: "../parameters/paginationKey_query.yaml" + - $ref: "../parameters/paginationSize_query.yaml" + responses: + '200': + content: + application/json: + schema: + $ref: "../schemas/SpotResponse_PaginatedResponse_ControlModel__.yaml" + description: Successful Response + '400': + content: {} + description: Bad Request + '404': + description: Not Found + '422': + content: + application/json: + schema: + $ref: "../schemas/HTTPValidationError.yaml" + description: Validation Error + summary: Get Compliance Controls + tags: + - Compliance +parameters: [] diff --git a/api/services/security/v1/paths/controls_count.yaml b/api/services/security/v1/paths/controls_count.yaml new file mode 100644 index 00000000..49596589 --- /dev/null +++ b/api/services/security/v1/paths/controls_count.yaml @@ -0,0 +1,28 @@ +get: + description: Get the total number of controls for the selected compliance. + operationId: get_compliance_controls_count_v1_compliances__complianceName__controls_count_get + parameters: + - $ref: "../parameters/complianceName_path.yaml" + - $ref: "../parameters/isAutomated_query.yaml" + responses: + '200': + content: + application/json: + schema: + $ref: "../schemas/SpotResponse_BaseResponse_CountModel__.yaml" + description: Successful Response + '400': + content: {} + description: Bad Request + '404': + description: Not Found + '422': + content: + application/json: + schema: + $ref: "../schemas/HTTPValidationError.yaml" + description: Validation Error + summary: Get Compliance Controls Count + tags: + - Compliance +parameters: [] diff --git a/api/services/security/v1/paths/count.yaml b/api/services/security/v1/paths/count.yaml new file mode 100644 index 00000000..e86d21cd --- /dev/null +++ b/api/services/security/v1/paths/count.yaml @@ -0,0 +1,20 @@ +get: + description: Get the total number of compliances. + operationId: get_compliance_count_v1_compliances_count_get + parameters: [] + responses: + '200': + content: + application/json: + schema: + $ref: "../schemas/SpotResponse_BaseResponse_CountModel__.yaml" + description: Successful Response + '400': + content: {} + description: Bad Request + '404': + description: Not Found + summary: Get Compliance Count + tags: + - Compliance +parameters: [] diff --git a/api/services/security/v1/paths/misconfigurations.yaml b/api/services/security/v1/paths/misconfigurations.yaml new file mode 100644 index 00000000..cb2f88ad --- /dev/null +++ b/api/services/security/v1/paths/misconfigurations.yaml @@ -0,0 +1,42 @@ +get: + description: This API returns the list of assets that have misconfigurations. + operationId: get_misconfigurations_v1_misconfigurations_get + parameters: + - $ref: "../parameters/cloud_query.yaml" + - $ref: "../parameters/accountId_query.yaml" + - $ref: "../parameters/notAccountId_query.yaml" + - $ref: "../parameters/accountName_query.yaml" + - $ref: "../parameters/notAccountName_query.yaml" + - $ref: "../parameters/region_query.yaml" + - $ref: "../parameters/notRegion_query.yaml" + - $ref: "../parameters/date_query.yaml" + - $ref: "../parameters/service_query.yaml" + - $ref: "../parameters/notService_query.yaml" + - $ref: "../parameters/assetType_query.yaml" + - $ref: "../parameters/notAssetType_query.yaml" + - $ref: "../parameters/ruleName_query.yaml" + - $ref: "../parameters/assetId_query.yaml" + - $ref: "../parameters/paginationKey_query.yaml" + - $ref: "../parameters/paginationSize_query.yaml" + responses: + '200': + content: + application/json: + schema: + $ref: "../schemas/SpotResponse_PaginatedResponse_MisconfigurationModel__.yaml" + description: Successful Response + '400': + content: {} + description: Bad Request + '404': + description: Not Found + '422': + content: + application/json: + schema: + $ref: "../schemas/HTTPValidationError.yaml" + description: Validation Error + summary: Get Misconfigurations + tags: + - Misconfiguration +parameters: [] diff --git a/api/services/security/v1/paths/misconfigurations_count.yaml b/api/services/security/v1/paths/misconfigurations_count.yaml new file mode 100644 index 00000000..2ab651c6 --- /dev/null +++ b/api/services/security/v1/paths/misconfigurations_count.yaml @@ -0,0 +1,40 @@ +get: + description: This API returns a count of assets that have misconfigurations. + operationId: get_misconfigurations_count_v1_misconfigurations_count_get + parameters: + - $ref: "../parameters/cloud_query.yaml" + - $ref: "../parameters/accountId_query.yaml" + - $ref: "../parameters/notAccountId_query.yaml" + - $ref: "../parameters/accountName_query.yaml" + - $ref: "../parameters/notAccountName_query.yaml" + - $ref: "../parameters/region_query.yaml" + - $ref: "../parameters/notRegion_query.yaml" + - $ref: "../parameters/date_query.yaml" + - $ref: "../parameters/service_query.yaml" + - $ref: "../parameters/notService_query.yaml" + - $ref: "../parameters/assetType_query.yaml" + - $ref: "../parameters/notAssetType_query.yaml" + - $ref: "../parameters/ruleName_query.yaml" + - $ref: "../parameters/assetId_query.yaml" + responses: + '200': + content: + application/json: + schema: + $ref: "../schemas/SpotResponse_BaseResponse_CountModel__.yaml" + description: Successful Response + '400': + content: {} + description: Bad Request + '404': + description: Not Found + '422': + content: + application/json: + schema: + $ref: "../schemas/HTTPValidationError.yaml" + description: Validation Error + summary: Get Misconfigurations Count + tags: + - Misconfiguration +parameters: [] diff --git a/api/services/security/v1/paths/rules.yaml b/api/services/security/v1/paths/rules.yaml new file mode 100644 index 00000000..691b28f1 --- /dev/null +++ b/api/services/security/v1/paths/rules.yaml @@ -0,0 +1,38 @@ +get: + description: 'Rules are configuration checks that detect misconfigurations in your + cloud environment. + + Rules are cloud service provider specific. A rule is mapped to one or more controls. + + This API returns the list of rules that can determine the state of a specific + control.' + operationId: get_rules_v1_misconfigurations_rules_get + parameters: + - $ref: "../parameters/cloud_query.yaml" + - $ref: "../parameters/complianceName_query.yaml" + - $ref: "../parameters/controlId_query.yaml" + - $ref: "../parameters/service_query.yaml" + - $ref: "../parameters/paginationKey_query.yaml" + - $ref: "../parameters/paginationSize_query.yaml" + responses: + '200': + content: + application/json: + schema: + $ref: "../schemas/SpotResponse_PaginatedResponse_RulesModel__.yaml" + description: Successful Response + '400': + content: {} + description: Bad Request + '404': + description: Not Found + '422': + content: + application/json: + schema: + $ref: "../schemas/HTTPValidationError.yaml" + description: Validation Error + summary: Get Rules + tags: + - Misconfiguration +parameters: [] diff --git a/api/services/security/v1/paths/rules_count.yaml b/api/services/security/v1/paths/rules_count.yaml new file mode 100644 index 00000000..6f0802a1 --- /dev/null +++ b/api/services/security/v1/paths/rules_count.yaml @@ -0,0 +1,36 @@ +get: + description: 'Rules are configuration checks that detect misconfigurations in your + cloud environment. + + Rules are cloud service provider specific. A rule is mapped to one or more controls. + + This API returns the list of rules that can determine the state of a specific + control.' + operationId: get_rules_count_v1_misconfigurations_rules_count_get + parameters: + - $ref: "../parameters/cloud_query.yaml" + - $ref: "../parameters/complianceName_query.yaml" + - $ref: "../parameters/controlId_query.yaml" + - $ref: "../parameters/service_query.yaml" + responses: + '200': + content: + application/json: + schema: + $ref: "../schemas/SpotResponse_BaseResponse_CountModel__.yaml" + description: Successful Response + '400': + content: {} + description: Bad Request + '404': + description: Not Found + '422': + content: + application/json: + schema: + $ref: "../schemas/HTTPValidationError.yaml" + description: Validation Error + summary: Get Rules Count + tags: + - Misconfiguration +parameters: [] diff --git a/api/services/security/v1/schemas/BaseResponse_CountModel_.yaml b/api/services/security/v1/schemas/BaseResponse_CountModel_.yaml new file mode 100644 index 00000000..0f582475 --- /dev/null +++ b/api/services/security/v1/schemas/BaseResponse_CountModel_.yaml @@ -0,0 +1,20 @@ +properties: + count: + default: 0 + description: The number of items. + title: Count + type: integer + items: + description: The array of objects in this response. The length of the array is + according to the 'count' attribute. + items: + $ref: ./CountModel.yaml + title: Items + type: array + status: + $ref: ./StatusModel.yaml +required: +- status +- items +title: BaseResponse[CountModel] +type: object diff --git a/api/services/security/v1/schemas/ComplianceModel.yaml b/api/services/security/v1/schemas/ComplianceModel.yaml new file mode 100644 index 00000000..7e647b06 --- /dev/null +++ b/api/services/security/v1/schemas/ComplianceModel.yaml @@ -0,0 +1,6 @@ +properties: + complianceName: + title: Compliancename + type: string +title: ComplianceModel +type: object diff --git a/api/services/security/v1/schemas/ControlModel.yaml b/api/services/security/v1/schemas/ControlModel.yaml new file mode 100644 index 00000000..3d69a5db --- /dev/null +++ b/api/services/security/v1/schemas/ControlModel.yaml @@ -0,0 +1,12 @@ +properties: + controlId: + title: Controlid + type: string + description: + title: Description + type: string + isAutomated: + title: Isautomated + type: boolean +title: ControlModel +type: object diff --git a/api/services/security/v1/schemas/CountModel.yaml b/api/services/security/v1/schemas/CountModel.yaml new file mode 100644 index 00000000..3cba435d --- /dev/null +++ b/api/services/security/v1/schemas/CountModel.yaml @@ -0,0 +1,9 @@ +properties: + value: + description: The number of items. + title: Value + type: integer +required: +- value +title: CountModel +type: object diff --git a/api/services/security/v1/schemas/Effort.yaml b/api/services/security/v1/schemas/Effort.yaml new file mode 100644 index 00000000..862936d2 --- /dev/null +++ b/api/services/security/v1/schemas/Effort.yaml @@ -0,0 +1,7 @@ +enum: +- High +- Medium +- Low +- '' +title: Effort +type: string diff --git a/api/services/security/v1/schemas/ErrorModel.yaml b/api/services/security/v1/schemas/ErrorModel.yaml new file mode 100644 index 00000000..4ae65612 --- /dev/null +++ b/api/services/security/v1/schemas/ErrorModel.yaml @@ -0,0 +1,12 @@ +properties: + code: + title: Code + type: string + message: + title: Message + type: string +required: +- code +- message +title: ErrorModel +type: object diff --git a/api/services/security/v1/schemas/HTTPValidationError.yaml b/api/services/security/v1/schemas/HTTPValidationError.yaml new file mode 100644 index 00000000..c788cb61 --- /dev/null +++ b/api/services/security/v1/schemas/HTTPValidationError.yaml @@ -0,0 +1,8 @@ +properties: + detail: + items: + $ref: ./ValidationError.yaml + title: Detail + type: array +title: HTTPValidationError +type: object diff --git a/api/services/security/v1/schemas/MisconfigurationModel.yaml b/api/services/security/v1/schemas/MisconfigurationModel.yaml new file mode 100644 index 00000000..c650dcb8 --- /dev/null +++ b/api/services/security/v1/schemas/MisconfigurationModel.yaml @@ -0,0 +1,21 @@ +properties: + organizationId: + description: The Spot Organization ID. + title: Organizationid + type: string + what: + $ref: ./MisconfigurationWhatModel.yaml + when: + $ref: ./MisconfigurationWhenModel.yaml + where: + $ref: ./MisconfigurationWhereModel.yaml + who: + $ref: ./MisconfigurationWhoModel.yaml +required: +- organizationId +- when +- what +- where +- who +title: MisconfigurationModel +type: object diff --git a/api/services/security/v1/schemas/MisconfigurationWhatModel.yaml b/api/services/security/v1/schemas/MisconfigurationWhatModel.yaml new file mode 100644 index 00000000..6e450b78 --- /dev/null +++ b/api/services/security/v1/schemas/MisconfigurationWhatModel.yaml @@ -0,0 +1,43 @@ +properties: + args: + description: 'Certain misconfiguration rules have arguments. This field contains + the arguments in the form of an comma separated array. Example: ["MongoDB", + "TCP", "27017"]' + items: + type: string + title: Args + type: array + isSuppressed: + description: If this finding is suppressed, the value is True. + title: Issuppressed + type: boolean + ruleDescription: + description: Description of the rule. + title: Ruledescription + type: string + ruleName: + description: The unique name of the rule. + title: Rulename + type: string + ruleTitle: + description: The name of the rule. + title: Ruletitle + type: string + severity: + description: The severity of the rule. + title: Severity + type: string + state: + description: The state of the misconfiguration. It is either open or closed. + title: State + type: string +required: +- ruleName +- ruleTitle +- ruleDescription +- args +- severity +- state +- isSuppressed +title: MisconfigurationWhatModel +type: object diff --git a/api/services/security/v1/schemas/MisconfigurationWhenModel.yaml b/api/services/security/v1/schemas/MisconfigurationWhenModel.yaml new file mode 100644 index 00000000..d16373d8 --- /dev/null +++ b/api/services/security/v1/schemas/MisconfigurationWhenModel.yaml @@ -0,0 +1,15 @@ +properties: + lastSeen: + description: The date the finding was most recently found (YYYY-MM-DD). + title: Lastseen + type: string + suppressedAt: + description: When the finding was suppressed. + format: date-time + title: Suppressedat + type: string +required: +- lastSeen +- suppressedAt +title: MisconfigurationWhenModel +type: object diff --git a/api/services/security/v1/schemas/MisconfigurationWhereModel.yaml b/api/services/security/v1/schemas/MisconfigurationWhereModel.yaml new file mode 100644 index 00000000..5e1873d1 --- /dev/null +++ b/api/services/security/v1/schemas/MisconfigurationWhereModel.yaml @@ -0,0 +1,42 @@ +properties: + accountId: + description: A comma-separated list of cloud account IDs. For AWS this is the + account ID. For Azure, this is the subscription ID. + title: Accountid + type: string + assetId: + description: The asset's ID (a cloud resource). + title: Assetid + type: string + assetName: + description: The name of the asset ID. + title: Assetname + type: string + assetType: + description: A comma-separated list of cloud resources for the service. + title: Assettype + type: string + findingLocation: + description: 'For a misconfiguration: the cloud resource or a subelement of the + cloud resource. For a vulnerability: the cloud resource, + an OS image, or a filename.' + title: Findinglocation + type: string + region: + description: A comma-separated list of cloud regions. + title: Region + type: string + service: + description: The cloud service. + title: Service + type: string +required: +- accountId +- service +- assetId +- assetName +- assetType +- region +- findingLocation +title: MisconfigurationWhereModel +type: object diff --git a/api/services/security/v1/schemas/MisconfigurationWhoModel.yaml b/api/services/security/v1/schemas/MisconfigurationWhoModel.yaml new file mode 100644 index 00000000..2cf6939f --- /dev/null +++ b/api/services/security/v1/schemas/MisconfigurationWhoModel.yaml @@ -0,0 +1,9 @@ +properties: + suppressedBy: + description: The user who suppressed the finding. + title: Suppressedby + type: string +required: +- suppressedBy +title: MisconfigurationWhoModel +type: object diff --git a/api/services/security/v1/schemas/PaginatedResponse_ComplianceModel_.yaml b/api/services/security/v1/schemas/PaginatedResponse_ComplianceModel_.yaml new file mode 100644 index 00000000..d43d8d19 --- /dev/null +++ b/api/services/security/v1/schemas/PaginatedResponse_ComplianceModel_.yaml @@ -0,0 +1,23 @@ +properties: + count: + default: 0 + description: The number of items. + title: Count + type: integer + items: + description: The array of objects in this response. The length of the array is + according to the 'count' attribute. + items: + $ref: ./ComplianceModel.yaml + title: Items + type: array + paginationInfo: + $ref: ./PaginationModel.yaml + status: + $ref: ./StatusModel.yaml +required: +- status +- items +- paginationInfo +title: PaginatedResponse[ComplianceModel] +type: object diff --git a/api/services/security/v1/schemas/PaginatedResponse_ControlModel_.yaml b/api/services/security/v1/schemas/PaginatedResponse_ControlModel_.yaml new file mode 100644 index 00000000..04b280b2 --- /dev/null +++ b/api/services/security/v1/schemas/PaginatedResponse_ControlModel_.yaml @@ -0,0 +1,23 @@ +properties: + count: + default: 0 + description: The number of items. + title: Count + type: integer + items: + description: The array of objects in this response. The length of the array is + according to the 'count' attribute. + items: + $ref: ./ControlModel.yaml + title: Items + type: array + paginationInfo: + $ref: ./PaginationModel.yaml + status: + $ref: ./StatusModel.yaml +required: +- status +- items +- paginationInfo +title: PaginatedResponse[ControlModel] +type: object diff --git a/api/services/security/v1/schemas/PaginatedResponse_MisconfigurationModel_.yaml b/api/services/security/v1/schemas/PaginatedResponse_MisconfigurationModel_.yaml new file mode 100644 index 00000000..9abdd2a7 --- /dev/null +++ b/api/services/security/v1/schemas/PaginatedResponse_MisconfigurationModel_.yaml @@ -0,0 +1,23 @@ +properties: + count: + default: 0 + description: The number of items. + title: Count + type: integer + items: + description: The array of objects in this response. The length of the array is + according to the 'count' attribute. + items: + $ref: ./MisconfigurationModel.yaml + title: Items + type: array + paginationInfo: + $ref: ./PaginationModel.yaml + status: + $ref: ./StatusModel.yaml +required: +- status +- items +- paginationInfo +title: PaginatedResponse[MisconfigurationModel] +type: object diff --git a/api/services/security/v1/schemas/PaginatedResponse_RulesModel_.yaml b/api/services/security/v1/schemas/PaginatedResponse_RulesModel_.yaml new file mode 100644 index 00000000..e60007f2 --- /dev/null +++ b/api/services/security/v1/schemas/PaginatedResponse_RulesModel_.yaml @@ -0,0 +1,23 @@ +properties: + count: + default: 0 + description: The number of items. + title: Count + type: integer + items: + description: The array of objects in this response. The length of the array is + according to the 'count' attribute. + items: + $ref: ./RulesModel.yaml + title: Items + type: array + paginationInfo: + $ref: ./PaginationModel.yaml + status: + $ref: ./StatusModel.yaml +required: +- status +- items +- paginationInfo +title: PaginatedResponse[RulesModel] +type: object diff --git a/api/services/security/v1/schemas/PaginationModel.yaml b/api/services/security/v1/schemas/PaginationModel.yaml new file mode 100644 index 00000000..497a899f --- /dev/null +++ b/api/services/security/v1/schemas/PaginationModel.yaml @@ -0,0 +1,18 @@ +properties: + nextKey: + description: Each API call has a unique token. This is the token for the next + page of results. + title: Nextkey + type: string + paginationSize: + description: The maximum number of items in the page. The attribute 'item' indicates + the actual number of items in the page. + title: Paginationsize + type: integer + previousKey: + description: Each API call has a unique token. This is the token for the previous + page of results. + title: Previouskey + type: string +title: PaginationModel +type: object diff --git a/api/services/security/v1/schemas/RequestModel.yaml b/api/services/security/v1/schemas/RequestModel.yaml new file mode 100644 index 00000000..7f7a8ccb --- /dev/null +++ b/api/services/security/v1/schemas/RequestModel.yaml @@ -0,0 +1,28 @@ +properties: + body: + title: Body + type: object + id: + title: Id + type: string + method: + title: Method + type: string + queryParameters: + title: Queryparameters + type: object + timestamp: + title: Timestamp + type: string + url: + title: Url + type: string +required: +- id +- url +- method +- queryParameters +- body +- timestamp +title: RequestModel +type: object diff --git a/api/services/security/v1/schemas/RulesModel.yaml b/api/services/security/v1/schemas/RulesModel.yaml new file mode 100644 index 00000000..27abfb75 --- /dev/null +++ b/api/services/security/v1/schemas/RulesModel.yaml @@ -0,0 +1,64 @@ +properties: + args: + description: 'Certain misconfiguration rules have arguments. This field contains + the arguments in the form of an comma separated array. Example: ["MongoDB", + "TCP", "27017"]' + items: + type: string + title: Args + type: array + cloud: + description: The name of the cloud. + title: Cloud + type: string + complianceName: + description: The name of the cyber security compliance. + items: + type: string + title: Compliancename + type: array + controls: + description: The ID of the control defined in the compliance. + items: + additionalProperties: + type: string + type: object + title: Controls + type: array + description: + description: Description of the rule. + title: Description + type: string + effort: + allOf: + - $ref: ./Effort.yaml + description: The effort required to fix the finding. + ruleName: + description: The unique name of the rule. + title: Rulename + type: string + ruleTitle: + description: The name of the rule. + title: Ruletitle + type: string + service: + description: The cloud service. + title: Service + type: string + severity: + allOf: + - $ref: ./Severity.yaml + description: The severity of the rule. +required: +- ruleName +- ruleTitle +- description +- cloud +- service +- args +- severity +- effort +- complianceName +- controls +title: RulesModel +type: object diff --git a/api/services/security/v1/schemas/Severity.yaml b/api/services/security/v1/schemas/Severity.yaml new file mode 100644 index 00000000..0cfdbf87 --- /dev/null +++ b/api/services/security/v1/schemas/Severity.yaml @@ -0,0 +1,7 @@ +enum: +- Critical +- High +- Medium +- Low +title: Severity +type: string diff --git a/api/services/security/v1/schemas/SpotResponse_BaseResponse_CountModel__.yaml b/api/services/security/v1/schemas/SpotResponse_BaseResponse_CountModel__.yaml new file mode 100644 index 00000000..cbeb655b --- /dev/null +++ b/api/services/security/v1/schemas/SpotResponse_BaseResponse_CountModel__.yaml @@ -0,0 +1,17 @@ +properties: + error: + allOf: + - $ref: ./ErrorModel.yaml + title: Error + request: + $ref: ./RequestModel.yaml + response: + allOf: + - $ref: ./BaseResponse_CountModel_.yaml + responseTime: + title: Responsetime + type: number +required: +- request +title: SpotResponse[BaseResponse[CountModel]] +type: object diff --git a/api/services/security/v1/schemas/SpotResponse_PaginatedResponse_ComplianceModel__.yaml b/api/services/security/v1/schemas/SpotResponse_PaginatedResponse_ComplianceModel__.yaml new file mode 100644 index 00000000..848a1786 --- /dev/null +++ b/api/services/security/v1/schemas/SpotResponse_PaginatedResponse_ComplianceModel__.yaml @@ -0,0 +1,17 @@ +properties: + error: + allOf: + - $ref: ./ErrorModel.yaml + title: Error + request: + $ref: ./RequestModel.yaml + response: + allOf: + - $ref: ./PaginatedResponse_ComplianceModel_.yaml + responseTime: + title: Responsetime + type: number +required: +- request +title: SpotResponse[PaginatedResponse[ComplianceModel]] +type: object diff --git a/api/services/security/v1/schemas/SpotResponse_PaginatedResponse_ControlModel__.yaml b/api/services/security/v1/schemas/SpotResponse_PaginatedResponse_ControlModel__.yaml new file mode 100644 index 00000000..a692ad6d --- /dev/null +++ b/api/services/security/v1/schemas/SpotResponse_PaginatedResponse_ControlModel__.yaml @@ -0,0 +1,17 @@ +properties: + error: + allOf: + - $ref: ./ErrorModel.yaml + title: Error + request: + $ref: ./RequestModel.yaml + response: + allOf: + - $ref: ./PaginatedResponse_ControlModel_.yaml + responseTime: + title: Responsetime + type: number +required: +- request +title: SpotResponse[PaginatedResponse[ControlModel]] +type: object diff --git a/api/services/security/v1/schemas/SpotResponse_PaginatedResponse_MisconfigurationModel__.yaml b/api/services/security/v1/schemas/SpotResponse_PaginatedResponse_MisconfigurationModel__.yaml new file mode 100644 index 00000000..a0411748 --- /dev/null +++ b/api/services/security/v1/schemas/SpotResponse_PaginatedResponse_MisconfigurationModel__.yaml @@ -0,0 +1,17 @@ +properties: + error: + allOf: + - $ref: ./ErrorModel.yaml + title: Error + request: + $ref: ./RequestModel.yaml + response: + allOf: + - $ref: ./PaginatedResponse_MisconfigurationModel_.yaml + responseTime: + title: Responsetime + type: number +required: +- request +title: SpotResponse[PaginatedResponse[MisconfigurationModel]] +type: object diff --git a/api/services/security/v1/schemas/SpotResponse_PaginatedResponse_RulesModel__.yaml b/api/services/security/v1/schemas/SpotResponse_PaginatedResponse_RulesModel__.yaml new file mode 100644 index 00000000..9f915029 --- /dev/null +++ b/api/services/security/v1/schemas/SpotResponse_PaginatedResponse_RulesModel__.yaml @@ -0,0 +1,17 @@ +properties: + error: + allOf: + - $ref: ./ErrorModel.yaml + title: Error + request: + $ref: ./RequestModel.yaml + response: + allOf: + - $ref: ./PaginatedResponse_RulesModel_.yaml + responseTime: + title: Responsetime + type: number +required: +- request +title: SpotResponse[PaginatedResponse[RulesModel]] +type: object diff --git a/api/services/security/v1/schemas/StatusModel.yaml b/api/services/security/v1/schemas/StatusModel.yaml new file mode 100644 index 00000000..1e82dac7 --- /dev/null +++ b/api/services/security/v1/schemas/StatusModel.yaml @@ -0,0 +1,12 @@ +properties: + code: + title: Code + type: integer + message: + title: Message + type: string +required: +- code +- message +title: StatusModel +type: object diff --git a/api/services/security/v1/schemas/ValidationError.yaml b/api/services/security/v1/schemas/ValidationError.yaml new file mode 100644 index 00000000..bb8db41b --- /dev/null +++ b/api/services/security/v1/schemas/ValidationError.yaml @@ -0,0 +1,20 @@ +properties: + loc: + items: + anyOf: + - type: string + - type: integer + title: Location + type: array + msg: + title: Message + type: string + type: + title: Error Type + type: string +required: +- loc +- msg +- type +title: ValidationError +type: object diff --git a/api/services/security/v1/schemas/cloud__constant__base__CloudProvider.yaml b/api/services/security/v1/schemas/cloud__constant__base__CloudProvider.yaml new file mode 100644 index 00000000..187e1baa --- /dev/null +++ b/api/services/security/v1/schemas/cloud__constant__base__CloudProvider.yaml @@ -0,0 +1,6 @@ +description: Enumeration of supported cloud providers. +enum: +- aws +- azure +title: CloudProvider +type: string diff --git a/api/services/security/v1/schemas/databases__constant__CloudProvider.yaml b/api/services/security/v1/schemas/databases__constant__CloudProvider.yaml new file mode 100644 index 00000000..ebb62a5a --- /dev/null +++ b/api/services/security/v1/schemas/databases__constant__CloudProvider.yaml @@ -0,0 +1,6 @@ +description: Supported cloud providers. +enum: +- aws +- azure +title: CloudProvider +type: string diff --git a/api/spot.yaml b/api/spot.yaml index 23f668de..c4279b73 100644 --- a/api/spot.yaml +++ b/api/spot.yaml @@ -220,6 +220,10 @@ x-tagGroups: - Connect Targets - Connect Workflows - Connect Workspaces + - name: Spot Security + tags: + - Compliance + - Misconfiguration paths: /aws/ec2/group: @@ -924,8 +928,24 @@ paths: /ocean/{oceanId}/rightSizing/rule/{ruleName}/detachment: $ref: services/ocean/rightsizing/paths/oceanRightsizingRuleDetachment.yaml /ocean/{oceanId}/rightSizing/recommendations: - $ref: services/ocean/rightsizing/paths/oceanRightsizingRecommendations.yaml + $ref: services/ocean/rightsizing/paths/oceanRightsizingRecommendations.yaml /ocean/{oceanId}/rightSizing/rollbacks: $ref: services/ocean/rightsizing/paths/oceanRightsizingRollbacks.yaml /ocean/{oceanId}/rightSizing/rollbacks/acknowledge: $ref: services/ocean/rightsizing/paths/oceanRightsizingAcknowledgeRollbacks.yaml + /security/v1/compliances: + $ref: services/security/v1/paths/compliances.yaml + /security/v1/compliances/count: + $ref: services/security/v1/paths/count.yaml + /security/v1/compliances/{complianceName}/controls: + $ref: services/security/v1/paths/controls.yaml + /security/v1/compliances/{complianceName}/controls/count: + $ref: services/security/v1/paths/controls_count.yaml + /security/v1/misconfigurations: + $ref: services/security/v1/paths/misconfigurations.yaml + /security/v1/misconfigurations/count: + $ref: services/security/v1/paths/misconfigurations_count.yaml + /security/v1/misconfigurations/rules: + $ref: services/security/v1/paths/rules.yaml + /security/v1/misconfigurations/rules/count: + $ref: services/security/v1/paths/rules_count.yaml \ No newline at end of file