Help Center> Organizations> User Guide> Managing SCPs> Actions Supported by SCP-based Authorization> Security & Compliance> SecMaster
Updated on 2024-03-15 GMT+08:00
View PDF

SecMaster

The Organizations service provides Service Control Policies (SCPs) to set access control policies.

SCPs do not actually grant any permissions to a principal. They only set the permission boundary for the principal. When SCPs are attached to a member account or an organizational unit (OU), they do not directly grant permissions to that member account or OU. Instead, the SCPs just determine what permissions are available for that member account or the member accounts under that OU.

This section describes the elements used by Organizations SCPs. The elements include actions, resources, and conditions.

For details about how to use these elements to create a custom SCP, see Creating an SCP.

Actions

Actions are specific operations that are allowed or denied in an SCP.

  • The Access Level column describes how the action is classified (List, Read, or Write). This classification helps you understand the level of access that an action grants when you use it in an SCP.
  • The Resource Type column indicates whether the action supports resource-level permissions.
    • You can use a wildcard (*) to indicate all resource types. If this column is empty (-), the action does not support resource-level permissions, and you must specify all resources ("*") in your SCP statements.
    • If this column includes a resource type, you must specify the resource URN in the Resource element of your statements.
    • Required resources are marked with asterisks (*) in the table. If you specify a resource in a statement using this action, then it must be of this type.

    For details about the resource types defined by SecMaster, see Resources.

  • The Condition Key column contains keys that you can specify in the Condition element of an SCP statement.
    • If the Resource Type column has values for an action, the condition key only takes effect only for the listed resource types.
    • If the Resource Type column is empty (-) for an action, the condition key takes effect for all resource types that action supports.
    • If the Condition Key column is empty (-) for an action, the action does not support any condition keys.

    For details about the condition keys defined by SecMaster, see Conditions.

The following table lists the actions that you can define in SCP statements for SecMaster.

Table 1 Actions supported by SecMaster

Action

Description

Access Level

Resource Type (*: Required)

Condition Key

secmaster:playbook:get

Grants the permission to query playbook details.

read

playbook *

-

secmaster:playbook:create

Grants the permission to create a playbook.

write

playbook *

-

secmaster:playbook:delete

Grants the permission to delete a playbook.

write

playbook *

-

secmaster:playbook:update

Grants the permission to update a playbook.

write

playbook *

-

secmaster:playbook:list

Grants the permission to query the playbook list.

list

playbook *

-

secmaster:playbook:getStatistics

Grants the permission to obtain playbook statistics.

read

playbook *

-

secmaster:playbook:getMonitor

Grants the permission to obtain the playbook running monitoring data.

read

playbook *

-

secmaster:playbook:copyVersion

Grants the permission to clone the playbook version.

write

playbook *

-

secmaster:playbook:approve

Grants the permission to review a playbook.

write

playbook *

-

secmaster:playbook:listApproves

Grants the permission to query the playbook review list.

list

playbook *

-

secmaster:playbook:listInstances

Grants the permission to query the playbook instance list.

list

playbook *

-

secmaster:playbook:getInstanceAuditlog

Grants the permission to query the audit log list of a playbook instance.

list

playbook *

-

secmaster:playbook:createVersion

Grants the permission to create a playbook version.

write

playbook *

-

secmaster:playbook:createVersionRule

Grants the permission to create a rule for a playbook version.

write

playbook *

-

secmaster:playbook:createVersionAction

Grants the permission to create an action for a playbook version.

write

playbook *

-

secmaster:playbook:getVersion

Grants the permission to obtain a playbook version.

read

playbook *

-

secmaster:playbook:getVersionRule

Grants the permission to obtain rules for a playbook version.

read

playbook *

-

secmaster:playbook:deleteVersion

Grants the permission to delete a playbook version.

write

playbook *

-

secmaster:playbook:deleteVersionRule

Grants the permission to delete a rule for a playbook version.

write

playbook *

-

secmaster:playbook:deleteVersionAction

Grants the permission to delete an action for a playbook version.

write

playbook *

-

secmaster:playbook:updateVersion

Grants the permission to update a playbook version.

write

playbook *

-

secmaster:playbook:updateVersionRule

Grants the permission to update a rule for a playbook version.

write

playbook *

-

secmaster:playbook:updateVersionAction

Grants the permission to update an action for a playbook version.

write

playbook *

-

secmaster:playbook:listVersions

Grants the permission to obtain the list of playbook versions.

list

playbook *

-

secmaster:playbook:listVersionActions

Grants the permission to obtain the list of actions for a playbook version.

list

playbook *

-

secmaster:playbook:getInstance

Grants the permission to query details about a playbook instance.

read

playbook *

-

secmaster:playbook:getInstanceTopology

Grants the permission to query details about a playbook instance topology.

read

playbook *

-

secmaster:playbook:operateInstance

Grants permissions to operate a playbook instance.

write

playbook *

-

secmaster:workflow:list

Grants the permission to query the workflow list.

list

workflow *

-

secmaster:workflow:get

Grants the permission to obtain details about a workflow.

read

workflow *

-

secmaster:workflow:delete

Grants the permission to delete a workflow.

write

workflow *

-

secmaster:workflow:create

Grants the permission to create a workflow.

write

workflow *

-

secmaster:workflow:update

Grants the permission to update a workflow.

write

workflow *

-

secmaster:workflow:listVersions

Grants the permission to obtain the list of workflow versions.

list

workflow *

-

secmaster:workflow:getVersion

Grants the permission to obtain details about a workflow version.

read

workflow *

-

secmaster:workflow:deleteVersion

Grants the permission to delete a workflow version.

write

workflow *

-

secmaster:workflow:createVersion

Grants the permission to create a workflow version.

write

workflow *

-

secmaster:workflow:updateVersion

Grants the permission to update a workflow version.

write

workflow *

-

secmaster:workflow:approveVersion

Grants the permission to review a workflow version.

write

workflow *

-

secmaster:workflow:validate

Grants the permission to verify a workflow version.

write

workflow *

-

secmaster:workflow:simulate

Grants the permission to update the debugging result of a workflow version.

write

workflow *

-

secmaster:workflow:getInstance

Grants the permission to query the topology of a workflow instance.

read

workflow *

-

secmaster:workflow:operateInstance

Grants the permission to update or create a workflow instance.

write

workflow *

-

secmaster:connection:list

Grants the permission to query the asset connection list.

list

connection *

-

secmaster:connection:create

Grants the permissions to create an asset connection.

write

connection *

-

secmaster:connection:get

Grants the permissions to obtain asset connection details.

read

connection *

-

secmaster:connection:delete

Grants the permissions to delete an asset connection.

write

connection *

-

secmaster:connection:update

Grants the permissions to update an asset connection.

write

connection *

-

secmaster:workspace:list

Grants the permission to query the workspace list.

list

workspace *

-

secmaster:workspace:create

Grants the permission to create a workspace.

write

workspace *

-

secmaster:workspace:update

Grants the permission to update a workspace.

write

workspace *

-

secmaster:workspace:get

Grants the permission to obtain workspace details.

read

workspace *

-

secmaster:workspace:delete

Grants the permission to delete a workspace.

write

workspace *

-

secmaster:task:list

Grants the permission to query the to-do list.

list

task *

-

secmaster:task:create

Grants the permission to create a to-do task.

write

task *

-

secmaster:task:update

Grants the permission to update to-do tasks.

write

task *

-

secmaster:task:get

Grants the permission to obtain to-do task details.

read

task *

-

secmaster:indicator:get

Grants the permission to obtain indicator details.

read

indicator *

-

secmaster:indicator:create

Grants the permission to create an indicator.

write

indicator *

-

secmaster:indicator:update

Grants the permission to update an indicator.

write

indicator *

-

secmaster:indicator:delete

Grants the permission to delete an indicator.

write

indicator *

-

secmaster:indicator:list

Grants the permission to query the indicator list.

read

indicator *

-

secmaster:indicator:listTypes

Grants the permission to query the indicator type list.

list

indicator *

-

secmaster:indicator:bindLayout

Grants the permissions to bind an indicator type to a layout.

write

indicator *

-

secmaster:alert:get

Grants the permission to obtain alert details.

read

alert *

-

secmaster:alert:create

Grants the permission to create an alert.

write

alert *

-

secmaster:alert:update

Grants the permission to update an alert.

write

alert *

-

secmaster:alert:list

Grants the permission to query the alert list.

list

alert *

-

secmaster:alert:delete

Grants the permission to delete an alert.

write

alert *

-

secmaster:alert:batchOrders

Grants the permission to convert an alert to an incident.

list

alert *

-

secmaster:alert:listTypes

Grants the permission to query the alert type list.

list

alert *

-

secmaster:alert:listCategories

Grants the permission to query the alert category list.

list

alert *

-

secmaster:alert:createType

Grants the permission to create an alert type.

write

alert *

-

secmaster:alert:updateType

Grants the permission to modify an alert type.

write

alert *

-

secmaster:alert:deleteType

Grants the permission to delete an alert type.

write

alert *

-

secmaster:alert:enableType

Grants the permission to enable or disable an alert type.

write

alert *

-

secmaster:alert:bindLayout

Grants the permissions to bind an alert type to a layout.

write

alert *

-

secmaster:incident:get

Grants the permission to obtain incident details.

read

incident *

-

secmaster:incident:create

Grants the permission to create an incident.

write

incident *

-

secmaster:incident:update

Grants the permission to update an incident.

write

incident *

-

secmaster:incident:list

Grants the permission to query the incident list.

list

incident *

-

secmaster:incident:listTypes

Grants the permission to obtain the incident type list.

list

incident *

-

secmaster:incident:delete

Grants the permission to delete an incident.

write

incident *

-

secmaster:incident:listCategories

Grants the permission to query the incident category list.

list

incident *

-

secmaster:incident:createType

Grants the permission to create an incident type.

write

incident *

-

secmaster:incident:updateType

Grant permission to modify an incident type.

write

incident *

-

secmaster:incident:deleteType

Grants the permission to delete an incident type.

write

incident *

-

secmaster:incident:enableType

Grants the permission to enable or disable an incident type.

write

incident *

-

secmaster:incident:bindLayout

Grants the permissions to bind an incident type to a layout.

write

incident *

-

secmaster:dataobject:createRelation

Grants the permission to create an object mapping.

write

dataobject *

-

secmaster:dataobject:deleteRelation

Grants the permission to delete an object mapping.

write

dataobject *

-

secmaster:dataobject:listRelation

Grants the permission to query the object mapping list.

list

dataobject *

-

secmaster:vulnerability:listGroup

Grants the permission to query the vulnerability group list.

list

vulnerability *

-

secmaster:vulnerability:getGroup

Grants the permission to obtain vulnerability group details.

read

vulnerability *

-

secmaster:vulnerability:exportGroup

Grants the permission to export the vulnerability group list.

list

vulnerability *

-

secmaster:vulnerability:listType

Grants the permission to query the vulnerability type list.

list

vulnerability *

-

secmaster:vulnerability:bindLayout

Grants the permission to bind a vulnerability type to a layout.

write

vulnerability *

-

secmaster:vulnerability:createType

Grants the permission to create a vulnerability type.

write

vulnerability *

-

secmaster:vulnerability:updateType

Grants the permission to modify a vulnerability type.

write

vulnerability *

-

secmaster:vulnerability:deleteType

Grants the permission to delete a vulnerability type.

write

vulnerability *

-

secmaster:vulnerability:enableType

Grants the permission to enable or disable a vulnerability type.

write

vulnerability *

-

secmaster:subscription:deletePostPaidOrder

Grants the permission to delete a pay-per-use order.

write

-

-

secmaster:subscription:createPostPaidOrder

Grants the permission to create a pay-per-use order.

write

-

-

secmaster:subscription:createPrePaidOrder

Grants the permission to create a yearly/monthly order.

write

-

-

secmaster:subscription:getVersion

Grants the permission to view the subscribed version.

read

-

-

secmaster:metric:getResult

Grants the permission to view the metric result.

read

metric *

-

secmaster:metric:listResults

Grants the permission to list metric results.

list

metric *

-

secmaster:metric:listHits

Grants the permission to list the hit metrics.

list

metric *

-

secmaster:agency:get

Grants the permission to view an agency.

read

-

-

secmaster:agency:create

Grants the permission to create an agency.

write

-

-

secmaster:resource:getStatistics

Grants the permission to view resource statistics.

read

resource *

-

secmaster:resource:list

Grants the permission to list resources.

list

resource *

-

secmaster:resource:import

Grants the permission to import resources.

write

resource *

-

secmaster:resource:getTemplate

Grants the permission to obtain the resource import template.

read

resource *

-

secmaster:report:list

Grants the permission to list reports.

list

report *

-

secmaster:report:get

Grants the permission to view a report.

read

report *

-

secmaster:report:create

Grants the permission to create a report.

write

report *

-

secmaster:report:update

Grants the permission to update a report.

write

report *

-

secmaster:report:delete

Grants the permission to delete a report.

write

report *

-

secmaster:emergencyVulnerability:updateReadStatus

Grants the permission to set the emergency vulnerability read status.

write

emergencyVulnerability *

-

secmaster:emergencyVulnerability:list

Grants the permission to list emergency vulnerabilities.

list

emergencyVulnerability *

-

secmaster:emergencyVulnerability:export

Grants the permission to export emergency vulnerabilities.

read

emergencyVulnerability *

-

secmaster:dataspace:list

Grants the permission to query the data space list.

list

dataspace *

-

secmaster:dataspace:create

Grants the permission to create a data space.

write

dataspace *

-

secmaster:dataspace:get

Grants the permission to query data space details.

read

dataspace *

-

secmaster:dataspace:update

Grants the permission to update a data space.

write

dataspace *

-

secmaster:dataspace:delete

Grants the permission to delete a data space.

write

dataspace *

-

secmaster:pipe:list

Grants the permission to query the data pipeline list.

list

pipe *

-

secmaster:pipe:create

Grants the permission to create a data pipeline.

write

pipe *

-

secmaster:pipe:get

Grants the permission to query data pipeline details.

read

pipe *

-

secmaster:pipe:update

Grants the permission to update a data pipeline.

write

pipe *

-

secmaster:pipe:delete

Grants the permission to delete a data pipeline.

write

pipe *

-

secmaster:pipe:getIndex

Grants the permission to query data pipeline indexes.

read

pipe *

-

secmaster:pipe:updateIndex

Grants the permission to update a data pipeline index.

write

pipe *

-

secmaster:pipe:getConsumption

Grants the permission to query data pipeline consumption.

read

pipe *

-

secmaster:pipe:createConsumption

Grants the permission to create pipeline consumption.

write

pipe *

-

secmaster:pipe:deleteConsumption

Grants the permission to delete pipeline consumption.

write

pipe *

-

secmaster:search:listLogs

Grants the permission to query data.

list

workspace *

-

secmaster:search:listHistograms

Grants the permission to query the data distribution histogram.

list

workspace *

-

secmaster:search:createAnalysis

Grants the permission to execute security analysis.

write

workspace *

-

secmaster:searchCondition:list

Grants the permission to query the list of search criteria.

list

searchCondition *

-

secmaster:searchCondition:create

Grants the permission to create search criteria.

write

searchCondition *

-

secmaster:searchCondition:get

Grants the permission to query search criteria details.

read

searchCondition *

-

secmaster:searchCondition:update

Grants the permission to update search criteria.

write

searchCondition *

-

secmaster:searchCondition:delete

Grants the permission to delete search criteria.

write

searchCondition *

-

secmaster:alertRule:list

Grants the permission to query an alert model.

list

alertRule *

-

secmaster:alertRule:create

Grants the permission to create an alert model.

write

alertRule *

-

secmaster:alertRule:get

Grants the permission to query alert model details.

read

alertRule *

-

secmaster:alertRule:update

Grants the permission to modify an alert model.

write

alertRule *

-

secmaster:alertRule:delete

Grants the permission to delete an alert model.

write

alertRule *

-

secmaster:alertRule:enable

Grants the permission to enable an alert model.

write

alertRule *

-

secmaster:alertRule:disable

Grants the permission to disable an alert model.

write

alertRule *

-

secmaster:alertRule:listMetrics

Grants the permission to query an alert model overview.

list

alertRule *

-

secmaster:alertRule:createSimulation

Grants the permission to simulate an alert model.

write

alertRule *

-

secmaster:alertRuleTemplate:list

Grants the permission to query an alert template.

list

alertRuleTemplate *

-

secmaster:alertRuleTemplate:get

Grants the permission to query alert template details.

read

alertRuleTemplate *

-

secmaster:alertRuleTemplate:listMetrics

Grants the permission to query the alert template overview.

list

alertRuleTemplate *

-

secmaster:dataclass:create

Grants the permission to create a data class.

write

dataclass *

-

secmaster:dataclass:update

Grants the permission to update a data class.

write

dataclass *

-

secmaster:dataclass:delete

Grants the permission to delete a data class.

write

dataclass *

-

secmaster:dataclass:get

Grants the permission to obtain data class details.

read

dataclass *

-

secmaster:dataclass:list

Grants the permission to query the data class list.

list

dataclass *

-

secmaster:dataclass:createField

Grants the permission to create a field.

write

dataclass *

-

secmaster:dataclass:updateField

Grants the permission to update a field.

write

dataclass *

-

secmaster:dataclass:deleteField

Grants the permission to delete a field.

write

dataclass *

-

secmaster:dataclass:getField

Grants the permission to obtain field details.

read

dataclass *

-

secmaster:dataclass:listFields

Grants the permission to query the field list.

list

dataclass *

-

secmaster:dataclass:getType

Grants the permission to obtain type details.

read

dataclass *

-

secmaster:dataclass:listTypes

Grants the permission to query the type list.

list

dataclass *

-

secmaster:mapping:update

Grants the permission to update the categorical mapping status.

write

mapping *

-

secmaster:mapping:list

Grant permission to search for the categorical mapping list.

list

mapping *

-

secmaster:mapping:getDatasource

Grants the permission to obtain the categorical mapping data source.

read

mapping *

-

secmaster:mapping:listFunctions

Grants the permission to obtain a categorical mapping function.

list

mapping *

-

secmaster:mapping:delete

Grants the permission to delete a categorical mapping.

write

mapping *

-

secmaster:mapping:copy

Grants the permission to copy a categorical mapping.

write

mapping *

-

secmaster:mapping:createClassifier

Grants the permission to create a category.

write

mapping *

-

secmaster:mapping:updateClassifier

Grants the permission to update a category.

write

mapping *

-

secmaster:mapping:getClassifier

Grants the permission to obtain category information.

read

mapping *

-

secmaster:mapping:deleteClassifier

Grants the permission to delete a category.

write

mapping *

-

secmaster:mapping:createMapper

Grants the permission to create a mapping.

write

mapping *

-

secmaster:mapping:updateMapper

Grants the permission to update a mapping.

write

mapping *

-

secmaster:mapping:listMappers

Grants the permission to query the mapping list.

list

mapping *

-

secmaster:mapping:getMapper

Grants the permission to obtain the mapping information.

read

mapping *

-

secmaster:mapping:deleteMapper

Grants the permission to delete a mapping.

write

mapping *

-

secmaster:layout:listBusinessTypes

Grants the permission to obtain the layout type list.

list

layout *

-

secmaster:layout:list

Grants the permission to query the layout list.

list

layout *

-

secmaster:layout:create

Grants the permission to create a layout.

write

layout *

-

secmaster:layout:delete

Grants the permission to delete a layout.

write

layout *

-

secmaster:layout:update

Grants the permission to update a layout.

write

layout *

-

secmaster:layout:get

Grants the permission to query a layout.

read

layout *

-

secmaster:layout:createTemplate

Grants the permission to save a layout as a template.

write

layout *

-

secmaster:layout:createField

Grants the permission to create a layout field.

write

layout *

-

secmaster:layout:listFields

Grants the permission to obtain the layout field list.

list

layout *

-

secmaster:layout:getField

Grants the permission to obtain layout field details.

read

layout *

-

secmaster:layout:updateFiled

Grants the permission to update a layout field.

write

layout *

-

secmaster:layout:deleteField

Grants the permission to delete a layout field.

write

layout *

-

secmaster:layout:listWizards

Grants the permission to obtain a page.

list

layout *

-

secmaster:layout:createWizard

Grants the permission to create a page.

write

layout *

-

secmaster:layout:getWizard

Grants the permission to obtain page details.

read

layout *

-

secmaster:layout:deleteWizard

Grants the permission to delete a page.

write

layout *

-

secmaster:layout:updateWizard

Grants the permission to update a page.

write

layout *

-

secmaster:catalogue:list

Grants the permissions to query the directory list.

list

catalogue *

-

secmaster:catalogue:update

Grants the permission to update a directory.

write

catalogue *

-

secmaster:playbook:export

Grants the permission to export playbooks.

read

playbook *

-

secmaster:playbook:import

Grants the permission to import playbooks.

write

playbook *

-

secmaster:indicator:downloadTemplate

Grants the permission to download the indicator template.

read

indicator *

-

secmaster:indicator:export

Grants the permission to export indicators.

read

indicator *

-

secmaster:indicator:import

Grants the permission to import indicators.

write

indicator *

-

secmaster:table:list

Grants the permission to query a table.

list

table *

-

secmaster:table:create

Grants the permission to create a table.

write

table *

-

secmaster:table:get

Grants the permission to query table details.

read

table *

-

secmaster:table:update

Grants the permission to modify a table.

write

table *

-

secmaster:table:delete

Grants the permission to delete a table.

write

table *

-

secmaster:table:createLock

Grants the permission to lock a table.

write

table *

-

secmaster:table:deleteLock

Grants the permission to unlock a table.

write

table *

-

secmaster:table:listMetrics

Grants the permission to query table overview.

list

table *

-

secmaster:table:updateSchema

Grants the permission to design a table.

write

table *

-

Each API of SecMaster usually supports one or more actions. Table 2 lists the supported actions and dependencies.

Table 2 Actions and dependencies supported by SecMaster APIs

API

Action

Dependencies

GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/{playbook_id}

secmaster:playbook:get

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks

secmaster:playbook:create

-

DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/{playbook_id}

secmaster:playbook:delete

-

PUT /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/{playbook_id}

secmaster:playbook:update

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks

secmaster:playbook:list

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/statistics

secmaster:playbook:getStatistics

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/{playbook_id}/monitor

secmaster:playbook:getMonitor

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{playbook_version_id}/clone

secmaster:playbook:copyVersion

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{playbook_version_id}/approve

secmaster:playbook:approve

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/approval

secmaster:playbook:listApproves

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/instances

secmaster:playbook:listInstances

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/instances/auditlogs

secmaster:playbook:getInstanceAuditlog

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions

secmaster:playbook:createVersion

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks​/versions​/{playbook_version_id}​/rules

secmaster:playbook:createVersionRule

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks​/versions​/{playbook_version_id}​/actions

secmaster:playbook:createVersionAction

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{playbook_version_id}

secmaster:playbook:getVersion

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks​/versions​/{playbook_version_id}​/rules​/{rule_id}

secmaster:playbook:getVersionRule

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{playbook_version_id}

secmaster:playbook:deleteVersion

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions​/{playbook_version_id}​/rules​/{rule_id}

secmaster:playbook:deleteVersionRule

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks​/versions​/{playbook_version_id}​/actions​/{action_id}

secmaster:playbook:deleteVersionAction

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{playbook_version_id}

secmaster:playbook:updateVersion

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks​/versions​/{playbook_version_id}​/rules​/{rule_id}

secmaster:playbook:updateVersionRule

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks​/versions​/{playbook_version_id}​/actions​/{action_id}

secmaster:playbook:updateVersionAction

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/{playbook_id}/versions

secmaster:playbook:listVersions

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks​/versions​/{playbook_version_id}​/actions

secmaster:playbook:listVersionActions

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/instances/{instance_id}

secmaster:playbook:getInstance

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/instances/{instance_id}/topology

secmaster:playbook:getInstanceTopology

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/instances/{instance_id}/operation

secmaster:playbook:operateInstance

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/workflows

secmaster:workflow:list

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}

secmaster:workflow:get

-

DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}

secmaster:workflow:delete

-

GET /v1/{project_id}/workspacesPOST /v1/{project_id}/workspaces/{workspace_id}/soc/workflows

secmaster:workflow:create

-

PUT /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}

secmaster:workflow:update

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}/versions

secmaster:workflow:listVersions

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}/versions/{version_id}

secmaster:workflow:getVersion

-

DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}/versions/{version_id}

secmaster:workflow:deleteVersion

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}/versions

secmaster:workflow:createVersion

-

PUT /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}/versions/{version_id}

secmaster:workflow:updateVersion

-

PUT /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}/versions/{version_id}/approval

secmaster:workflow:approveVersion

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}/validation

secmaster:workflow:validate

-

PUT /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}/versions/{version_id}/debug/result

secmaster:workflow:simulate

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/instances/{instance_id}/topology

secmaster:workflow:getInstance

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}/instances

secmaster:workflow:operateInstance

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/assetcredentials

secmaster:connection:list

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/assetcredentials

secmaster:connection:create

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/assetcredentials/{asset_id}

secmaster:connection:get

-

DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/assetcredentials/{asset_id}

secmaster:connection:delete

-

PUT /v1/{project_id}/workspaces/{workspace_id}/soc/assetcredentials/{asset_id}

secmaster:connection:update

-

GET /v1/{project_id}/workspaces

secmaster:workspace:list

-

POST /v1/{project_id}/workspaces

secmaster:workspace:create

-

PUT /v1/{project_id}/workspaces/{workspace_id}

secmaster:workspace:update

-

GET /v1/{project_id}/workspaces/v1/{project_id}/workspaces/{workspace_id}

secmaster:workspace:get

-

DELETE /v1/{project_id}/workspaces/{workspace_id}

secmaster:workspace:delete

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/tasks

secmaster:task:list

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/tasks

secmaster:task:create

-

PUT /v1/{project_id}/workspaces/{workspace_id}/soc/tasks/{task_id}

secmaster:task:update

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/tasks/{task_id}

secmaster:task:get

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/indicators/{indicator_id}

secmaster:indicator:get

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/indicators

secmaster:indicator:create

-

PUT /v1/{project_id}/workspaces/{workspace_id}/soc/indicators/{indicator_id}

secmaster:indicator:update

-

DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/indicators/{indicator_id}

secmaster:indicator:delete

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/indicators/search

secmaster:indicator:list

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/indicators/types

secmaster:indicator:listTypes

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/indicators/types/layout

secmaster:indicator:bindLayout

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/{alert_id}

secmaster:alert:get

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/alerts

secmaster:alert:create

-

PUT /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/{alert_id}

secmaster:alert:update

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/search

secmaster:alert:list

-

DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/alerts

secmaster:alert:delete

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/batch-order

secmaster:alert:batchOrders

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/types

secmaster:alert:listTypes

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/types/category

secmaster:alert:listCategories

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/types

secmaster:alert:createType

-

PUT /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/types/{dataclass_type_id}

secmaster:alert:updateType

-

DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/types

secmaster:alert:deleteType

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/types/enable

secmaster:alert:enableType

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/types/layout

secmaster:alert:bindLayout

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/incidents/{incident_id}

secmaster:incident:get

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/incidents

secmaster:incident:create

-

PUT /v1/{project_id}/workspaces/{workspace_id}/soc/incidents/{incident_id}

secmaster:incident:update

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/incidents/search

secmaster:incident:list

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/incidents/types

secmaster:incident:listTypes

-

DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/incidents

secmaster:incident:delete

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/incidents/types/category

secmaster:incident:listCategories

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/incidents/types

secmaster:incident:createType

-

PUT /v1/{project_id}/workspaces/{workspace_id}/soc/incidents/types/{dataclass_type_id}

secmaster:incident:updateType

-

DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/incidents/types

secmaster:incident:deleteType

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/incidents/enable

secmaster:incident:enableType

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/incidents/types/layout

secmaster:incident:bindLayout

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/{dataclass_type}/{data_object_id}/{related_dataclass_type}

secmaster:dataobject:createRelation

-

DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/{dataclass_type}/{data_object_id}/{related_dataclass_type}

secmaster:dataobject:deleteRelation

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/{dataclass_type}/{data_object_id}/{related_dataclass_type}/search

secmaster:dataobject:listRelation

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/vulnerability/search

secmaster:vulnerability:listGroup

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/vulnerability/{vul_id}

secmaster:vulnerability:getGroup

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/vulnerability/export

secmaster:vulnerability:exportGroup

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/vulnerabilities/types

secmaster:vulnerability:listType

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/vulnerabilities/types/layout

secmaster:vulnerability:bindLayout

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/vulnerabilities/types

secmaster:vulnerability:createType

-

PUT /v1/{project_id}/workspaces/{workspace_id}/soc/vulnerabilities/types/{dataclass_type_id}

secmaster:vulnerability:updateType

-

DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/vulnerabilities/types

secmaster:vulnerability:deleteType

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/vulnerabilities/types/enable

secmaster:vulnerability:enableType

-

DELETE /v1/{project_id}/subscriptions/orders

secmaster:subscription:deletePostPaidOrder

-

POST /v1/{project_id}/subscriptions/orders

secmaster:subscription:createPostPaidOrder

-

POST /v1/{project_id}/subscriptions/orders/{order_id}

secmaster:subscription:createPrePaidOrder

-

GET /v1/{project_id}/subscriptions/version

secmaster:subscription:getVersion

-

GET /v1/{project_id}/workspaces/{workspace_id}/sa/metrics/{metric_id}/result

secmaster:metric:getResult

-

POST /v1/{project_id}/workspaces/{workspace_id}/sa/metrics/results

secmaster:metric:listResults

-

POST /v1/{project_id}/workspaces/{workspace_id}/sa/metrics/hits

secmaster:metric:listHits

-

GET /v1/{project_id}/agency

secmaster:agency:get

-

POST /v1/{project_id}/agency

secmaster:agency:create

-

GET /v1/{project_id}/workspaces/{workspace_id}/resource-statistics

secmaster:resource:getStatistics

-

GET /v1/{project_id}/workspaces/{workspace_id}/resources

secmaster:resource:list

-

POST /v1/{project_id}/workspaces/{workspace_id}/sa/resources/import

secmaster:resource:import

-

GET /v1/{project_id}/workspaces/{workspace_id}/sa/resource/template

secmaster:resource:getTemplate

-

GET /v1/{project_id}/workspaces/{workspace_id}/sa/reports

secmaster:report:list

-

GET /v1/{project_id}/workspaces/{workspace_id}/sa/reports/{report_id}

secmaster:report:get

-

POST /v1/{project_id}/workspaces/{workspace_id}/sa/reports

secmaster:report:create

-

PUT /v1/{project_id}/workspaces/{workspace_id}/sa/reports/{report_id}

secmaster:report:update

-

DELETE /v1/{project_id}/workspaces/{workspace_id}/sa/reports/{report_id}

secmaster:report:delete

-

POST /v1/{project_id}/workspaces/{workspace_id}/sa/vulnerability/read-status

secmaster:emergencyVulnerability:updateReadStatus

-

GET /v1/{project_id}/workspaces/{workspace_id}/sa/vulnerability/list

secmaster:emergencyVulnerability:list

-

GET /v1/{project_id}/workspaces/{workspace_id}/sa/vulnerability/export

secmaster:emergencyVulnerability:export

-

GET /v1/{project_id}/workspaces/{workspace_id}/siem/dataspaces

secmaster:dataspace:list

-

POST /v1/{project_id}/workspaces/{workspace_id}/siem/dataspaces

secmaster:dataspace:create

-

GET /v1/{project_id}/workspaces/{workspace_id}/siem/dataspaces/{dataspace_id}

secmaster:dataspace:get

-

PUT /v1/{project_id}/workspaces/{workspace_id}/siem/dataspaces/{dataspace_id}

secmaster:dataspace:update

-

DELETE /v1/{project_id}/workspaces/{workspace_id}/siem/dataspaces/{dataspace_id}

secmaster:dataspace:delete

-

GET /v1/{project_id}/workspaces/{workspace_id}/siem/pipes

secmaster:pipe:list

-

POST /v1/{project_id}/workspaces/{workspace_id}/siem/pipes

secmaster:pipe:create

-

GET /v1/{project_id}/workspaces/{workspace_id}/siem/pipes/{pipe_id}

secmaster:pipe:get

-

PUT /v1/{project_id}/workspaces/{workspace_id}/siem/pipes/{pipe_id}

secmaster:pipe:update

-

DELETE /v1/{project_id}/workspaces/{workspace_id}/siem/pipes/{pipe_id}

secmaster:pipe:delete

-

GET /v1/{project_id}/workspaces/{workspace_id}/siem/pipes/{pipe_id}/index

secmaster:pipe:getIndex

-

PUT /v1/{project_id}/workspaces/{workspace_id}/siem/pipes/{pipe_id}/index

secmaster:pipe:updateIndex

-

GET /v1/{project_id}/workspaces/{workspace_id}/siem/pipes/{pipe_id}/consumption

secmaster:pipe:getConsumption

-

POST /v1/{project_id}/workspaces/{workspace_id}/siem/pipes/{pipe_id}/consumption

secmaster:pipe:createConsumption

-

DELETE /v1/{project_id}/workspaces/{workspace_id}/siem/pipes/{pipe_id}/consumption

secmaster:pipe:deleteConsumption

-

POST /v1/{project_id}/workspaces/{workspace_id}/siem/search/logs

secmaster:search:listLogs

-

POST /v1/{project_id}/workspaces/{workspace_id}/siem/search/histograms

secmaster:search:listHistograms

-

POST /v1/{project_id}/workspaces/{workspace_id}/siem/search/analysis

secmaster:search:createAnalysis

-

GET /v1/{project_id}/workspaces/{workspace_id}/siem/search/conditions

secmaster:searchCondition:list

-

POST /v1/{project_id}/workspaces/{workspace_id}/siem/search/conditions

secmaster:searchCondition:create

-

GET /v1/{project_id}/workspaces/{workspace_id}/siem/search/conditions/{condition_id}

secmaster:searchCondition:get

-

PUT /v1/{project_id}/workspaces/{workspace_id}/siem/search/conditions/{condition_id}

secmaster:searchCondition:update

-

DELETE /v1/{project_id}/workspaces/{workspace_id}/siem/search/conditions/{condition_id}

secmaster:searchCondition:delete

-

GET /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules

secmaster:alertRule:list

-

POST /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules

secmaster:alertRule:create

-

GET /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules/{rule_id}

secmaster:alertRule:get

-

PUT /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules/{rule_id}

secmaster:alertRule:update

-

DELETE /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules

secmaster:alertRule:delete

-

POST /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules/enable

secmaster:alertRule:enable

-

POST /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules/disable

secmaster:alertRule:disable

-

GET /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules/metrics

secmaster:alertRule:listMetrics

-

POST /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules/simulation

secmaster:alertRule:createSimulation

-

GET /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules/templates

secmaster:alertRuleTemplate:list

-

GET /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules/templates/{template_id}

secmaster:alertRuleTemplate:get

-

GET /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules/templates/metrics

secmaster:alertRuleTemplate:listMetrics

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses

secmaster:dataclass:create

-

PUT /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id}

secmaster:dataclass:update

-

DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id}

secmaster:dataclass:delete

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id}

secmaster:dataclass:get

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses

secmaster:dataclass:list

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id}/fields

secmaster:dataclass:createField

-

PUT /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id}/fields/{field_id}

secmaster:dataclass:updateField

-

DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id}/fields

secmaster:dataclass:deleteField

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id}/fields/{field_id}

secmaster:dataclass:getField

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id}/fields

secmaster:dataclass:listFields

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id}/types/{dataclass_type_id}

secmaster:dataclass:getType

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id}/types

secmaster:dataclass:listTypes

-

PUT /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/{mapping_id}/status

secmaster:mapping:update

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/search

secmaster:mapping:list

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/data-source

secmaster:mapping:getDatasource

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/functions

secmaster:mapping:listFunctions

-

DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/{mapping_id}

secmaster:mapping:delete

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/{mapping_id}/clone

secmaster:mapping:copy

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/classifiers

secmaster:mapping:createClassifier

-

PUT /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/classifiers/{classifier_id}

secmaster:mapping:updateClassifier

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/classifiers/{classifier_id}

secmaster:mapping:getClassifier

-

DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/classifiers/{classifier_id}

secmaster:mapping:deleteClassifier

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/mappers

secmaster:mapping:createMapper

-

PUT /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/mappers/{mapper_id}

secmaster:mapping:updateMapper

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/mappers/search

secmaster:mapping:listMappers

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/mappers/{mapper_id}

secmaster:mapping:getMapper

-

DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/mappers/{mapper_id}

secmaster:mapping:deleteMapper

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/business-type

secmaster:layout:listBusinessTypes

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/search

secmaster:layout:list

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/layouts

secmaster:layout:create

-

DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/layouts

secmaster:layout:delete

-

PUT /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/{layout_id}

secmaster:layout:update

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/{layout_id}

secmaster:layout:get

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/template

secmaster:layout:createTemplate

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/{layout_id}/fields

secmaster:layout:createField

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/{layout_id}/fields

secmaster:layout:listFields

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/{layout_id}/fields/{field_id}

secmaster:layout:getField

-

PUT /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/{layout_id}/fields/{field_id}

secmaster:layout:updateFiled

-

DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/{layout_id}/fields

secmaster:layout:deleteField

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/{layout_id}/wizards

secmaster:layout:listWizards

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/{layout_id}/wizards

secmaster:layout:createWizard

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/wizards/{wizard_id};/v1/{project_id}/workspaces/{workspace_id}/soc/layouts/wizards

secmaster:layout:getWizard

-

DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/wizards/{wizard_id}

secmaster:layout:deleteWizard

-

PUT /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/wizards

secmaster:layout:updateWizard

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/catalogues/search;/v1/{project_id}/workspaces/{workspace_id}/soc/catalogues

secmaster:catalogue:list

-

PUT /v1/{project_id}/workspaces/{workspace_id}/soc/catalogues/{catalogue_id}

secmaster:catalogue:update

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/export

secmaster:playbook:export

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/import

secmaster:playbook:import

-

GET /v1/{project_id}/workspaces/{workspace_id}/soc/indicators/template/download

secmaster:indicator:downloadTemplate

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/indicators/export

secmaster:indicator:export

-

POST /v1/{project_id}/workspaces/{workspace_id}/soc/indicators/import

secmaster:indicator:import

-

GET /v2/{project_id}/workspaces/{workspace_id}/siem/tables

secmaster:table:list

-

-POST /v2/{project_id}/workspaces/{workspace_id}/siem/tables

secmaster:table:create

-

GET /v2/{project_id}/workspaces/{workspace_id}/siem/tables/{table_id}

secmaster:table:get

-

PUT /v2/{project_id}/workspaces/{workspace_id}/siem/tables/{table_id}

secmaster:table:update

-

DELETE /v2/{project_id}/workspaces/{workspace_id}/siem/tables/{table_id}

secmaster:table:delete

-

POST /v2/{project_id}/workspaces/{workspace_id}/siem/tables/{table_id}/lock

secmaster:table:createLock

-

DELETE /v2/{project_id}/workspaces/{workspace_id}/siem/tables/{table_id}/lock

secmaster:table:deleteLock

-

GET /v2/{project_id}/workspaces/{workspace_id}/siem/tables/metrics

secmaster:table:listMetrics

-

PUT /v2/{project_id}/workspaces/{workspace_id}/siem/tables/{table_id}/schema

secmaster:table:updateSchema

-

Resources

A resource type indicates the resources that an SCP applies to. If you specify a resource type for any action in Table 3, the resource URN must be specified in the SCP statements using that action, and the SCP applies only to resources of this type. If no resource type is specified, the Resource element is marked with an asterisk (*) and the SCP applies to all resources. You can also set condition keys in an SCP to define resource types.

The following table lists the resource types that you can define in SCP statements for SecMaster.

Table 3 Resource types supported by SecMaster

Resource Type

URN

workspace

secmaster:<region>:<account-id>:workspace:<workspace-id>

playbook

secmaster:<region>:<account-id>:playbook:<workspace-id>/<playbook-id>

workflow

secmaster:<region>:<account-id>:workflow:<workspace-id>/<workflow-id>

connection

secmaster:<region>:<account-id>:connection:<workspace-id>/<connection-id>

task

secmaster:<region>:<account-id>:task:<workspace-id>/<task-id>

indicator

secmaster:<region>:<account-id>:indicator:<workspace-id>/<indicator-id>

alert

secmaster:<region>:<account-id>:alert:<workspace-id>/<alert-id>

incident

secmaster:<region>:<account-id>:incident:<workspace-id>/<incident-id>

dataobject

secmaster:<region>:<account-id>:dataobject:<workspace-id>/<dataobject-id>

metric

secmaster:<region>:<account-id>:metric:<workspace-id>/<metric-id>

resource

secmaster:<region>:<account-id>:resource:<workspace-id>/<resource-id>

report

secmaster:<region>:<account-id>:report:<workspace-id>/<report-id>

emergencyVulnerability

secmaster:<region>:<account-id>:emergencyVulnerability:<workspace-id>/<emergency-vulnerability-id>

dataspace

secmaster:<region>:<account-id>:dataspace:<workspace-id>/<dataspace-id>

pipe

secmaster:<region>:<account-id>:pipe:<workspace-id>/<pipe-id>

alertRule

secmaster:<region>:<account-id>:alertRule:<workspace-id>/<alertRule-id>

vulnerability

secmaster:<region>:<account-id>:vulnerability:<workspace-id>/<vulnerability-id>

alertRuleTemplate

secmaster:<region>:<account-id>:alertRuleTemplate:<workspace-id>/<alertRuleTemplate-id>

searchCondition

secmaster:<region>:<account-id>:searchCondition:<workspace-id>/<searchCondition-id>

dataclass

secmaster:<region>:<account-id>:dataclass:<workspace-id>/<dataclass-id>

mapping

secmaster:<region>:<account-id>:mapping:<workspace-id>/<mapping-id>

layout

secmaster:<region>:<account-id>:layout:<workspace-id>/<layout-id>

catalogue

secmaster:<region>:<account-id>:catalogue:<workspace-id>/<catalogue-id>

table

secmaster:<region>:<account-id>:table:<workspace-id>/<table-id>

Conditions

SecMaster does not support service-specific condition keys in SCP statements. SecMaster can use global condition keys applicable to all services. For details, see Global Condition Keys.

Parent topic: Security & Compliance