安全云脑 SecMaster
Organizations服务中的服务控制策略(Service Control Policy,以下简称SCP)可以使用以下授权项元素设置访问控制策略。
SCP不直接进行授权,只划定权限边界。将SCP绑定到组织单元或者成员账号时,并没有直接对组织单元或成员账号授予操作权限,而是规定了成员账号或组织单元包含的成员账号的授权范围。
本章节介绍组织服务中SCP使用的元素,这些元素包含了操作(Action)、资源(Resource)和条件(Condition)。
如何使用这些元素编辑SCP自定义策略,请参考创建SCP。
操作(Action)
操作(Action)即为SCP中支持的授权项。
- “访问级别”列描述如何对操作进行分类(list、read和write等)。此分类可帮助您了解在SCP中相应操作对应的访问级别。
- “资源类型”列指每个操作是否支持资源级权限。
- 资源类型支持通配符号*表示所有。如果此列没有值(-),则必须在SCP语句的Resource元素中指定所有资源类型(“*”)。
- 如果该列包含资源类型,则必须在具有该操作的语句中指定该资源的URN。
- 资源类型列中必需资源在表中用星号(*)标识,表示使用此操作必须指定该资源类型。
关于SecMaster定义的资源类型的详细信息请参见资源类型(Resource)。
- “条件键”列包括了可以在SCP语句的Condition元素中支持指定的键值。
- 如果该授权项资源类型列存在值,则表示条件键仅对列举的资源类型生效。
- 如果该授权项资源类型列没有值(-),则表示条件键对整个授权项生效。
- 如果此列没有值(-),表示此操作不支持指定条件键。
关于SecMaster定义的条件键的详细信息请参见条件(Condition)。
您可以在SCP语句的Action元素中指定以下SecMaster的相关操作。
|
授权项 |
描述 |
访问级别 |
资源类型(*为必须) |
条件键 |
|---|---|---|---|---|
|
secmaster:playbook:get |
授予权限获取剧本详情。 |
read |
playbook * |
- |
|
secmaster:playbook:create |
授予权限创建剧本。 |
write |
playbook * |
- |
|
secmaster:playbook:delete |
授予权限删除剧本。 |
write |
playbook * |
- |
|
secmaster:playbook:update |
授予权限更新剧本。 |
write |
playbook * |
- |
|
secmaster:playbook:list |
授予权限获取剧本列表。 |
list |
playbook * |
- |
|
secmaster:playbook:getStatistics |
授予权限获取剧本统计数据。 |
read |
playbook * |
- |
|
secmaster:playbook:getMonitor |
授予权限获取剧本运行监控数据。 |
read |
playbook * |
- |
|
secmaster:playbook:copyVersion |
授予权限克隆剧本版本。 |
write |
playbook * |
- |
|
secmaster:playbook:approve |
授予权限审核剧本。 |
write |
playbook * |
- |
|
secmaster:playbook:listApproves |
授予权限查询审核列表。 |
list |
playbook * |
- |
|
secmaster:playbook:listInstances |
授予权限查询实例列表。 |
list |
playbook * |
- |
|
secmaster:playbook:getInstanceAuditlog |
授予权限查询实例审计日志列表。 |
list |
playbook * |
- |
|
secmaster:playbook:createVersion |
授予权限创建剧本版本。 |
write |
playbook * |
- |
|
secmaster:playbook:createVersionRule |
授予权限创建剧本版本规则。 |
write |
playbook * |
- |
|
secmaster:playbook:createVersionAction |
授予权限创建剧本版本动作。 |
write |
playbook * |
- |
|
secmaster:playbook:getVersion |
授予权限获取剧本版本。 |
read |
playbook * |
- |
|
secmaster:playbook:getVersionRule |
授予权限获取剧本版本规则。 |
read |
playbook * |
- |
|
secmaster:playbook:deleteVersion |
授予权限删除剧本版本。 |
write |
playbook * |
- |
|
secmaster:playbook:deleteVersionRule |
授予权限删除剧本版本规则。 |
write |
playbook * |
- |
|
secmaster:playbook:deleteVersionAction |
授予权限删除剧本版本动作。 |
write |
playbook * |
- |
|
secmaster:playbook:updateVersion |
授予权限更新剧本版本。 |
write |
playbook * |
- |
|
secmaster:playbook:updateVersionRule |
授予权限更新剧本版本规则。 |
write |
playbook * |
- |
|
secmaster:playbook:updateVersionAction |
授予权限更新剧本版本动作。 |
write |
playbook * |
- |
|
secmaster:playbook:listVersions |
授予权限获取剧本版本列表。 |
list |
playbook * |
- |
|
secmaster:playbook:listVersionActions |
授予权限获取剧本版本动作列表。 |
list |
playbook * |
- |
|
secmaster:playbook:getInstance |
授予权限查询实例详情。 |
read |
playbook * |
- |
|
secmaster:playbook:getInstanceTopology |
授予权限查询实例拓扑详情。 |
read |
playbook * |
- |
|
secmaster:playbook:operateInstance |
授予权限操作剧本实例。 |
write |
playbook * |
- |
|
secmaster:workflow:list |
授予权限查询流程列表。 |
list |
workflow * |
- |
|
secmaster:workflow:get |
授予权限获取流程的详情。 |
read |
workflow * |
- |
|
secmaster:workflow:delete |
授予权限删除流程。 |
write |
workflow * |
- |
|
secmaster:workflow:create |
授予权限创建流程。 |
write |
workflow * |
- |
|
secmaster:workflow:update |
授予权限更新流程。 |
write |
workflow * |
- |
|
secmaster:workflow:listVersions |
授予权限获取流程版本的列表。 |
list |
workflow * |
- |
|
secmaster:workflow:getVersion |
授予权限获取流程的版本详情。 |
read |
workflow * |
- |
|
secmaster:workflow:deleteVersion |
授予权限删除流程的版本。 |
write |
workflow * |
- |
|
secmaster:workflow:createVersion |
授予权限创建流程版本。 |
write |
workflow * |
- |
|
secmaster:workflow:updateVersion |
授予权限更新流程的版本。 |
write |
workflow * |
- |
|
secmaster:workflow:approveVersion |
授予权限审核流程版本。 |
write |
workflow * |
- |
|
secmaster:workflow:validate |
授予权限校验流程的版本。 |
write |
workflow * |
- |
|
secmaster:workflow:simulate |
授予权限更新流程版本调试结果。 |
write |
workflow * |
- |
|
secmaster:workflow:getInstance |
授予权限流程实例拓扑图。 |
read |
workflow * |
- |
|
secmaster:workflow:operateInstance |
授予权限更新或创建流程实例。 |
write |
workflow * |
- |
|
secmaster:connection:list |
授予权限查询资产连接列表。 |
list |
connection * |
- |
|
secmaster:connection:create |
授予权限创建资产连接。 |
write |
connection * |
- |
|
secmaster:connection:get |
授予权限获取资产连接详情。 |
read |
connection * |
- |
|
secmaster:connection:delete |
授予权限删除资产连接。 |
write |
connection * |
- |
|
secmaster:connection:update |
授予权限更新资产连接。 |
write |
connection * |
- |
|
secmaster:workspace:list |
授予权限查询工作空间列表。 |
list |
workspace * |
- |
|
secmaster:workspace:create |
授予权限创建工作空间。 |
write |
workspace * |
- |
|
secmaster:workspace:update |
授予权限更新工作空间。 |
write |
workspace * |
- |
|
secmaster:workspace:get |
授予权限获取工作空间详情。 |
read |
workspace * |
- |
|
secmaster:workspace:delete |
授予权限删除工作空间。 |
write |
workspace * |
- |
|
secmaster:task:list |
授予权限查询待办列表。 |
list |
task * |
- |
|
secmaster:task:create |
授予权限创建待办。 |
write |
task * |
- |
|
secmaster:task:update |
授予权限更新待办。 |
write |
task * |
- |
|
secmaster:task:get |
授予权限获取待办详情。 |
read |
task * |
- |
|
secmaster:indicator:get |
授予权限获取情报详情。 |
read |
indicator * |
- |
|
secmaster:indicator:create |
授予权限创建情报。 |
write |
indicator * |
- |
|
secmaster:indicator:update |
授予权限更新情报。 |
write |
indicator * |
- |
|
secmaster:indicator:delete |
授予权限删除情报。 |
write |
indicator * |
- |
|
secmaster:indicator:list |
授予权限查询情报列表。 |
read |
indicator * |
- |
|
secmaster:indicator:listTypes |
授予权限查询情报类型列表。 |
list |
indicator * |
- |
|
secmaster:indicator:bindLayout |
授予权限绑定情报类型与布局关联。 |
write |
indicator * |
- |
|
secmaster:alert:get |
授予权限获取告警详情。 |
read |
alert * |
- |
|
secmaster:alert:create |
授予权限创建告警。 |
write |
alert * |
- |
|
secmaster:alert:update |
授予权限更新告警。 |
write |
alert * |
- |
|
secmaster:alert:list |
授予权限搜索告警列表。 |
list |
alert * |
- |
|
secmaster:alert:delete |
授予权限删除告警。 |
write |
alert * |
- |
|
secmaster:alert:batchOrders |
授予权限告警转事件。 |
list |
alert * |
- |
|
secmaster:alert:listTypes |
授予权限查询告警类型列表。 |
list |
alert * |
- |
|
secmaster:alert:listCategories |
授予权限查询告警类别列表。 |
list |
alert * |
- |
|
secmaster:alert:createType |
授予权限创建告警类型。 |
write |
alert * |
- |
|
secmaster:alert:updateType |
授予权限修改告警类型。 |
write |
alert * |
- |
|
secmaster:alert:deleteType |
授予权限删除告警类型。 |
write |
alert * |
- |
|
secmaster:alert:enableType |
授予权限启用/禁用告警类型。 |
write |
alert * |
- |
|
secmaster:alert:bindLayout |
授予权限绑定告警类型与布局关联。 |
write |
alert * |
- |
|
secmaster:incident:get |
授予权限获取事件详情。 |
read |
incident * |
- |
|
secmaster:incident:create |
授予权限创建事件。 |
write |
incident * |
- |
|
secmaster:incident:update |
授予权限更新事件。 |
write |
incident * |
- |
|
secmaster:incident:list |
授予权限搜索事件列表。 |
list |
incident * |
- |
|
secmaster:incident:listTypes |
授予权限获取事件的类型列表。 |
list |
incident * |
- |
|
secmaster:incident:delete |
授予权限删除事件。 |
write |
incident * |
- |
|
secmaster:incident:listCategories |
授予权限查询事件类别列表。 |
list |
incident * |
- |
|
secmaster:incident:createType |
授予权限创建事件类型。 |
write |
incident * |
- |
|
secmaster:incident:updateType |
授予权限修改事件类型。 |
write |
incident * |
- |
|
secmaster:incident:deleteType |
授予权限删除事件类型。 |
write |
incident * |
- |
|
secmaster:incident:enableType |
授予权限启用/禁用事件类型。 |
write |
incident * |
- |
|
secmaster:incident:bindLayout |
授予权限绑定事件类型与布局的关联。 |
write |
incident * |
- |
|
secmaster:dataobject:createRelation |
授予权限创建对象关系。 |
write |
dataobject * |
- |
|
secmaster:dataobject:deleteRelation |
授予权限删除对象关系。 |
write |
dataobject * |
- |
|
secmaster:dataobject:listRelation |
授予权限搜索对象关系列表。 |
list |
dataobject * |
- |
|
secmaster:vulnerability:listGroup |
授予权限查询漏洞组列表。 |
list |
vulnerability * |
- |
|
secmaster:vulnerability:getGroup |
授予权限获取漏洞组详情。 |
read |
vulnerability * |
- |
|
secmaster:vulnerability:exportGroup |
授予权限导出漏洞组列表。 |
list |
vulnerability * |
- |
|
secmaster:vulnerability:listType |
授予权限查询漏洞类型列表。 |
list |
vulnerability * |
- |
|
secmaster:vulnerability:bindLayout |
授予权限绑定漏洞类型与布局关联。 |
write |
vulnerability * |
- |
|
secmaster:vulnerability:createType |
授予权限创建漏洞类型。 |
write |
vulnerability * |
- |
|
secmaster:vulnerability:updateType |
授予权限修改漏洞类型。 |
write |
vulnerability * |
- |
|
secmaster:vulnerability:deleteType |
授予权限删除漏洞类型。 |
write |
vulnerability * |
- |
|
secmaster:vulnerability:enableType |
授予权限启用/禁用漏洞类型。 |
write |
vulnerability * |
- |
|
secmaster:subscription:deletePostPaidOrder |
授予权限删除按需订单。 |
write |
- |
- |
|
secmaster:subscription:createPostPaidOrder |
授予权限创建按需订单。 |
write |
- |
- |
|
secmaster:subscription:createPrePaidOrder |
授予权限创建包周期订单。 |
write |
- |
- |
|
secmaster:subscription:getVersion |
授予权限查看订购版本。 |
read |
- |
- |
|
secmaster:metric:getResult |
授予权限查看指标结果。 |
read |
metric * |
- |
|
secmaster:metric:listResults |
授予权限列出指标结果。 |
list |
metric * |
- |
|
secmaster:metric:listHits |
授予权限列出指标Hits结果。 |
list |
metric * |
- |
|
secmaster:agency:get |
授予权限查看委托。 |
read |
- |
- |
|
secmaster:agency:create |
授予权限创建委托。 |
write |
- |
- |
|
secmaster:resource:getStatistics |
授予权限查看资源统计。 |
read |
resource * |
- |
|
secmaster:resource:list |
授予权限列出资源。 |
list |
resource * |
- |
|
secmaster:resource:import |
授予权限导入资源。 |
write |
resource * |
- |
|
secmaster:resource:getTemplate |
授予权限获取资源导入模板。 |
read |
resource * |
- |
|
secmaster:report:list |
授予权限列出报告。 |
list |
report * |
- |
|
secmaster:report:get |
授予权限查看报告。 |
read |
report * |
- |
|
secmaster:report:create |
授予权限创建报告。 |
write |
report * |
- |
|
secmaster:report:update |
授予权限更新报告。 |
write |
report * |
- |
|
secmaster:report:delete |
授予权限删除报告。 |
write |
report * |
- |
|
secmaster:emergencyVulnerability:updateReadStatus |
授予权限设置应急漏洞读取状态。 |
write |
emergencyVulnerability * |
- |
|
secmaster:emergencyVulnerability:list |
授予权限列出应急漏洞。 |
list |
emergencyVulnerability * |
- |
|
secmaster:emergencyVulnerability:export |
授予权限导出应急漏洞。 |
read |
emergencyVulnerability * |
- |
|
secmaster:dataspace:list |
授予权限查询数据空间列表。 |
list |
dataspace * |
- |
|
secmaster:dataspace:create |
授予权限创建数据空间。 |
write |
dataspace * |
- |
|
secmaster:dataspace:get |
授予权限查询数据空间详情。 |
read |
dataspace * |
- |
|
secmaster:dataspace:update |
授予权限更新数据空间。 |
write |
dataspace * |
- |
|
secmaster:dataspace:delete |
授予权限删除数据空间。 |
write |
dataspace * |
- |
|
secmaster:pipe:list |
授予权限查询数据管道列表。 |
list |
pipe * |
- |
|
secmaster:pipe:create |
授予权限创建数据管道。 |
write |
pipe * |
- |
|
secmaster:pipe:get |
授予权限查询数据管道详情。 |
read |
pipe * |
- |
|
secmaster:pipe:update |
授予权限更新数据管道。 |
write |
pipe * |
- |
|
secmaster:pipe:delete |
授予权限删除数据管道。 |
write |
pipe * |
- |
|
secmaster:pipe:getIndex |
授予权限查询数据管道索引。 |
read |
pipe * |
- |
|
secmaster:pipe:updateIndex |
授予权限更新数据管道索引。 |
write |
pipe * |
- |
|
secmaster:pipe:getConsumption |
授予权限查询数据管道消费。 |
read |
pipe * |
- |
|
secmaster:pipe:createConsumption |
授予权限创建数据管道消费。 |
write |
pipe * |
- |
|
secmaster:pipe:deleteConsumption |
授予权限删除数据管道消费。 |
write |
pipe * |
- |
|
secmaster:search:listLogs |
授予权限查询数据。 |
list |
workspace * |
- |
|
secmaster:search:listHistograms |
授予权限查询数据分布直方图。 |
list |
workspace * |
- |
|
secmaster:search:createAnalysis |
授予权限执行分析。 |
write |
workspace * |
- |
|
secmaster:searchCondition:list |
授予权限查询检索条件列表。 |
list |
searchCondition * |
- |
|
secmaster:searchCondition:create |
授予权限创建检索条件。 |
write |
searchCondition * |
- |
|
secmaster:searchCondition:get |
授予权限查询检索条件详情。 |
read |
searchCondition * |
- |
|
secmaster:searchCondition:update |
授予权限更新检索条件。 |
write |
searchCondition * |
- |
|
secmaster:searchCondition:delete |
授予权限删除检索条件。 |
write |
searchCondition * |
- |
|
secmaster:alertRule:list |
授予权限查询告警模型。 |
list |
alertRule * |
- |
|
secmaster:alertRule:create |
授予权限创建告警模型。 |
write |
alertRule * |
- |
|
secmaster:alertRule:get |
授予权限查询告警模型详情。 |
read |
alertRule * |
- |
|
secmaster:alertRule:update |
授予权限修改告警模型。 |
write |
alertRule * |
- |
|
secmaster:alertRule:delete |
授予权限删除告警模型。 |
write |
alertRule * |
- |
|
secmaster:alertRule:enable |
授予权限启用告警模型。 |
write |
alertRule * |
- |
|
secmaster:alertRule:disable |
授予权限停用告警模型。 |
write |
alertRule * |
- |
|
secmaster:alertRule:listMetrics |
授予权限查询告警模型总览。 |
list |
alertRule * |
- |
|
secmaster:alertRule:createSimulation |
授予权限模拟告警模型。 |
write |
alertRule * |
- |
|
secmaster:alertRuleTemplate:list |
授予权限查询告警模板。 |
list |
alertRuleTemplate * |
- |
|
secmaster:alertRuleTemplate:get |
授予权限查询告警模板详情。 |
read |
alertRuleTemplate * |
- |
|
secmaster:alertRuleTemplate:listMetrics |
授予权限查询告警模板总览。 |
list |
alertRuleTemplate * |
- |
|
secmaster:dataclass:create |
授予权限创建数据类。 |
write |
dataclass * |
- |
|
secmaster:dataclass:update |
授予权限更新数据类。 |
write |
dataclass * |
- |
|
secmaster:dataclass:delete |
授予权限删除数据类。 |
write |
dataclass * |
- |
|
secmaster:dataclass:get |
授予权限获取数据类详情。 |
read |
dataclass * |
- |
|
secmaster:dataclass:list |
授予权限查询数据类列表。 |
list |
dataclass * |
- |
|
secmaster:dataclass:createField |
授予权限创建字段。 |
write |
dataclass * |
- |
|
secmaster:dataclass:updateField |
授予权限更新字段。 |
write |
dataclass * |
- |
|
secmaster:dataclass:deleteField |
授予权限删除字段。 |
write |
dataclass * |
- |
|
secmaster:dataclass:getField |
授予权限获取字段详情。 |
read |
dataclass * |
- |
|
secmaster:dataclass:listFields |
授予权限查询字段列表。 |
list |
dataclass * |
- |
|
secmaster:dataclass:getType |
授予权限获取类型详情。 |
read |
dataclass * |
- |
|
secmaster:dataclass:listTypes |
授予权限查询类型列表。 |
list |
dataclass * |
- |
|
secmaster:mapping:update |
授予权限更新分类映射状态。 |
write |
mapping * |
- |
|
secmaster:mapping:list |
授予权限搜索分类映射列表。 |
list |
mapping * |
- |
|
secmaster:mapping:getDatasource |
授予权限获取分类映射数据源。 |
read |
mapping * |
- |
|
secmaster:mapping:listFunctions |
授予权限获取分类映射函数。 |
list |
mapping * |
- |
|
secmaster:mapping:delete |
授予权限删除分类映射。 |
write |
mapping * |
- |
|
secmaster:mapping:copy |
授予权限复制分类映射。 |
write |
mapping * |
- |
|
secmaster:mapping:createClassifier |
授予权限创建分类。 |
write |
mapping * |
- |
|
secmaster:mapping:updateClassifier |
授予权限更新分类。 |
write |
mapping * |
- |
|
secmaster:mapping:getClassifier |
授予权限获取分类信息。 |
read |
mapping * |
- |
|
secmaster:mapping:deleteClassifier |
授予权限删除分类。 |
write |
mapping * |
- |
|
secmaster:mapping:createMapper |
授予权限创建映射。 |
write |
mapping * |
- |
|
secmaster:mapping:updateMapper |
授予权限更新映射。 |
write |
mapping * |
- |
|
secmaster:mapping:listMappers |
授予权限查询映射列表。 |
list |
mapping * |
- |
|
secmaster:mapping:getMapper |
授予权限获取映射信息。 |
read |
mapping * |
- |
|
secmaster:mapping:deleteMapper |
授予权限删除映射。 |
write |
mapping * |
- |
|
secmaster:layout:listBusinessTypes |
授予权限获取布局类型列表。 |
list |
layout * |
- |
|
secmaster:layout:list |
授予权限查询布局列表。 |
list |
layout * |
- |
|
secmaster:layout:create |
授予权限创建布局。 |
write |
layout * |
- |
|
secmaster:layout:delete |
授予权限删除布局。 |
write |
layout * |
- |
|
secmaster:layout:update |
授予权限更新布局。 |
write |
layout * |
- |
|
secmaster:layout:get |
授予权限查询布局。 |
read |
layout * |
- |
|
secmaster:layout:createTemplate |
授予权限另存为模板。 |
write |
layout * |
- |
|
secmaster:layout:createField |
授予权限创建布局字段。 |
write |
layout * |
- |
|
secmaster:layout:listFields |
授予权限获取布局字段列表。 |
list |
layout * |
- |
|
secmaster:layout:getField |
授予权限获取布局字段详情。 |
read |
layout * |
- |
|
secmaster:layout:updateFiled |
授予权限更新布局字段。 |
write |
layout * |
- |
|
secmaster:layout:deleteField |
授予权限删除布局字段。 |
write |
layout * |
- |
|
secmaster:layout:listWizards |
授予权限获取页面。 |
list |
layout * |
- |
|
secmaster:layout:createWizard |
授予权限创建页面。 |
write |
layout * |
- |
|
secmaster:layout:getWizard |
授予权限获取页面详情。 |
read |
layout * |
- |
|
secmaster:layout:deleteWizard |
授予权限删除页面。 |
write |
layout * |
- |
|
secmaster:layout:updateWizard |
授予权限更新页面。 |
write |
layout * |
- |
|
secmaster:catalogue:list |
授予权限目录列表查询。 |
list |
catalogue * |
- |
|
secmaster:catalogue:update |
授予权限更新目录。 |
write |
catalogue * |
- |
|
secmaster:playbook:export |
授予权限导出剧本。 |
read |
playbook * |
- |
|
secmaster:playbook:import |
授予权限导入剧本。 |
write |
playbook * |
- |
|
secmaster:indicator:downloadTemplate |
授予权限下载指标模板。 |
read |
indicator * |
- |
|
secmaster:indicator:export |
授予权限导出指标。 |
read |
indicator * |
- |
|
secmaster:indicator:import |
授予权限导入指标。 |
write |
indicator * |
- |
|
secmaster:table:list |
授予权限查询表。 |
list |
table * |
- |
|
secmaster:table:create |
授予权限创建表。 |
write |
table * |
- |
|
secmaster:table:get |
授予权限查询表详情。 |
read |
table * |
- |
|
secmaster:table:update |
授予权限修改表。 |
write |
table * |
- |
|
secmaster:table:delete |
授予权限删除表。 |
write |
table * |
- |
|
secmaster:table:createLock |
授予权限锁止表。 |
write |
table * |
- |
|
secmaster:table:deleteLock |
授予权限解锁表。 |
write |
table * |
- |
|
secmaster:table:listMetrics |
授予权限查询表总览。 |
list |
table * |
- |
|
secmaster:table:updateSchema |
授予权限设计表。 |
write |
table * |
- |
SecMaster的API通常对应着一个或多个授权项。表2展示了API与授权项的关系,以及该API需要依赖的授权项。
|
API |
对应的操作项 |
依赖的操作项 |
|---|---|---|
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/{playbook_id} |
secmaster:playbook:get |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks |
secmaster:playbook:create |
- |
|
DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/{playbook_id} |
secmaster:playbook:delete |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/{playbook_id} |
secmaster:playbook:update |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks |
secmaster:playbook:list |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/statistics |
secmaster:playbook:getStatistics |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/{playbook_id}/monitor |
secmaster:playbook:getMonitor |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{playbook_version_id}/clone |
secmaster:playbook:copyVersion |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{playbook_version_id}/approve |
secmaster:playbook:approve |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/approval |
secmaster:playbook:listApproves |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/instances |
secmaster:playbook:listInstances |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/instances/auditlogs |
secmaster:playbook:getInstanceAuditlog |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions |
secmaster:playbook:createVersion |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{playbook_version_id}/rules |
secmaster:playbook:createVersionRule |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{playbook_version_id}/actions |
secmaster:playbook:createVersionAction |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{playbook_version_id} |
secmaster:playbook:getVersion |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{playbook_version_id}/rules/{rule_id} |
secmaster:playbook:getVersionRule |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{playbook_version_id} |
secmaster:playbook:deleteVersion |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{playbook_version_id}/rules/{rule_id} |
secmaster:playbook:deleteVersionRule |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{playbook_version_id}/actions/{action_id} |
secmaster:playbook:deleteVersionAction |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{playbook_version_id} |
secmaster:playbook:updateVersion |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{playbook_version_id}/rules/{rule_id} |
secmaster:playbook:updateVersionRule |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{playbook_version_id}/actions/{action_id} |
secmaster:playbook:updateVersionAction |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/{playbook_id}/versions |
secmaster:playbook:listVersions |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{playbook_version_id}/actions |
secmaster:playbook:listVersionActions |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/instances/{instance_id} |
secmaster:playbook:getInstance |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/instances/{instance_id}/topology |
secmaster:playbook:getInstanceTopology |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/instances/{instance_id}/operation |
secmaster:playbook:operateInstance |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/workflows |
secmaster:workflow:list |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id} |
secmaster:workflow:get |
- |
|
DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id} |
secmaster:workflow:delete |
- |
|
GET /v1/{project_id}/workspacesPOST /v1/{project_id}/workspaces/{workspace_id}/soc/workflows |
secmaster:workflow:create |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id} |
secmaster:workflow:update |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}/versions |
secmaster:workflow:listVersions |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}/versions/{version_id} |
secmaster:workflow:getVersion |
- |
|
DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}/versions/{version_id} |
secmaster:workflow:deleteVersion |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}/versions |
secmaster:workflow:createVersion |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}/versions/{version_id} |
secmaster:workflow:updateVersion |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}/versions/{version_id}/approval |
secmaster:workflow:approveVersion |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}/validation |
secmaster:workflow:validate |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}/versions/{version_id}/debug/result |
secmaster:workflow:simulate |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/instances/{instance_id}/topology |
secmaster:workflow:getInstance |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}/instances |
secmaster:workflow:operateInstance |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/assetcredentials |
secmaster:connection:list |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/assetcredentials |
secmaster:connection:create |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/assetcredentials/{asset_id} |
secmaster:connection:get |
- |
|
DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/assetcredentials/{asset_id} |
secmaster:connection:delete |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id}/soc/assetcredentials/{asset_id} |
secmaster:connection:update |
- |
|
GET /v1/{project_id}/workspaces |
secmaster:workspace:list |
- |
|
POST /v1/{project_id}/workspaces |
secmaster:workspace:create |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id} |
secmaster:workspace:update |
- |
|
GET /v1/{project_id}/workspaces/v1/{project_id}/workspaces/{workspace_id} |
secmaster:workspace:get |
- |
|
DELETE /v1/{project_id}/workspaces/{workspace_id} |
secmaster:workspace:delete |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/tasks |
secmaster:task:list |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/tasks |
secmaster:task:create |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id}/soc/tasks/{task_id} |
secmaster:task:update |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/tasks/{task_id} |
secmaster:task:get |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/indicators/{indicator_id} |
secmaster:indicator:get |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/indicators |
secmaster:indicator:create |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id}/soc/indicators/{indicator_id} |
secmaster:indicator:update |
- |
|
DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/indicators/{indicator_id} |
secmaster:indicator:delete |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/indicators/search |
secmaster:indicator:list |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/indicators/types |
secmaster:indicator:listTypes |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/indicators/types/layout |
secmaster:indicator:bindLayout |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/{alert_id} |
secmaster:alert:get |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/alerts |
secmaster:alert:create |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/{alert_id} |
secmaster:alert:update |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/search |
secmaster:alert:list |
- |
|
DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/alerts |
secmaster:alert:delete |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/batch-order |
secmaster:alert:batchOrders |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/types |
secmaster:alert:listTypes |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/types/category |
secmaster:alert:listCategories |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/types |
secmaster:alert:createType |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/types/{dataclass_type_id} |
secmaster:alert:updateType |
- |
|
DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/types |
secmaster:alert:deleteType |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/types/enable |
secmaster:alert:enableType |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/types/layout |
secmaster:alert:bindLayout |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/incidents/{incident_id} |
secmaster:incident:get |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/incidents |
secmaster:incident:create |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id}/soc/incidents/{incident_id} |
secmaster:incident:update |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/incidents/search |
secmaster:incident:list |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/incidents/types |
secmaster:incident:listTypes |
- |
|
DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/incidents |
secmaster:incident:delete |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/incidents/types/category |
secmaster:incident:listCategories |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/incidents/types |
secmaster:incident:createType |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id}/soc/incidents/types/{dataclass_type_id} |
secmaster:incident:updateType |
- |
|
DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/incidents/types |
secmaster:incident:deleteType |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/incidents/enable |
secmaster:incident:enableType |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/incidents/types/layout |
secmaster:incident:bindLayout |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/{dataclass_type}/{data_object_id}/{related_dataclass_type} |
secmaster:dataobject:createRelation |
- |
|
DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/{dataclass_type}/{data_object_id}/{related_dataclass_type} |
secmaster:dataobject:deleteRelation |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/{dataclass_type}/{data_object_id}/{related_dataclass_type}/search |
secmaster:dataobject:listRelation |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/vulnerability/search |
secmaster:vulnerability:listGroup |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/vulnerability/{vul_id} |
secmaster:vulnerability:getGroup |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/vulnerability/export |
secmaster:vulnerability:exportGroup |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/vulnerabilities/types |
secmaster:vulnerability:listType |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/vulnerabilities/types/layout |
secmaster:vulnerability:bindLayout |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/vulnerabilities/types |
secmaster:vulnerability:createType |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id}/soc/vulnerabilities/types/{dataclass_type_id} |
secmaster:vulnerability:updateType |
- |
|
DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/vulnerabilities/types |
secmaster:vulnerability:deleteType |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/vulnerabilities/types/enable |
secmaster:vulnerability:enableType |
- |
|
DELETE /v1/{project_id}/subscriptions/orders |
secmaster:subscription:deletePostPaidOrder |
- |
|
POST /v1/{project_id}/subscriptions/orders |
secmaster:subscription:createPostPaidOrder |
- |
|
POST /v1/{project_id}/subscriptions/orders/{order_id} |
secmaster:subscription:createPrePaidOrder |
- |
|
GET /v1/{project_id}/subscriptions/version |
secmaster:subscription:getVersion |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/sa/metrics/{metric_id}/result |
secmaster:metric:getResult |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/sa/metrics/results |
secmaster:metric:listResults |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/sa/metrics/hits |
secmaster:metric:listHits |
- |
|
GET /v1/{project_id}/agency |
secmaster:agency:get |
- |
|
POST /v1/{project_id}/agency |
secmaster:agency:create |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/resource-statistics |
secmaster:resource:getStatistics |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/resources |
secmaster:resource:list |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/sa/resources/import |
secmaster:resource:import |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/sa/resource/template |
secmaster:resource:getTemplate |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/sa/reports |
secmaster:report:list |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/sa/reports/{report_id} |
secmaster:report:get |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/sa/reports |
secmaster:report:create |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id}/sa/reports/{report_id} |
secmaster:report:update |
- |
|
DELETE /v1/{project_id}/workspaces/{workspace_id}/sa/reports/{report_id} |
secmaster:report:delete |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/sa/vulnerability/read-status |
secmaster:emergencyVulnerability:updateReadStatus |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/sa/vulnerability/list |
secmaster:emergencyVulnerability:list |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/sa/vulnerability/export |
secmaster:emergencyVulnerability:export |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/siem/dataspaces |
secmaster:dataspace:list |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/siem/dataspaces |
secmaster:dataspace:create |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/siem/dataspaces/{dataspace_id} |
secmaster:dataspace:get |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id}/siem/dataspaces/{dataspace_id} |
secmaster:dataspace:update |
- |
|
DELETE /v1/{project_id}/workspaces/{workspace_id}/siem/dataspaces/{dataspace_id} |
secmaster:dataspace:delete |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/siem/pipes |
secmaster:pipe:list |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/siem/pipes |
secmaster:pipe:create |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/siem/pipes/{pipe_id} |
secmaster:pipe:get |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id}/siem/pipes/{pipe_id} |
secmaster:pipe:update |
- |
|
DELETE /v1/{project_id}/workspaces/{workspace_id}/siem/pipes/{pipe_id} |
secmaster:pipe:delete |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/siem/pipes/{pipe_id}/index |
secmaster:pipe:getIndex |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id}/siem/pipes/{pipe_id}/index |
secmaster:pipe:updateIndex |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/siem/pipes/{pipe_id}/consumption |
secmaster:pipe:getConsumption |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/siem/pipes/{pipe_id}/consumption |
secmaster:pipe:createConsumption |
- |
|
DELETE /v1/{project_id}/workspaces/{workspace_id}/siem/pipes/{pipe_id}/consumption |
secmaster:pipe:deleteConsumption |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/siem/search/logs |
secmaster:search:listLogs |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/siem/search/histograms |
secmaster:search:listHistograms |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/siem/search/analysis |
secmaster:search:createAnalysis |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/siem/search/conditions |
secmaster:searchCondition:list |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/siem/search/conditions |
secmaster:searchCondition:create |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/siem/search/conditions/{condition_id} |
secmaster:searchCondition:get |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id}/siem/search/conditions/{condition_id} |
secmaster:searchCondition:update |
- |
|
DELETE /v1/{project_id}/workspaces/{workspace_id}/siem/search/conditions/{condition_id} |
secmaster:searchCondition:delete |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules |
secmaster:alertRule:list |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules |
secmaster:alertRule:create |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules/{rule_id} |
secmaster:alertRule:get |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules/{rule_id} |
secmaster:alertRule:update |
- |
|
DELETE /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules |
secmaster:alertRule:delete |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules/enable |
secmaster:alertRule:enable |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules/disable |
secmaster:alertRule:disable |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules/metrics |
secmaster:alertRule:listMetrics |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules/simulation |
secmaster:alertRule:createSimulation |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules/templates |
secmaster:alertRuleTemplate:list |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules/templates/{template_id} |
secmaster:alertRuleTemplate:get |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules/templates/metrics |
secmaster:alertRuleTemplate:listMetrics |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses |
secmaster:dataclass:create |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id} |
secmaster:dataclass:update |
- |
|
DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id} |
secmaster:dataclass:delete |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id} |
secmaster:dataclass:get |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses |
secmaster:dataclass:list |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id}/fields |
secmaster:dataclass:createField |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id}/fields/{field_id} |
secmaster:dataclass:updateField |
- |
|
DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id}/fields |
secmaster:dataclass:deleteField |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id}/fields/{field_id} |
secmaster:dataclass:getField |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id}/fields |
secmaster:dataclass:listFields |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id}/types/{dataclass_type_id} |
secmaster:dataclass:getType |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id}/types |
secmaster:dataclass:listTypes |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/{mapping_id}/status |
secmaster:mapping:update |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/search |
secmaster:mapping:list |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/data-source |
secmaster:mapping:getDatasource |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/functions |
secmaster:mapping:listFunctions |
- |
|
DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/{mapping_id} |
secmaster:mapping:delete |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/{mapping_id}/clone |
secmaster:mapping:copy |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/classifiers |
secmaster:mapping:createClassifier |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/classifiers/{classifier_id} |
secmaster:mapping:updateClassifier |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/classifiers/{classifier_id} |
secmaster:mapping:getClassifier |
- |
|
DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/classifiers/{classifier_id} |
secmaster:mapping:deleteClassifier |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/mappers |
secmaster:mapping:createMapper |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/mappers/{mapper_id} |
secmaster:mapping:updateMapper |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/mappers/search |
secmaster:mapping:listMappers |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/mappers/{mapper_id} |
secmaster:mapping:getMapper |
- |
|
DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/mappers/{mapper_id} |
secmaster:mapping:deleteMapper |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/business-type |
secmaster:layout:listBusinessTypes |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/search |
secmaster:layout:list |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/layouts |
secmaster:layout:create |
- |
|
DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/layouts |
secmaster:layout:delete |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/{layout_id} |
secmaster:layout:update |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/{layout_id} |
secmaster:layout:get |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/template |
secmaster:layout:createTemplate |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/{layout_id}/fields |
secmaster:layout:createField |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/{layout_id}/fields |
secmaster:layout:listFields |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/{layout_id}/fields/{field_id} |
secmaster:layout:getField |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/{layout_id}/fields/{field_id} |
secmaster:layout:updateFiled |
- |
|
DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/{layout_id}/fields |
secmaster:layout:deleteField |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/{layout_id}/wizards |
secmaster:layout:listWizards |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/{layout_id}/wizards |
secmaster:layout:createWizard |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/wizards/{wizard_id};/v1/{project_id}/workspaces/{workspace_id}/soc/layouts/wizards |
secmaster:layout:getWizard |
- |
|
DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/wizards/{wizard_id} |
secmaster:layout:deleteWizard |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/wizards |
secmaster:layout:updateWizard |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/catalogues/search;/v1/{project_id}/workspaces/{workspace_id}/soc/catalogues |
secmaster:catalogue:list |
- |
|
PUT /v1/{project_id}/workspaces/{workspace_id}/soc/catalogues/{catalogue_id} |
secmaster:catalogue:update |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/export |
secmaster:playbook:export |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/import |
secmaster:playbook:import |
- |
|
GET /v1/{project_id}/workspaces/{workspace_id}/soc/indicators/template/download |
secmaster:indicator:downloadTemplate |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/indicators/export |
secmaster:indicator:export |
- |
|
POST /v1/{project_id}/workspaces/{workspace_id}/soc/indicators/import |
secmaster:indicator:import |
- |
|
GET /v2/{project_id}/workspaces/{workspace_id}/siem/tables |
secmaster:table:list |
- |
|
-POST /v2/{project_id}/workspaces/{workspace_id}/siem/tables |
secmaster:table:create |
- |
|
GET /v2/{project_id}/workspaces/{workspace_id}/siem/tables/{table_id} |
secmaster:table:get |
- |
|
PUT /v2/{project_id}/workspaces/{workspace_id}/siem/tables/{table_id} |
secmaster:table:update |
- |
|
DELETE /v2/{project_id}/workspaces/{workspace_id}/siem/tables/{table_id} |
secmaster:table:delete |
- |
|
POST /v2/{project_id}/workspaces/{workspace_id}/siem/tables/{table_id}/lock |
secmaster:table:createLock |
- |
|
DELETE /v2/{project_id}/workspaces/{workspace_id}/siem/tables/{table_id}/lock |
secmaster:table:deleteLock |
- |
|
GET /v2/{project_id}/workspaces/{workspace_id}/siem/tables/metrics |
secmaster:table:listMetrics |
- |
|
PUT /v2/{project_id}/workspaces/{workspace_id}/siem/tables/{table_id}/schema |
secmaster:table:updateSchema |
- |
资源类型(Resource)
资源类型(Resource)表示SCP所作用的资源。某些操作指定了可以在该操作指定的资源类型,则必须在具有该操作的SCP语句中指定该资源的URN,SCP仅作用于此资源;如未指定,Resource默认为“*”,则SCP将应用到所有资源。您也可以在SCP中设置条件,从而指定资源类型。
SecMaster定义了以下可以在SCP的Resource元素中使用的资源类型。
|
资源类型 |
URN |
|---|---|
|
workspace |
secmaster:<region>:<account-id>:workspace:<workspace-id> |
|
playbook |
secmaster:<region>:<account-id>:playbook:<workspace-id>/<playbook-id> |
|
workflow |
secmaster:<region>:<account-id>:workflow:<workspace-id>/<workflow-id> |
|
connection |
secmaster:<region>:<account-id>:connection:<workspace-id>/<connection-id> |
|
task |
secmaster:<region>:<account-id>:task:<workspace-id>/<task-id> |
|
indicator |
secmaster:<region>:<account-id>:indicator:<workspace-id>/<indicator-id> |
|
alert |
secmaster:<region>:<account-id>:alert:<workspace-id>/<alert-id> |
|
incident |
secmaster:<region>:<account-id>:incident:<workspace-id>/<incident-id> |
|
dataobject |
secmaster:<region>:<account-id>:dataobject:<workspace-id>/<dataobject-id> |
|
metric |
secmaster:<region>:<account-id>:metric:<workspace-id>/<metric-id> |
|
resource |
secmaster:<region>:<account-id>:resource:<workspace-id>/<resource-id> |
|
report |
secmaster:<region>:<account-id>:report:<workspace-id>/<report-id> |
|
emergencyVulnerability |
secmaster:<region>:<account-id>:emergencyVulnerability:<workspace-id>/<emergency-vulnerability-id> |
|
dataspace |
secmaster:<region>:<account-id>:dataspace:<workspace-id>/<dataspace-id> |
|
pipe |
secmaster:<region>:<account-id>:pipe:<workspace-id>/<pipe-id> |
|
alertRule |
secmaster:<region>:<account-id>:alertRule:<workspace-id>/<alertRule-id> |
|
vulnerability |
secmaster:<region>:<account-id>:vulnerability:<workspace-id>/<vulnerability-id> |
|
alertRuleTemplate |
secmaster:<region>:<account-id>:alertRuleTemplate:<workspace-id>/<alertRuleTemplate-id> |
|
searchCondition |
secmaster:<region>:<account-id>:searchCondition:<workspace-id>/<searchCondition-id> |
|
dataclass |
secmaster:<region>:<account-id>:dataclass:<workspace-id>/<dataclass-id> |
|
mapping |
secmaster:<region>:<account-id>:mapping:<workspace-id>/<mapping-id> |
|
layout |
secmaster:<region>:<account-id>:layout:<workspace-id>/<layout-id> |
|
catalogue |
secmaster:<region>:<account-id>:catalogue:<workspace-id>/<catalogue-id> |
|
table |
secmaster:<region>:<account-id>:table:<workspace-id>/<table-id> |
|
policy |
secmaster:<region>:<account-id>:policy:<workspace-id>/<policy-id> |
|
baseline |
secmaster:<region>:<account-id>:baseline:<workspace-id>/<baseline-id> |
|
shipper |
secmaster:<region>:<account-id>:shipper:<workspace-id>/<shipper-id> |
|
analysisScript |
secmaster:<region>:<account-id>:analysisScript:<workspace-id>/<analysisScript-id> |
|
collectorChannel |
secmaster:<region>:<account-id>:collectorChannel:<workspace-id>/<collectorChannel-id> |
|
collectorChannelGroup |
secmaster:<region>:<account-id>:collectorChannelGroup:<workspace-id>/<collectorChannelGroup-id> |
|
collectorConnection |
secmaster:<region>:<account-id>:collectorConnection:<workspace-id>/<collectorConnection-id> |
|
collectorParser |
secmaster:<region>:<account-id>:collectorParser:<workspace-id>/<collectorParser-id> |
|
component |
secmaster:<region>:<account-id>:component:<workspace-id>/<component-id> |
|
node |
secmaster:<region>:<account-id>:node:<workspace-id>/<node-id> |
|
accountAgency |
secmaster:<region>:<account-id>:accountAgency:<accountAgency-id> |
条件(Condition)
条件键概述
条件(Condition)是身份策略生效的特定条件,包括条件键和运算符。
- 条件键表示身份策略语句的Condition元素中的键值。根据适用范围,分为全局级条件键和服务级条件键。
- 全局级条件键(前缀为g:)适用于所有操作,在鉴权过程中,云服务不需要提供用户身份信息,系统将自动获取并鉴权。详情请参见:全局条件键。
- 服务级条件键(前缀通常为服务缩写,如secmaster)仅适用于对应服务的操作,详情请参见表4。
- 单值/多值表示API调用时请求中与条件关联的值数。单值条件键在API调用时的请求中最多包含一个值,多值条件键在API调用时请求可以包含多个值。例如:g:SourceVpce是单值条件键,表示仅允许通过某个VPC终端节点发起请求访问某资源,一个请求最多包含一个VPC终端节点ID值。g:TagKeys是多值条件键,表示请求中携带的所有标签的key组成的列表,当用户在调用API请求时传入标签可以传入多个值。
- 运算符与条件键、条件值一起构成完整的条件判断语句,当请求信息满足该条件时,身份策略才能生效。支持的运算符请参见:运算符。
SecMaster支持的服务级条件键
SecMaster定义了以下可以在身份策略的Condition元素中使用的条件键,您可以使用这些条件键进一步细化身份策略语句应用的条件。
SecMaster服务不支持在SCP中的条件键中配置服务级的条件键。
|
服务级条件键 |
类型 |
单值/多值 |
说明 |
|---|---|---|---|
|
secmaster:TargetRegion |
字符串 |
多值 |
仅Action secmaster:workspace:createAgency支持该服务级条件键。根据请求中的托管空间的region属性过滤条件键secmaster:TargetRegion指定的目标区域(Region)。 |
条件键示例
