diff --git a/CHANGELOG.md b/CHANGELOG.md index 898f459..2b83721 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,10 @@ # Changelog +## v1.0.3 + +### Added or Changed +- Added documentation to all Cloud Visibility API endpoints +- Changed name to Cloud Visibility from Cloud Entitlements Manager +- Added missing Cloud Visibility API endpoints for Delegation ## v1.0.2 diff --git a/README.md b/README.md index d30cd12..e70c221 100644 --- a/README.md +++ b/README.md @@ -237,10 +237,11 @@ The second variable, TEST_LOG_VERBOSE, will enable verbose logging for the API. - [ ] Add development documentation - [ ] Ensure documentation is updated for endpoints - [ ] SaaS - - [ ] Cloud Entitlements Manager + - [x] Cloud Visibility - [x] Conjur Cloud - [x] Connector Managent - [ ] Identity + - [ ] Endpoint Privilege Manager - [x] Privilege Cloud - [x] Secrets Hub - [x] Secure Cloud Access diff --git a/SaaS/Cloud Entitlements Manager/Identities/Search Identities.bru b/SaaS/Cloud Entitlements Manager/Identities/Search Identities.bru deleted file mode 100644 index c40ac99..0000000 --- a/SaaS/Cloud Entitlements Manager/Identities/Search Identities.bru +++ /dev/null @@ -1,35 +0,0 @@ -meta { - name: Search Identities - type: http - seq: 1 -} - -post { - url: https://{{identityTenantName}}-cem.cyberark.cloud/api/identities - body: json - auth: none -} - -body:json { - { - "paginationData": { - "limit": 5, - "nextToken": 5 - }, - "filter": { - "admin": true - } - } -} - -assert { - res.body: isJson - res.status: eq 200 -} - -script:pre-request { - const platformTokenAuth = require('./tools/platformTokenAuth'); - - // Perform authentication usings platformToken.js tools - await platformTokenAuth.login(); -} diff --git a/SaaS/Cloud Entitlements Manager/Remediations/Get Remediation.bru b/SaaS/Cloud Entitlements Manager/Remediations/Get Remediation.bru deleted file mode 100644 index fda18ec..0000000 --- a/SaaS/Cloud Entitlements Manager/Remediations/Get Remediation.bru +++ /dev/null @@ -1,62 +0,0 @@ -meta { - name: Get Remediation - type: http - seq: 1 -} - -get { - url: https://{{identityTenantName}}-cem.cyberark.cloud/api/reduce-exposure/remediation - body: none - auth: none -} - -query { - ~identityId: - ~plaform: - ~workspaceId: - ~execTime: -} - -body:json { - { - "workspaceId": "string", - "platformType": "aws", - "hierarchyTreeLevel": "LEAF" - } -} - -script:pre-request { - const platformTokenAuth = require('./tools/platformTokenAuth'); - - // Perform authentication usings platformToken.js tools - await platformTokenAuth.login(); -} - -docs { - This section describes the API for retrieving an identity's remediations in Cloud Entitlements Manager. - - ## Schemas - - - ## Response Status Codes - - 200 - Get all workspaces - - 500 - Internal server error - - ## Example Success Response - ``` - { - "platform": "aws", - "workspaceId": "string", - "identityId": "string", - "remediations": [ - { - "UN_USED_PERMISSIONS": { - "LEAST_PRIVILEGE": { - "data": "string" - } - } - } - ] - } - ``` -} diff --git a/SaaS/Cloud Entitlements Manager/Workspaces/Get Workspaces.bru b/SaaS/Cloud Entitlements Manager/Workspaces/Get Workspaces.bru deleted file mode 100644 index 4271875..0000000 --- a/SaaS/Cloud Entitlements Manager/Workspaces/Get Workspaces.bru +++ /dev/null @@ -1,60 +0,0 @@ -meta { - name: Get Workspaces - type: http - seq: 1 -} - -get { - url: https://{{identityTenantName}}-cem.cyberark.cloud/api/customer/platforms/workspaces/ - body: none - auth: none -} - -body:json { - { - "workspaceId": "string", - "platformType": "aws", - "hierarchyTreeLevel": "LEAF" - } -} - -assert { - res.body: isJson - res.status: eq 200 -} - -script:pre-request { - const platformTokenAuth = require('./tools/platformTokenAuth'); - - // Perform authentication usings platformToken.js tools - await platformTokenAuth.login(); -} - -docs { - This section describes the API for retrieving a list of workspaces in Cloud Entitlements Manager. - - ## Schemas - - - ## Response Status Codes - - 200 - Get all workspaces - - 500 - Internal server error - - ## Example Success Response - ``` - { - "data": [ - { - "platform": "aws", - "workspaces": [ - { - "workspace_id": "string", - "workspace_status": "CONNECTED", - "workspace_name": "string" - } - ] - } - ] - } - ``` -} diff --git a/SaaS/Cloud Visibility/Delegations/Add Delegation.bru b/SaaS/Cloud Visibility/Delegations/Add Delegation.bru new file mode 100644 index 0000000..d924584 --- /dev/null +++ b/SaaS/Cloud Visibility/Delegations/Add Delegation.bru @@ -0,0 +1,311 @@ +meta { + name: Add Delegation + type: http + seq: 1 +} + +post { + url: https://{{identityTenantName}}-cem.cyberark.cloud/api/delegations/{{cloudPlatform}} + body: json + auth: none +} + +body:json { + { + "version": "string", + "resource": "string", + "path": "string", + "httpMethod": "POST", + "headers": { + "additionalProp1": "string", + "additionalProp2": "string", + "additionalProp3": "string" + }, + "multiValueHeaders": { + "additionalProp1": [ + "string" + ], + "additionalProp2": [ + "string" + ], + "additionalProp3": [ + "string" + ] + }, + "queryStringParameters": { + "additionalProp1": "string", + "additionalProp2": "string", + "additionalProp3": "string" + }, + "multiValueQueryStringParameters": { + "additionalProp1": [ + "string" + ], + "additionalProp2": [ + "string" + ], + "additionalProp3": [ + "string" + ] + }, + "requestContext": { + "accountId": "string", + "apiId": "string", + "authorizer": { + "claims": {}, + "scopes": [ + "string" + ] + }, + "stage": "string", + "protocol": "string", + "identity": { + "accessKey": "string", + "accountId": "string", + "apiKey": "string", + "apiKeyId": "string", + "caller": "string", + "cognitoAuthenticationProvider": "string", + "cognitoAuthenticationType": "string", + "cognitoIdentityId": "string", + "cognitoIdentityPoolId": "string", + "principalOrgId": "string", + "sourceIp": "string", + "user": "string", + "userAgent": "string", + "userArn": "string", + "clientCert": { + "clientCertPem": "string", + "subjectDN": "string", + "issuerDN": "string", + "serialNumber": "string", + "validity": { + "notBefore": "string", + "notAfter": "string" + } + } + }, + "requestId": "string", + "requestTime": "string", + "requestTimeEpoch": "2024-11-08T17:54:51.062Z", + "resourceId": "string", + "resourcePath": "string", + "domainName": "string", + "domainPrefix": "string", + "extendedRequestId": "string", + "httpMethod": "DELETE", + "path": "string", + "connectedAt": "2024-11-08T17:54:51.062Z", + "connectionId": "string", + "eventType": "CONNECT", + "messageDirection": "string", + "messageId": "string", + "routeKey": "string", + "operationName": "string" + }, + "pathParameters": { + "cloudPlatform": "AWS" + }, + "stageVariables": { + "additionalProp1": "string", + "additionalProp2": "string", + "additionalProp3": "string" + }, + "isBase64Encoded": true, + "body": { + "workspaces": [ + { + "organization": "string", + "workspaceType": "account", + "workspaceId": "string", + "workspaceName": "string" + } + ], + "entities": [ + { + "delegationId": 0, + "entityType": "Group", + "entityId": "string", + "entityName": "string", + "directoryId": "string", + "directoryName": "string", + "entityEmail": "string", + "serviceType": "string", + "userPrincipal": "string" + } + ] + } + } +} + +vars:pre-request { + cloudPlatform: +} + +assert { + res.status: eq 200 + res.body: isJson +} + +script:pre-request { + const platformTokenAuth = require('./tools/platformTokenAuth'); + + // Perform authentication usings platformToken.js tools + await platformTokenAuth.login(); +} + +docs { + ## Add Delegation + Add delegates for a given set of workspaces + + ### Request URL + https://-cem.cyberark.cloud/api/delegations/{cloudPlatform} + + #### Request Resource Information + | HTTP Method | Content Type | + | :-- | :-- | + | POST | application/json | + + #### Request Query Parameters + None + + #### Example Request Body + ``` + { + "version": "string", + "resource": "string", + "path": "string", + "httpMethod": "POST", + "headers": { + "additionalProp1": "string", + "additionalProp2": "string", + "additionalProp3": "string" + }, + "multiValueHeaders": { + "additionalProp1": [ + "string" + ], + "additionalProp2": [ + "string" + ], + "additionalProp3": [ + "string" + ] + }, + "queryStringParameters": { + "additionalProp1": "string", + "additionalProp2": "string", + "additionalProp3": "string" + }, + "multiValueQueryStringParameters": { + "additionalProp1": [ + "string" + ], + "additionalProp2": [ + "string" + ], + "additionalProp3": [ + "string" + ] + }, + "requestContext": { + "accountId": "string", + "apiId": "string", + "authorizer": { + "claims": {}, + "scopes": [ + "string" + ] + }, + "stage": "string", + "protocol": "string", + "identity": { + "accessKey": "string", + "accountId": "string", + "apiKey": "string", + "apiKeyId": "string", + "caller": "string", + "cognitoAuthenticationProvider": "string", + "cognitoAuthenticationType": "string", + "cognitoIdentityId": "string", + "cognitoIdentityPoolId": "string", + "principalOrgId": "string", + "sourceIp": "string", + "user": "string", + "userAgent": "string", + "userArn": "string", + "clientCert": { + "clientCertPem": "string", + "subjectDN": "string", + "issuerDN": "string", + "serialNumber": "string", + "validity": { + "notBefore": "string", + "notAfter": "string" + } + } + }, + "requestId": "string", + "requestTime": "string", + "requestTimeEpoch": "2024-11-08T17:54:51.062Z", + "resourceId": "string", + "resourcePath": "string", + "domainName": "string", + "domainPrefix": "string", + "extendedRequestId": "string", + "httpMethod": "DELETE", + "path": "string", + "connectedAt": "2024-11-08T17:54:51.062Z", + "connectionId": "string", + "eventType": "CONNECT", + "messageDirection": "string", + "messageId": "string", + "routeKey": "string", + "operationName": "string" + }, + "pathParameters": { + "cloudPlatform": "AWS" + }, + "stageVariables": { + "additionalProp1": "string", + "additionalProp2": "string", + "additionalProp3": "string" + }, + "isBase64Encoded": true, + "body": { + "workspaces": [ + { + "organization": "string", + "workspaceType": "account", + "workspaceId": "string", + "workspaceName": "string" + } + ], + "entities": [ + { + "delegationId": 0, + "entityType": "Group", + "entityId": "string", + "entityName": "string", + "directoryId": "string", + "directoryName": "string", + "entityEmail": "string", + "serviceType": "string", + "userPrincipal": "string" + } + ] + } + } + ``` + + #### Example Response (201 Created) + ``` + "" + ``` + + ## Response Status Codes + - 201 - Delegation added successfully + - 400 - Bad Request + - 500 - Internal server error + +} diff --git a/SaaS/Cloud Visibility/Delegations/Export Delegations.bru b/SaaS/Cloud Visibility/Delegations/Export Delegations.bru new file mode 100644 index 0000000..3b37bc8 --- /dev/null +++ b/SaaS/Cloud Visibility/Delegations/Export Delegations.bru @@ -0,0 +1,83 @@ +meta { + name: Export Delegations + type: http + seq: 3 +} + +post { + url: https://{{identityTenantName}}-cem.cyberark.cloud/api/delegations/workspace/export + body: json + auth: none +} + +body:json { + { + "filters": {}, + //"searchString": "string", + "offset": 0, + "limit": 1000 + } +} + +vars:pre-request { + cloudPlatform: AWS + workspaceId: 297915674260 + workspaceType: account +} + +assert { + res.status: eq 200 + res.body: isString +} + +script:pre-request { + const platformTokenAuth = require('./tools/platformTokenAuth'); + + // Perform authentication usings platformToken.js tools + await platformTokenAuth.login(); +} + +docs { + ## Export Delegations + Export configured delegations + + ### Request URL + https://-cem.cyberark.cloud/api/delegations/workspace/export + + #### Request Resource Information + | HTTP Method | Content Type | + | :-- | :-- | + | POST | application/json | + + #### Request Query Parameters + None + + #### Request Schema + | Parameter | Required | Description | + | :-- | :-- |:-- | + | cloudPlatform | yes | Name of Cloud Service Provider. **Valid Values:** AWS, GCP, AZURE | + | workspaceId | | | + | workspaceType | yes | Type of supported workspace. **Valid Values:** account, root, ou, directory, management_group, subscription, gcp_organization, folder, project | + + #### Example Request Body + ``` + { + "filters": {}, + "searchString": "string", + "offset": 0, + "limit": 1000 + } + ``` + + #### Example Response (201 Created) + ``` + "Workspace","WorkspaceType","Delegates" + "Example AWS Org","AWS root","Example Team" + ``` + + ## Response Status Codes + - 200 - Delegation successfully exported + - 404 - Not Found + - 500 - Internal server error + +} diff --git a/SaaS/Cloud Visibility/Delegations/Retrieve Delegation Details.bru b/SaaS/Cloud Visibility/Delegations/Retrieve Delegation Details.bru new file mode 100644 index 0000000..14eae2b --- /dev/null +++ b/SaaS/Cloud Visibility/Delegations/Retrieve Delegation Details.bru @@ -0,0 +1,87 @@ +meta { + name: Retrieve Delegation Details + type: http + seq: 2 +} + +post { + url: https://{{identityTenantName}}-cem.cyberark.cloud/api/delegations/workspace/details + body: json + auth: none +} + +body:json { + { + "cloudPlatform": "{{cloudPlatform}}", + "workspaceId": "{{workspaceId}}", + "workspaceType": "{{workspaceType}}" + } +} + +vars:pre-request { + cloudPlatform: AWS + workspaceId: Exmaple AWS Org + workspaceType: root +} + +assert { + res.status: eq 200 + res.body: isJson +} + +script:pre-request { + const platformTokenAuth = require('./tools/platformTokenAuth'); + + // Perform authentication usings platformToken.js tools + await platformTokenAuth.login(); +} + +docs { + ## Get Delegation Details + Get the list of owners associated with the given workspace + + ### Request URL + https://-cem.cyberark.cloud/api/delegations/workspace/details + + #### Request Resource Information + | HTTP Method | Content Type | + | :-- | :-- | + | POST | application/json | + + #### Request Query Parameters + None + + #### Request Schema + | Parameter | Required | Description | + | :-- | :-- |:-- | + | cloudPlatform | yes | Name of Cloud Service Provider. **Valid Values:** AWS, GCP, AZURE | + | workspaceId | | | + | workspaceType | yes | Type of supported workspace. **Valid Values:** account, root, ou, directory, management_group, subscription, gcp_organization, folder, project | + + #### Example Request Body + ``` + { + "cloudPlatform": "AWS", + "workspaceId": "123435646342", + "workspaceType": "account" + } + ``` + + #### Example Response (200 OK) + ``` + { + "id": 0, + "cloudPlatform": "AWS", + "workspaceType": "root", + "workspaceId": "Example AWS Org", + "workspaceName": null, + "entities": [] + } + ``` + + ## Response Status Codes + - 201 - Delegation added successfully + - 400 - Bad Request + - 500 - Internal server error + +} diff --git a/SaaS/Cloud Visibility/Delegations/Update Delegation.bru b/SaaS/Cloud Visibility/Delegations/Update Delegation.bru new file mode 100644 index 0000000..77385df --- /dev/null +++ b/SaaS/Cloud Visibility/Delegations/Update Delegation.bru @@ -0,0 +1,191 @@ +meta { + name: Update Delegation + type: http + seq: 4 +} + +put { + url: https://{{identityTenantName}}-cem.cyberark.cloud/api/delegations/owner/{{id}} + body: json + auth: none +} + +body:json { + { + "cloudPlatform": "{{cloudPlatform}}", + "workspaceId": "{{workspaceId}}", + "workspaceType": "{{workspaceType}}" + } +} + +vars:pre-request { + id: +} + +assert { + res.status: eq 200 + res.body: isJson +} + +script:pre-request { + const platformTokenAuth = require('./tools/platformTokenAuth'); + + // Perform authentication usings platformToken.js tools + await platformTokenAuth.login(); +} + +docs { + ## Update Delegation Details + Update identities associated with a workspace + + ### Request URL + https://-cem.cyberark.cloud/api/delegations/owner/{id} + + #### Request Resource Information + | HTTP Method | Content Type | + | :-- | :-- | + | PUT | application/json | + + #### Request Query Parameters + None + + #### Example Request Body + ``` + { + "version": "string", + "resource": "string", + "path": "string", + "httpMethod": "POST", + "headers": { + "additionalProp1": "string", + "additionalProp2": "string", + "additionalProp3": "string" + }, + "multiValueHeaders": { + "additionalProp1": [ + "string" + ], + "additionalProp2": [ + "string" + ], + "additionalProp3": [ + "string" + ] + }, + "queryStringParameters": { + "additionalProp1": "string", + "additionalProp2": "string", + "additionalProp3": "string" + }, + "multiValueQueryStringParameters": { + "additionalProp1": [ + "string" + ], + "additionalProp2": [ + "string" + ], + "additionalProp3": [ + "string" + ] + }, + "requestContext": { + "accountId": "string", + "apiId": "string", + "authorizer": { + "claims": {}, + "scopes": [ + "string" + ] + }, + "stage": "string", + "protocol": "string", + "identity": { + "accessKey": "string", + "accountId": "string", + "apiKey": "string", + "apiKeyId": "string", + "caller": "string", + "cognitoAuthenticationProvider": "string", + "cognitoAuthenticationType": "string", + "cognitoIdentityId": "string", + "cognitoIdentityPoolId": "string", + "principalOrgId": "string", + "sourceIp": "string", + "user": "string", + "userAgent": "string", + "userArn": "string", + "clientCert": { + "clientCertPem": "string", + "subjectDN": "string", + "issuerDN": "string", + "serialNumber": "string", + "validity": { + "notBefore": "string", + "notAfter": "string" + } + } + }, + "requestId": "string", + "requestTime": "string", + "requestTimeEpoch": "2024-11-08T17:54:51.062Z", + "resourceId": "string", + "resourcePath": "string", + "domainName": "string", + "domainPrefix": "string", + "extendedRequestId": "string", + "httpMethod": "DELETE", + "path": "string", + "connectedAt": "2024-11-08T17:54:51.062Z", + "connectionId": "string", + "eventType": "CONNECT", + "messageDirection": "string", + "messageId": "string", + "routeKey": "string", + "operationName": "string" + }, + "pathParameters": { + "cloudPlatform": "AWS" + }, + "stageVariables": { + "additionalProp1": "string", + "additionalProp2": "string", + "additionalProp3": "string" + }, + "isBase64Encoded": true, + "body": { + "workspaces": [ + { + "organization": "string", + "workspaceType": "account", + "workspaceId": "string", + "workspaceName": "string" + } + ], + "entities": [ + { + "delegationId": 0, + "entityType": "Group", + "entityId": "string", + "entityName": "string", + "directoryId": "string", + "directoryName": "string", + "entityEmail": "string", + "serviceType": "string", + "userPrincipal": "string" + } + ] + } + } + ``` + + #### Example Response (201 Created) + ``` + "" + ``` + + ## Response Status Codes + - 201 - Delegation added successfully + - 404 - Not Found + - 500 - Internal server error + +} diff --git a/SaaS/Cloud Visibility/Identities/Search Identities.bru b/SaaS/Cloud Visibility/Identities/Search Identities.bru new file mode 100644 index 0000000..2223436 --- /dev/null +++ b/SaaS/Cloud Visibility/Identities/Search Identities.bru @@ -0,0 +1,145 @@ +meta { + name: Search Identities + type: http + seq: 1 +} + +post { + url: https://{{identityTenantName}}-cem.cyberark.cloud/api/identities + body: json + auth: none +} + +body:json { + { + "paginationData": { + "limit": 5, + "nextToken": 5 + }, + "filter": { + "admin": true + } + } +} + +assert { + res.body: isJson + res.status: eq 200 +} + +script:pre-request { + const platformTokenAuth = require('./tools/platformTokenAuth'); + + // Perform authentication usings platformToken.js tools + await platformTokenAuth.login(); +} + +docs { + ## Search identities + This section describes the API for retrieving a list of identities in Cloud Visibility. + + ### Request URL + https://-cem.cyberark.cloud/api/identities + + #### Request Resource Information + | HTTP Method | Content Type | + | :-- | :-- | + | POST | application/json | + + #### Request Query Parameters + None + + ### Example Request Body + ``` + { + "paginationData": { + "limit": 5, + "nextToken": 5 + }, + "filter": { + "admin": true + } + } + ``` + + #### Example Response (20O OK) + ``` + { + "next_token": "10", + "identities": [ + { + "uid": "28515795-2bad-4468-8eb7-026a68520adf#gcpIamGoogleAccount#123456789123#adam@example.com.com", + "name": "adam@example.com.com", + "admin": true, + "entitlements_analysis": [ + "vandelay-logging-project-sca", + "1012709190570", + "pivotal-valve-321402" + ], + "number_of_workspaces": 3, + "identity_type": "GCP_IAM_GOOGLE_ACCOUNT" + }, + { + "uid": "28515795-2bad-4468-8eb7-026a68520adf#gcpIamGoogleAccount#123456789123#jerry@example.com.com", + "name": "jerry@example.com.com", + "admin": true, + "entitlements_analysis": [ + "1012709190570", + "sacred-ember-321523", + "vandelay-logging-project" + ], + "number_of_workspaces": 3, + "identity_type": "GCP_IAM_GOOGLE_ACCOUNT" + }, + { + "uid": "28515795-2bad-4468-8eb7-026a68520adf#gcpIamServiceAccount#123456789123#cyberark-reconcile@resolute-might-399019.iam.gserviceaccount.com", + "name": "cyberark-reconcile@resolute-might-399019.iam.gserviceaccount.com", + "admin": true, + "entitlements_analysis": [ + "resolute-might-399019" + ], + "number_of_workspaces": 1, + "identity_type": "GCP_IAM_SERVICE_ACCOUNT" + }, + { + "uid": "28515795-2bad-4468-8eb7-026a68520adf#gcpIamGroup#123456789123#sca_6acde23b@example.com", + "name": "sca_6acde23b@say-vandelay.com", + "admin": true, + "entitlements_analysis": [ + "1012709190570" + ], + "number_of_workspaces": 1, + "identity_type": "GCP_IAM_GROUP" + }, + { + "uid": "28515795-2bad-4468-8eb7-026a68520adf#azureUser#123a12ab-1234-1234-abcd-123abcd1abcd", + "name": "John Doe", + "admin": true, + "entitlements_analysis": [ + "root-group-cbe3df52-24db-4656-b055-90f95a9a1cd8", + "163c7d59-0e21-4684-bdfd-93f4c9e33322", + "8797f551-f885-462b-bd02-7c7cb5d8ccd8" + ], + "number_of_workspaces": 3, + "identity_type": "AZURE_USER" + } + ] + } + ``` + + ### Response Codes + | Return Code | Code Number | Description | + | --- | --- | :-- | + | Success | 200 | The request succeeded. The actual response will depend on the request method used. | + | Created | 201 | The request was fulfilled and resulted in a new resource being created. | + | Accepted | 202 | The request has been accepted for processing. | + | No Content | 204 | The server successfully processed the request and is not returning any content (no response body). This code is typically returned by DELETE requests. | + | Bad Request | 400 | The request could not be understood by the server due to incorrect syntax. | + | Unauthorized | 401 | The request requires user authentication. | + | Forbidden | 403 | The server received and understood the request, but will not fulfill it. Authorization will not help and the request MUST NOT be repeated. | + | Not Found | 404 | The server did not find anything that matches the Request-URI. No indication is given of whether the condition is temporary or permanent. | + | Conflict | 409 | The request could not be completed due to a conflict with the current state of the resource. | + | Too Many Requests | 429 | The user has sent too many requests in a given amount of time ("rate limiting"). | + | Internal Server Error | 500 | The server encountered an unexpected condition which prevented it from fulfilling the request. | + | Not Implemented | 501 | The server does not support this operation due to version incompatibility. | +} diff --git a/SaaS/Cloud Entitlements Manager/Scan/Scan Status.bru b/SaaS/Cloud Visibility/Scan/Scan Status.bru similarity index 59% rename from SaaS/Cloud Entitlements Manager/Scan/Scan Status.bru rename to SaaS/Cloud Visibility/Scan/Scan Status.bru index ccba64a..7fed540 100644 --- a/SaaS/Cloud Entitlements Manager/Scan/Scan Status.bru +++ b/SaaS/Cloud Visibility/Scan/Scan Status.bru @@ -19,7 +19,7 @@ body:json { } assert { - res.body: isJson + res.body: isJson res.status: eq 200 } @@ -31,14 +31,24 @@ script:pre-request { } docs { - Trigger scan via public REST APIs. + ## Get Scan Status + Returns the status of the scan. - ## Response Status Codes - - 200 - Get all workspaces - - 400 - Bad request - - 500 - Internal server error + ### Request URL + https://-cem.cyberark.cloud/api/scan/status - ## Example Success Response + #### Request Resource Information + | HTTP Method | Content Type | + | :-- | :-- | + | GET | application/json | + + #### Request Query Parameters + None + + ### Example Request Body + None + + #### Example Response ``` { "isScanRunning": false diff --git a/SaaS/Cloud Entitlements Manager/Scan/Scan.bru b/SaaS/Cloud Visibility/Scan/Scan.bru similarity index 58% rename from SaaS/Cloud Entitlements Manager/Scan/Scan.bru rename to SaaS/Cloud Visibility/Scan/Scan.bru index d28bcfe..5354291 100644 --- a/SaaS/Cloud Entitlements Manager/Scan/Scan.bru +++ b/SaaS/Cloud Visibility/Scan/Scan.bru @@ -18,7 +18,7 @@ body:json { assert { res.status: eq 200 - res.body: isJson + res.body: isJson } script:pre-request { @@ -29,14 +29,31 @@ script:pre-request { } docs { - Trigger scan via public REST APIs. + ## Trigger Scan + Trigger CEM scan on a customer's tenant + + ### Request URL + https://-cem.cyberark.cloud/api/scan + + #### Request Resource Information + | HTTP Method | Content Type | + | :-- | :-- | + | POST | application/json | + + #### Request Query Parameters + None + + ### Example Request Body + None + + #### Example Response (200 OK) + ``` + {} + ``` ## Response Status Codes - 200 - Get all workspaces - 500 - Internal server error - ## Example Success Response - ``` - ``` } diff --git a/SaaS/Cloud Entitlements Manager/Workspaces/Connect.bru b/SaaS/Cloud Visibility/Workspaces/Connect.bru similarity index 58% rename from SaaS/Cloud Entitlements Manager/Workspaces/Connect.bru rename to SaaS/Cloud Visibility/Workspaces/Connect.bru index b32bb30..c338e2d 100644 --- a/SaaS/Cloud Entitlements Manager/Workspaces/Connect.bru +++ b/SaaS/Cloud Visibility/Workspaces/Connect.bru @@ -20,7 +20,7 @@ body:json { assert { res.status: eq 200 - res.body: isJson + res.body: isJson } script:pre-request { @@ -31,9 +31,21 @@ script:pre-request { } docs { - This section describes the API for connecting workspaces in Cloud Entitlements Manager. + ## Connect Workspace + Connect a workspace - ## Schema + ### Request URL + https://-cem.cyberark.cloud/api/new_account/workspaces/connect + + #### Request Resource Information + | HTTP Method | Content Type | + | :-- | :-- | + | POST | application/json | + + #### Request Query Parameters + None + + #### Request Schema WorkspaceInputData - workspaceId: string - platformType: string [ aws, azure, gcp ] @@ -43,7 +55,25 @@ docs { - num_of_leaves_to_connect: integer - num_of_connected_leaves: integer + #### Example Request Body + ``` + { + "workspaceId": "196116890505", + "platformType": "aws", + "hierarchyTreeLevel": "LEAF" + } + ``` + + #### Example Response (200 OK) + ``` + { + "num_of_leaves_to_connect": 1, + "num_of_connected_leaves": 1 + } + ``` + ## Response Status Codes - 200 - Connection successfully completed - 500 - Internal server error + } diff --git a/SaaS/Cloud Entitlements Manager/Workspaces/Create AWS Account.bru b/SaaS/Cloud Visibility/Workspaces/Create AWS Account.bru similarity index 60% rename from SaaS/Cloud Entitlements Manager/Workspaces/Create AWS Account.bru rename to SaaS/Cloud Visibility/Workspaces/Create AWS Account.bru index 1a87afa..247bb77 100644 --- a/SaaS/Cloud Entitlements Manager/Workspaces/Create AWS Account.bru +++ b/SaaS/Cloud Visibility/Workspaces/Create AWS Account.bru @@ -29,14 +29,39 @@ script:pre-request { } docs { - This section describes the API for validating account configuration and if successful, onboards your accounts to Cloud Entitlements Manager. + ## Create AWS Account + This method enables you to validate account configuration and if successful, onboards your accounts. - ## Schemas + ### Request URL + https://-cem.cyberark.cloud/api/new_account/platforms/aws/workspaces + #### Request Resource Information + | HTTP Method | Content Type | + | :-- | :-- | + | POST | application/json | + + #### Request Query Parameters + None + + #### Request Schema + + #### Example Request Body + ``` + { + "accountId": 123456789012, + "iamRoleArn": "arn:aws:iam::123456789012:role/CyberArkRoleForCEM223673983569", + "deploymentRegion": "us-west-2" + } + ``` + + #### Example Response (200 OK) + ``` + "" + ``` ## Response Status Codes - - 200 - Get all workspaces - - 400 - Validation error + - 200 - Connection successfully completed + - 500 - Internal server error ## Error Example Response ``` diff --git a/SaaS/Cloud Entitlements Manager/Workspaces/Delete.bru b/SaaS/Cloud Visibility/Workspaces/Delete.bru similarity index 58% rename from SaaS/Cloud Entitlements Manager/Workspaces/Delete.bru rename to SaaS/Cloud Visibility/Workspaces/Delete.bru index f08b414..60fa6cd 100644 --- a/SaaS/Cloud Entitlements Manager/Workspaces/Delete.bru +++ b/SaaS/Cloud Visibility/Workspaces/Delete.bru @@ -26,9 +26,21 @@ script:pre-request { } docs { - This section describes the API for deleting workspaces in Cloud Entitlements Manager. + ## Delete Workspace + Delete a workspace - ## Schema + ### Request URL + https://-cem.cyberark.cloud/api/new_account/workspaces/delete + + #### Request Resource Information + | HTTP Method | Content Type | + | :-- | :-- | + | POST | application/json | + + #### Request Query Parameters + None + + #### Request Schema WorkspaceInputData - workspaceId: string - platformType: string [ aws, azure, gcp ] @@ -38,7 +50,22 @@ docs { - num_of_leaves_to_connect: integer - num_of_connected_leaves: integer + #### Example Request Body + ``` + { + "workspaceId": "196116890505", + "platformType": "aws", + "hierarchyTreeLevel": "LEAF" + } + ``` + + #### Example Response (200 OK) + ``` + "" + ``` + ## Response Status Codes - - 200 - Deletion successfully completed + - 200 - Connection successfully completed - 500 - Internal server error + } diff --git a/SaaS/Cloud Entitlements Manager/Workspaces/Disconnect.bru b/SaaS/Cloud Visibility/Workspaces/Disconnect.bru similarity index 59% rename from SaaS/Cloud Entitlements Manager/Workspaces/Disconnect.bru rename to SaaS/Cloud Visibility/Workspaces/Disconnect.bru index d411722..dcf8ff4 100644 --- a/SaaS/Cloud Entitlements Manager/Workspaces/Disconnect.bru +++ b/SaaS/Cloud Visibility/Workspaces/Disconnect.bru @@ -30,9 +30,21 @@ script:pre-request { } docs { - This section describes the API for disconnecting workspaces in Cloud Entitlements Manager. + ## Disconnect Workspace + Disconnect a workspace - ## Schema + ### Request URL + https://-cem.cyberark.cloud/api/new_account/workspaces/disconnect + + #### Request Resource Information + | HTTP Method | Content Type | + | :-- | :-- | + | POST | application/json | + + #### Request Query Parameters + None + + #### Request Schema WorkspaceInputData - workspaceId: string - platformType: string [ aws, azure, gcp ] @@ -42,7 +54,22 @@ docs { - num_of_leaves_to_connect: integer - num_of_connected_leaves: integer + #### Example Request Body + ``` + { + "workspaceId": "196116890505", + "platformType": "aws", + "hierarchyTreeLevel": "LEAF" + } + ``` + + #### Example Response (200 OK) + ``` + "" + ``` + ## Response Status Codes - - 200 - Disconnection successfully completed + - 200 - Connection successfully completed - 500 - Internal server error + } diff --git a/SaaS/Cloud Visibility/Workspaces/Get Workspaces.bru b/SaaS/Cloud Visibility/Workspaces/Get Workspaces.bru new file mode 100644 index 0000000..7f8c99c --- /dev/null +++ b/SaaS/Cloud Visibility/Workspaces/Get Workspaces.bru @@ -0,0 +1,108 @@ +meta { + name: Get Workspaces + type: http + seq: 1 +} + +get { + url: https://{{identityTenantName}}-cem.cyberark.cloud/api/customer/platforms/workspaces/ + body: none + auth: none +} + +body:json { + { + "workspaceId": "string", + "platformType": "aws", + "hierarchyTreeLevel": "LEAF" + } +} + +assert { + res.body: isJson + res.status: eq 200 +} + +script:pre-request { + const platformTokenAuth = require('./tools/platformTokenAuth'); + + // Perform authentication usings platformToken.js tools + await platformTokenAuth.login(); +} + +docs { + ## Get Workspaces + This section describes the API for retrieving a list of workspaces in Cloud Visibility. + ### Request URL + https://-cem.cyberark.cloud/api/customer/platforms/workspaces + + #### Request Resource Information + | HTTP Method | Content Type | + | :-- | :-- | + | GET | application/json | + + #### Request Query Parameters + None + + ### Example Request Body + None + + #### Example Response + ``` + { + "data": [ + { + "platform": "aws", + "workspaces": [ + { + "workspace_id": "123244353563", + "workspace_status": "READY_FOR_CONNECTION", + "workspace_name": "example-internal" + }, + { + "workspace_id": "123244353563", + "workspace_status": "READY_FOR_CONNECTION" + } + ] + }, + { + "platform": "azure", + "workspaces": [ + { + "workspace_id": "12abcd12-abcd-1234-1234-ef3cb2c2e43c", + "workspace_status": "CONNECTED", + "workspace_name": "prod_nextgen_mobile" + }, + { + "workspace_id": "12abcd12-abcd-1234-1234-ef3cb2c2e43c", + "workspace_status": "READY_FOR_CONNECTION", + "workspace_name": "New-Subscription" + }, + { + "workspace_id": "12abcd12-abcd-1234-1234-ef3cb2c2e43c", + "workspace_status": "CONNECTED", + "workspace_name": "dev_nextgen_mobile" + } + ] + }, + { + "platform": "gcp", + "workspaces": [ + { + "workspace_id": "non-prod-infra-123456", + "workspace_status": "CONNECTED" + }, + { + "workspace_id": "number-prod", + "workspace_status": "READY_FOR_CONNECTION" + }, + { + "workspace_id": "number-dev", + "workspace_status": "READY_FOR_CONNECTION" + } + ] + } + ] + } + ``` +}