From 87a15d7bb8aad80913ae3f305547bdf5c6a399cc Mon Sep 17 00:00:00 2001 From: Josema Camacho Date: Thu, 2 Jul 2026 09:27:22 +0200 Subject: [PATCH] feat(api): support timestamp precision in findings filters (#11754) --- api/CHANGELOG.md | 4 + api/src/backend/api/filters.py | 265 +++- api/src/backend/api/specs/v1.yaml | 1914 +++++++++++++++++++---- api/src/backend/api/tests/test_views.py | 202 +++ api/src/backend/api/v1/views.py | 3 + 5 files changed, 2016 insertions(+), 372 deletions(-) diff --git a/api/CHANGELOG.md b/api/CHANGELOG.md index d1db284e33..90a7a5051f 100644 --- a/api/CHANGELOG.md +++ b/api/CHANGELOG.md @@ -4,6 +4,10 @@ All notable changes to the **Prowler API** are documented in this file. ## [1.33.0] (Prowler UNRELEASED) +### 🚀 Added + +- Added timestamp precision support for `/api/v1/findings` `inserted_at` and `updated_at` filters [(#11754)](https://github.com/prowler-cloud/prowler/pull/11754) + ### 🔄 Changed - Attack Paths: AWS Neptune is now supported as a persistent sink database, selectable via `ATTACK_PATHS_SINK_DATABASE=neptune` (default `neo4j`), Cartography's (bumped to 0.138.1) per-scan ingest database stays on Neo4j [(#11524)](https://github.com/prowler-cloud/prowler/pull/11524) diff --git a/api/src/backend/api/filters.py b/api/src/backend/api/filters.py index 740556329c..a7f888b453 100644 --- a/api/src/backend/api/filters.py +++ b/api/src/backend/api/filters.py @@ -67,6 +67,7 @@ from django_filters.rest_framework import ( ) from rest_framework_json_api.django_filters.backends import DjangoFilterBackend from rest_framework_json_api.serializers import ValidationError +from uuid6 import UUID class CustomDjangoFilterBackend(DjangoFilterBackend): @@ -672,35 +673,32 @@ class LatestResourceFilter(ProviderRelationshipFilterSet): return queryset.filter(tags__text_search=value) -class FindingFilter(CommonFindingFilters): +FINDING_BASE_FILTER_FIELDS = { + "id": ["exact", "in"], + "uid": ["exact", "in"], + "scan": ["exact", "in"], + "delta": ["exact", "in"], + "status": ["exact", "in"], + "severity": ["exact", "in"], + "impact": ["exact", "in"], + "check_id": ["exact", "in", "icontains"], +} + + +class BaseFindingFilter(CommonFindingFilters): + DATE_FILTER_FIELDS = () + DATE_FILTER_NAMES = () + DATE_RANGE_HELP_TEXT = ( + f"Maximum date range is {settings.FINDINGS_MAX_DAYS_IN_RANGE} days." + ) + DATE_FILTER_REQUIRED_DETAIL = "At least one date filter is required." + scan = UUIDFilter(method="filter_scan_id") scan__in = UUIDInFilter(method="filter_scan_id_in") - inserted_at = DateFilter(method="filter_inserted_at", lookup_expr="date") - inserted_at__date = DateFilter(method="filter_inserted_at", lookup_expr="date") - inserted_at__gte = DateFilter( - method="filter_inserted_at_gte", - help_text=f"Maximum date range is {settings.FINDINGS_MAX_DAYS_IN_RANGE} days.", - ) - inserted_at__lte = DateFilter( - method="filter_inserted_at_lte", - help_text=f"Maximum date range is {settings.FINDINGS_MAX_DAYS_IN_RANGE} days.", - ) - class Meta: model = Finding - fields = { - "id": ["exact", "in"], - "uid": ["exact", "in"], - "scan": ["exact", "in"], - "delta": ["exact", "in"], - "status": ["exact", "in"], - "severity": ["exact", "in"], - "impact": ["exact", "in"], - "check_id": ["exact", "in", "icontains"], - "inserted_at": ["date", "gte", "lte"], - "updated_at": ["gte", "lte"], - } + fields = FINDING_BASE_FILTER_FIELDS filter_overrides = { FindingDeltaEnumField: { "filter_class": CharFilter, @@ -723,17 +721,13 @@ class FindingFilter(CommonFindingFilters): return queryset.filter(resource_services__contains=[value]) def filter_queryset(self, queryset): - if not (self.data.get("scan") or self.data.get("scan__in")) and not ( - self.data.get("inserted_at") - or self.data.get("inserted_at__date") - or self.data.get("inserted_at__gte") - or self.data.get("inserted_at__lte") + if not (self.data.get("scan") or self.data.get("scan__in")) and not any( + self.data.get(filter_name) for filter_name in self.DATE_FILTER_NAMES ): raise ValidationError( [ { - "detail": "At least one date filter is required: filter[inserted_at], filter[inserted_at.gte], " - "or filter[inserted_at.lte].", + "detail": self.DATE_FILTER_REQUIRED_DETAIL, "status": 400, "source": {"pointer": "/data/attributes/inserted_at"}, "code": "required", @@ -742,31 +736,42 @@ class FindingFilter(CommonFindingFilters): ) cleaned = self.form.cleaned_data - exact_date = cleaned.get("inserted_at") or cleaned.get("inserted_at__date") - gte_date = cleaned.get("inserted_at__gte") or exact_date - lte_date = cleaned.get("inserted_at__lte") or exact_date - - if gte_date is None: - gte_date = datetime.now(UTC).date() - if lte_date is None: - lte_date = datetime.now(UTC).date() - - if abs(lte_date - gte_date) > timedelta( - days=settings.FINDINGS_MAX_DAYS_IN_RANGE - ): - raise ValidationError( - [ - { - "detail": f"The date range cannot exceed {settings.FINDINGS_MAX_DAYS_IN_RANGE} days.", - "status": 400, - "source": {"pointer": "/data/attributes/inserted_at"}, - "code": "invalid", - } - ] - ) + for field_name in self.DATE_FILTER_FIELDS: + self.validate_datetime_filter_range(cleaned, field_name) return super().filter_queryset(queryset) + def validate_datetime_filter_range(self, cleaned, field_name): + exact_value = cleaned.get(field_name) or cleaned.get(f"{field_name}__date") + gte_value = cleaned.get(f"{field_name}__gte") or exact_value + lte_value = cleaned.get(f"{field_name}__lte") or exact_value + + if not (exact_value or gte_value or lte_value): + return + + default_value = datetime.now(UTC).date() + gte_value = gte_value or default_value + lte_value = lte_value or default_value + + gte_datetime = self.filter_value_to_datetime(gte_value, field_name) + lte_datetime = self.filter_value_to_datetime(lte_value, field_name) + + if abs(lte_datetime - gte_datetime) <= timedelta( + days=settings.FINDINGS_MAX_DAYS_IN_RANGE + ): + return + + raise ValidationError( + [ + { + "detail": f"The date range cannot exceed {settings.FINDINGS_MAX_DAYS_IN_RANGE} days.", + "status": 400, + "source": {"pointer": f"/data/attributes/{field_name}"}, + "code": "invalid", + } + ] + ) + # Convert filter values to UUIDv7 values for use with partitioning def filter_scan_id(self, queryset, name, value): try: @@ -824,27 +829,169 @@ class FindingFilter(CommonFindingFilters): datetime_value = self.maybe_date_to_datetime(value) start = uuid7_start(datetime_to_uuid7(datetime_value)) end = uuid7_start(datetime_to_uuid7(datetime_value + timedelta(days=1))) - return queryset.filter(id__gte=start, id__lt=end) def filter_inserted_at_gte(self, queryset, name, value): datetime_value = self.maybe_date_to_datetime(value) start = uuid7_start(datetime_to_uuid7(datetime_value)) - return queryset.filter(id__gte=start) def filter_inserted_at_lte(self, queryset, name, value): datetime_value = self.maybe_date_to_datetime(value) end = uuid7_start(datetime_to_uuid7(datetime_value + timedelta(days=1))) - return queryset.filter(id__lt=end) @staticmethod def maybe_date_to_datetime(value): - dt = value + if isinstance(value, datetime): + return value if isinstance(value, date): - dt = datetime.combine(value, datetime.min.time(), tzinfo=UTC) - return dt + return datetime.combine(value, datetime.min.time(), tzinfo=UTC) + if isinstance(value, str): + return parse(value) + return value + + @classmethod + def filter_value_to_datetime(cls, value, field_name): + try: + datetime_value = cls.maybe_date_to_datetime(value) + except (TypeError, ValueError, OverflowError): + raise ValidationError( + [ + { + "detail": "Enter a valid date or datetime.", + "status": 400, + "source": {"pointer": f"/data/attributes/{field_name}"}, + "code": "invalid", + } + ] + ) + + if datetime_value.tzinfo is None: + return datetime_value.replace(tzinfo=UTC) + return datetime_value.astimezone(UTC) + + +class FindingFilter(BaseFindingFilter): + DATE_FILTER_FIELDS = ("inserted_at", "updated_at") + DATE_FILTER_NAMES = ( + "inserted_at", + "inserted_at__date", + "inserted_at__gte", + "inserted_at__lte", + "updated_at", + "updated_at__date", + "updated_at__gte", + "updated_at__lte", + ) + DATE_FILTER_REQUIRED_DETAIL = ( + "At least one date filter is required: filter[inserted_at], filter[updated_at], " + "filter[inserted_at.gte], filter[updated_at.gte], filter[inserted_at.lte], " + "or filter[updated_at.lte]." + ) + + inserted_at = CharFilter(method="filter_inserted_at") + inserted_at__date = DateFilter(method="filter_inserted_at", lookup_expr="date") + inserted_at__gte = CharFilter( + method="filter_inserted_at", + help_text=BaseFindingFilter.DATE_RANGE_HELP_TEXT, + ) + inserted_at__lte = CharFilter( + method="filter_inserted_at", + help_text=BaseFindingFilter.DATE_RANGE_HELP_TEXT, + ) + updated_at = CharFilter(method="filter_updated_at") + updated_at__date = DateFilter(method="filter_updated_at", lookup_expr="date") + updated_at__gte = CharFilter( + method="filter_updated_at", + help_text=BaseFindingFilter.DATE_RANGE_HELP_TEXT, + ) + updated_at__lte = CharFilter( + method="filter_updated_at", + help_text=BaseFindingFilter.DATE_RANGE_HELP_TEXT, + ) + + class Meta(BaseFindingFilter.Meta): + fields = FINDING_BASE_FILTER_FIELDS | { + "inserted_at": ["date", "gte", "lte"], + "updated_at": ["date", "gte", "lte"], + } + + def filter_inserted_at(self, queryset, name, value): + start, end = self.filter_value_to_datetime_bounds(value, "inserted_at") + + if name.endswith("__gte"): + return queryset.filter(id__gte=self.datetime_to_uuid7_boundary(start)) + if name.endswith("__lte"): + return queryset.filter(id__lt=self.datetime_to_uuid7_boundary(end)) + + return queryset.filter( + id__gte=self.datetime_to_uuid7_boundary(start), + id__lt=self.datetime_to_uuid7_boundary(end), + ) + + def filter_updated_at(self, queryset, name, value): + start, end = self.filter_value_to_datetime_bounds(value, "updated_at") + + if name.endswith("__gte"): + return queryset.filter(updated_at__gte=start) + if name.endswith("__lte"): + return queryset.filter(updated_at__lt=end) + + return queryset.filter(updated_at__gte=start, updated_at__lt=end) + + @classmethod + def filter_value_to_datetime_bounds(cls, value, field_name): + start = cls.filter_value_to_datetime(value, field_name) + if cls.is_date_filter_value(value): + return start, start + timedelta(days=1) + return start, start + timedelta(milliseconds=1) + + @staticmethod + def datetime_to_uuid7_boundary(datetime_value): + timestamp_ms = int(datetime_value.timestamp() * 1000) & 0xFFFFFFFFFFFF + uuid_int = timestamp_ms << 80 + uuid_int |= 0x7 << 76 + uuid_int |= 0x2 << 62 + return UUID(int=uuid_int) + + @staticmethod + def is_date_filter_value(value): + if isinstance(value, datetime): + return False + if isinstance(value, date): + return True + return isinstance(value, str) and len(value.strip()) == 10 + + +class FindingMetadataFilter(BaseFindingFilter): + DATE_FILTER_FIELDS = ("inserted_at",) + DATE_FILTER_NAMES = ( + "inserted_at", + "inserted_at__date", + "inserted_at__gte", + "inserted_at__lte", + ) + DATE_FILTER_REQUIRED_DETAIL = ( + "At least one date filter is required: filter[inserted_at], filter[inserted_at.gte], " + "or filter[inserted_at.lte]." + ) + + inserted_at = DateFilter(method="filter_inserted_at", lookup_expr="date") + inserted_at__date = DateFilter(method="filter_inserted_at", lookup_expr="date") + inserted_at__gte = DateFilter( + method="filter_inserted_at_gte", + help_text=BaseFindingFilter.DATE_RANGE_HELP_TEXT, + ) + inserted_at__lte = DateFilter( + method="filter_inserted_at_lte", + help_text=BaseFindingFilter.DATE_RANGE_HELP_TEXT, + ) + + class Meta(BaseFindingFilter.Meta): + fields = FINDING_BASE_FILTER_FIELDS | { + "inserted_at": ["date", "gte", "lte"], + } class LatestFindingFilter(CommonFindingFilters): diff --git a/api/src/backend/api/specs/v1.yaml b/api/src/backend/api/specs/v1.yaml index 767a3aaf78..2d80904575 100644 --- a/api/src/backend/api/specs/v1.yaml +++ b/api/src/backend/api/specs/v1.yaml @@ -9,7 +9,7 @@ info: paths: /api/v1/api-keys: get: - operationId: api_keys_list + operationId: api_v1_api_keys_list description: Retrieve a list of API keys for the tenant, with filtering support. summary: List API keys parameters: @@ -141,7 +141,7 @@ paths: $ref: '#/components/schemas/PaginatedTenantApiKeyList' description: '' post: - operationId: api_keys_create + operationId: api_v1_api_keys_create description: Create a new API key for the tenant. summary: Create a new API key tags: @@ -169,7 +169,7 @@ paths: description: '' /api/v1/api-keys/{id}: get: - operationId: api_keys_retrieve + operationId: api_v1_api_keys_retrieve description: Fetch detailed information about a specific API key by its ID. summary: Retrieve API key details parameters: @@ -220,7 +220,7 @@ paths: $ref: '#/components/schemas/TenantApiKeyResponse' description: '' patch: - operationId: api_keys_partial_update + operationId: api_v1_api_keys_partial_update description: Modify certain fields of an existing API key without affecting other settings. summary: Partially update an API key @@ -257,7 +257,7 @@ paths: description: '' /api/v1/api-keys/{id}/revoke: delete: - operationId: api_keys_revoke_destroy + operationId: api_v1_api_keys_revoke_destroy description: Revoke an API key by its ID. This action is irreversible and will prevent the key from being used. summary: Revoke an API key @@ -282,7 +282,7 @@ paths: description: API key was successfully revoked /api/v1/attack-paths-scans: get: - operationId: attack_paths_scans_list + operationId: api_v1_attack_paths_scans_list description: Retrieve Attack Paths scans for the tenant with support for filtering, ordering, and pagination. summary: List Attack Paths scans @@ -352,11 +352,26 @@ paths: description: Multiple values may be separated by commas. explode: false style: form + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + - in: query + name: filter[provider_groups__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form - in: query name: filter[provider_type] schema: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -370,10 +385,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- * `aws` - AWS * `azure` - Azure @@ -397,7 +412,7 @@ paths: type: array items: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -411,10 +426,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- Multiple values may be separated by commas. @@ -575,7 +590,7 @@ paths: description: '' /api/v1/attack-paths-scans/{id}: get: - operationId: attack_paths_scans_retrieve + operationId: api_v1_attack_paths_scans_retrieve description: Fetch full details for a specific Attack Paths scan. summary: Retrieve Attack Paths scan details parameters: @@ -635,7 +650,7 @@ paths: description: '' /api/v1/attack-paths-scans/{id}/queries: get: - operationId: attack_paths_scans_queries_retrieve + operationId: api_v1_attack_paths_scans_queries_retrieve description: Retrieve the catalog of Attack Paths queries available for this Attack Paths scan. summary: List Attack Paths queries @@ -698,7 +713,7 @@ paths: description: No queries found for the selected provider /api/v1/attack-paths-scans/{id}/queries/custom: post: - operationId: attack_paths_scans_queries_custom_create + operationId: api_v1_attack_paths_scans_queries_custom_create description: Execute a raw openCypher query against the Attack Paths graph. Results are filtered to the scan's provider and truncated to a maximum node count. @@ -745,7 +760,7 @@ paths: description: Query execution failed due to a database error /api/v1/attack-paths-scans/{id}/queries/run: post: - operationId: attack_paths_scans_queries_run_create + operationId: api_v1_attack_paths_scans_queries_run_create description: Execute the selected Attack Paths query against the Attack Paths graph and return the resulting subgraph. summary: Execute an Attack Paths query @@ -792,7 +807,7 @@ paths: description: Attack Paths query execution failed due to a database error /api/v1/attack-paths-scans/{id}/schema: get: - operationId: attack_paths_scans_schema_retrieve + operationId: api_v1_attack_paths_scans_schema_retrieve description: Return the cartography provider, version, and links to the schema documentation for the cloud provider associated with this Attack Paths scan. summary: Retrieve cartography schema metadata @@ -839,9 +854,11 @@ paths: description: Unable to retrieve cartography schema due to a database error /api/v1/compliance-overviews: get: - operationId: compliance_overviews_list - description: Retrieve an overview of all the compliance in a given scan. - summary: List compliance overviews for a scan + operationId: api_v1_compliance_overviews_list + description: Retrieve compliance overview data for a scan. When provider filters + are provided, the endpoint uses the latest completed scan for each matching + provider. + summary: List compliance overviews parameters: - in: query name: fields[compliance-overviews] @@ -900,6 +917,120 @@ paths: schema: type: string format: date-time + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + - in: query + name: filter[provider_groups__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form + - in: query + name: filter[provider_id] + schema: + type: string + format: uuid + - in: query + name: filter[provider_id__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form + - in: query + name: filter[provider_type] + schema: + type: string + x-spec-enum-id: 203afc16daac9b64 + enum: + - alibabacloud + - aws + - azure + - cloudflare + - gcp + - github + - googleworkspace + - iac + - image + - kubernetes + - m365 + - mongodbatlas + - okta + - openstack + - oraclecloud + - vercel + description: |- + * `aws` - AWS + * `azure` - Azure + * `gcp` - GCP + * `kubernetes` - Kubernetes + * `m365` - M365 + * `github` - GitHub + * `mongodbatlas` - MongoDB Atlas + * `iac` - IaC + * `oraclecloud` - Oracle Cloud Infrastructure + * `alibabacloud` - Alibaba Cloud + * `cloudflare` - Cloudflare + * `openstack` - OpenStack + * `image` - Image + * `googleworkspace` - Google Workspace + * `vercel` - Vercel + * `okta` - Okta + - in: query + name: filter[provider_type__in] + schema: + type: array + items: + type: string + x-spec-enum-id: 203afc16daac9b64 + enum: + - alibabacloud + - aws + - azure + - cloudflare + - gcp + - github + - googleworkspace + - iac + - image + - kubernetes + - m365 + - mongodbatlas + - okta + - openstack + - oraclecloud + - vercel + description: |- + Multiple values may be separated by commas. + + * `aws` - AWS + * `azure` - Azure + * `gcp` - GCP + * `kubernetes` - Kubernetes + * `m365` - M365 + * `github` - GitHub + * `mongodbatlas` - MongoDB Atlas + * `iac` - IaC + * `oraclecloud` - Oracle Cloud Infrastructure + * `alibabacloud` - Alibaba Cloud + * `cloudflare` - Cloudflare + * `openstack` - OpenStack + * `image` - Image + * `googleworkspace` - Google Workspace + * `vercel` - Vercel + * `okta` - Okta + explode: false + style: form - in: query name: filter[region] schema: @@ -922,8 +1053,7 @@ paths: schema: type: string format: uuid - description: Related scan ID. - required: true + description: Related scan ID. Required unless a provider filter is provided. - name: filter[search] required: false in: query @@ -998,7 +1128,7 @@ paths: description: Compliance overviews generation task failed /api/v1/compliance-overviews/attributes: get: - operationId: compliance_overviews_attributes_retrieve + operationId: api_v1_compliance_overviews_attributes_retrieve description: Retrieve detailed attribute information for all requirements in a specific compliance framework along with the associated check IDs for each requirement. @@ -1028,6 +1158,14 @@ paths: type: string description: Compliance framework ID to get attributes for. required: true + - in: query + name: filter[scan_id] + schema: + type: string + format: uuid + description: Scan ID used to resolve the provider for multi-provider universal + frameworks (e.g. CSA CCM), so the returned check IDs match the scan's provider. + When omitted, the first provider that declares the framework is used. tags: - Compliance Overview security: @@ -1041,9 +1179,10 @@ paths: description: Compliance attributes obtained successfully /api/v1/compliance-overviews/metadata: get: - operationId: compliance_overviews_metadata_retrieve - description: Fetch unique metadata values from a set of compliance overviews. - This is useful for dynamic filtering. + operationId: api_v1_compliance_overviews_metadata_retrieve + description: Fetch unique metadata values from compliance overviews. This is + useful for dynamic filtering. When provider filters are provided, metadata + is computed from the latest completed scan for each matching provider. summary: Retrieve metadata values from compliance overviews parameters: - in: query @@ -1057,13 +1196,209 @@ paths: description: endpoint return only specific fields in the response on a per-type basis by including a fields[TYPE] query parameter. explode: false + - in: query + name: filter[compliance_id] + schema: + type: string + - in: query + name: filter[compliance_id__icontains] + schema: + type: string + - in: query + name: filter[framework] + schema: + type: string + - in: query + name: filter[framework__icontains] + schema: + type: string + - in: query + name: filter[framework__iexact] + schema: + type: string + - in: query + name: filter[inserted_at] + schema: + type: string + format: date + - in: query + name: filter[inserted_at__date] + schema: + type: string + format: date + - in: query + name: filter[inserted_at__gte] + schema: + type: string + format: date-time + - in: query + name: filter[inserted_at__lte] + schema: + type: string + format: date-time + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + - in: query + name: filter[provider_groups__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form + - in: query + name: filter[provider_id] + schema: + type: string + format: uuid + - in: query + name: filter[provider_id__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form + - in: query + name: filter[provider_type] + schema: + type: string + x-spec-enum-id: 203afc16daac9b64 + enum: + - alibabacloud + - aws + - azure + - cloudflare + - gcp + - github + - googleworkspace + - iac + - image + - kubernetes + - m365 + - mongodbatlas + - okta + - openstack + - oraclecloud + - vercel + description: |- + * `aws` - AWS + * `azure` - Azure + * `gcp` - GCP + * `kubernetes` - Kubernetes + * `m365` - M365 + * `github` - GitHub + * `mongodbatlas` - MongoDB Atlas + * `iac` - IaC + * `oraclecloud` - Oracle Cloud Infrastructure + * `alibabacloud` - Alibaba Cloud + * `cloudflare` - Cloudflare + * `openstack` - OpenStack + * `image` - Image + * `googleworkspace` - Google Workspace + * `vercel` - Vercel + * `okta` - Okta + - in: query + name: filter[provider_type__in] + schema: + type: array + items: + type: string + x-spec-enum-id: 203afc16daac9b64 + enum: + - alibabacloud + - aws + - azure + - cloudflare + - gcp + - github + - googleworkspace + - iac + - image + - kubernetes + - m365 + - mongodbatlas + - okta + - openstack + - oraclecloud + - vercel + description: |- + Multiple values may be separated by commas. + + * `aws` - AWS + * `azure` - Azure + * `gcp` - GCP + * `kubernetes` - Kubernetes + * `m365` - M365 + * `github` - GitHub + * `mongodbatlas` - MongoDB Atlas + * `iac` - IaC + * `oraclecloud` - Oracle Cloud Infrastructure + * `alibabacloud` - Alibaba Cloud + * `cloudflare` - Cloudflare + * `openstack` - OpenStack + * `image` - Image + * `googleworkspace` - Google Workspace + * `vercel` - Vercel + * `okta` - Okta + explode: false + style: form + - in: query + name: filter[region] + schema: + type: string + - in: query + name: filter[region__icontains] + schema: + type: string + - in: query + name: filter[region__in] + schema: + type: array + items: + type: string + description: Multiple values may be separated by commas. + explode: false + style: form - in: query name: filter[scan_id] schema: type: string format: uuid - description: Related scan ID. - required: true + description: Related scan ID. Required unless a provider filter is provided. + - name: filter[search] + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: filter[version] + schema: + type: string + - in: query + name: filter[version__icontains] + schema: + type: string + - name: sort + required: false + in: query + description: '[list of fields to sort by](https://jsonapi.org/format/#fetching-sorting)' + schema: + type: array + items: + type: string + enum: + - compliance_id + - -compliance_id + explode: false tags: - Compliance Overview security: @@ -1100,11 +1435,12 @@ paths: description: Compliance overviews generation task failed /api/v1/compliance-overviews/requirements: get: - operationId: compliance_overviews_requirements_retrieve - description: Retrieve a detailed overview of compliance requirements in a given - scan, grouped by compliance framework. This endpoint provides requirement-level - details and aggregates status across regions. - summary: List compliance requirements overview for a scan + operationId: api_v1_compliance_overviews_requirements_retrieve + description: Retrieve a detailed overview of compliance requirements, grouped + by compliance framework. This endpoint provides requirement-level details + and aggregates status across regions. When provider filters are provided, + the endpoint uses the latest completed scan for each matching provider. + summary: List compliance requirements overview parameters: - in: query name: fields[compliance-requirements-details] @@ -1163,6 +1499,120 @@ paths: schema: type: string format: date-time + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + - in: query + name: filter[provider_groups__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form + - in: query + name: filter[provider_id] + schema: + type: string + format: uuid + - in: query + name: filter[provider_id__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form + - in: query + name: filter[provider_type] + schema: + type: string + x-spec-enum-id: 203afc16daac9b64 + enum: + - alibabacloud + - aws + - azure + - cloudflare + - gcp + - github + - googleworkspace + - iac + - image + - kubernetes + - m365 + - mongodbatlas + - okta + - openstack + - oraclecloud + - vercel + description: |- + * `aws` - AWS + * `azure` - Azure + * `gcp` - GCP + * `kubernetes` - Kubernetes + * `m365` - M365 + * `github` - GitHub + * `mongodbatlas` - MongoDB Atlas + * `iac` - IaC + * `oraclecloud` - Oracle Cloud Infrastructure + * `alibabacloud` - Alibaba Cloud + * `cloudflare` - Cloudflare + * `openstack` - OpenStack + * `image` - Image + * `googleworkspace` - Google Workspace + * `vercel` - Vercel + * `okta` - Okta + - in: query + name: filter[provider_type__in] + schema: + type: array + items: + type: string + x-spec-enum-id: 203afc16daac9b64 + enum: + - alibabacloud + - aws + - azure + - cloudflare + - gcp + - github + - googleworkspace + - iac + - image + - kubernetes + - m365 + - mongodbatlas + - okta + - openstack + - oraclecloud + - vercel + description: |- + Multiple values may be separated by commas. + + * `aws` - AWS + * `azure` - Azure + * `gcp` - GCP + * `kubernetes` - Kubernetes + * `m365` - M365 + * `github` - GitHub + * `mongodbatlas` - MongoDB Atlas + * `iac` - IaC + * `oraclecloud` - Oracle Cloud Infrastructure + * `alibabacloud` - Alibaba Cloud + * `cloudflare` - Cloudflare + * `openstack` - OpenStack + * `image` - Image + * `googleworkspace` - Google Workspace + * `vercel` - Vercel + * `okta` - Okta + explode: false + style: form - in: query name: filter[region] schema: @@ -1185,8 +1635,7 @@ paths: schema: type: string format: uuid - description: Related scan ID. - required: true + description: Related scan ID. Required unless a provider filter is provided. - name: filter[search] required: false in: query @@ -1249,7 +1698,7 @@ paths: description: Compliance overviews generation task failed /api/v1/finding-groups: get: - operationId: finding_groups_list + operationId: api_v1_finding_groups_list description: "\n Retrieve aggregated findings grouped by check_id.\n\n\ \ Each group shows:\n - Aggregated status (FAIL if any non-muted\ \ failure)\n - Maximum severity across all findings\n - Resource\ @@ -1422,6 +1871,21 @@ paths: description: Multiple values may be separated by commas. explode: false style: form + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + - in: query + name: filter[provider_groups__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form - in: query name: filter[provider_id] schema: @@ -1454,10 +1918,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- * `aws` - AWS * `azure` - Azure @@ -1494,10 +1958,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- Multiple values may be separated by commas. @@ -1799,7 +2263,7 @@ paths: description: '' /api/v1/finding-groups/{id}/resources: get: - operationId: finding_groups_resources_retrieve + operationId: api_v1_finding_groups_resources_retrieve description: "\n Retrieve resources affected by a specific check (finding\ \ group).\n\n Returns individual resources with their current status,\ \ severity,\n and timing information including how long they have been\ @@ -1970,6 +2434,21 @@ paths: description: Multiple values may be separated by commas. explode: false style: form + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + - in: query + name: filter[provider_groups__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form - in: query name: filter[provider_id] schema: @@ -2002,10 +2481,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- * `aws` - AWS * `azure` - Azure @@ -2042,10 +2521,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- Multiple values may be separated by commas. @@ -2342,12 +2821,12 @@ paths: description: '' /api/v1/finding-groups/latest: get: - operationId: finding_groups_latest_retrieve + operationId: api_v1_finding_groups_latest_retrieve description: "\n Retrieve the latest available state for each finding\ \ group (check_id).\n\n This endpoint returns finding groups without\ \ requiring date filters,\n automatically using the latest available\ - \ data per check_id.\n All other filters (provider_id, provider_type,\ - \ check_id) are still supported.\n " + \ data per check_id.\n Provider, provider group, check, and computed\ + \ filters are still supported.\n " summary: List latest finding groups parameters: - in: query @@ -2394,6 +2873,471 @@ paths: description: endpoint return only specific fields in the response on a per-type basis by including a fields[TYPE] query parameter. explode: false + - in: query + name: filter[category] + schema: + type: string + - in: query + name: filter[category__in] + schema: + type: array + items: + type: string + description: Multiple values may be separated by commas. + explode: false + style: form + - in: query + name: filter[check_id] + schema: + type: string + - in: query + name: filter[check_id__icontains] + schema: + type: string + - in: query + name: filter[check_id__in] + schema: + type: array + items: + type: string + description: Multiple values may be separated by commas. + explode: false + style: form + - in: query + name: filter[check_title__icontains] + schema: + type: string + - in: query + name: filter[delta] + schema: + type: string + enum: + - changed + - new + description: |- + * `new` - New + * `changed` - Changed + - in: query + name: filter[impact] + schema: + type: string + enum: + - critical + - high + - informational + - low + - medium + description: |- + * `critical` - Critical + * `high` - High + * `medium` - Medium + * `low` - Low + * `informational` - Informational + - in: query + name: filter[muted] + schema: + type: boolean + description: If this filter is not provided, muted and non-muted findings + will be returned. + - in: query + name: filter[provider] + schema: + type: string + format: uuid + - in: query + name: filter[provider__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form + - in: query + name: filter[provider_alias] + schema: + type: string + - in: query + name: filter[provider_alias__icontains] + schema: + type: string + - in: query + name: filter[provider_alias__in] + schema: + type: array + items: + type: string + description: Multiple values may be separated by commas. + explode: false + style: form + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + - in: query + name: filter[provider_groups__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form + - in: query + name: filter[provider_id] + schema: + type: string + format: uuid + - in: query + name: filter[provider_id__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form + - in: query + name: filter[provider_type] + schema: + type: string + enum: + - alibabacloud + - aws + - azure + - cloudflare + - gcp + - github + - googleworkspace + - iac + - image + - kubernetes + - m365 + - mongodbatlas + - okta + - openstack + - oraclecloud + - vercel + description: |- + * `aws` - AWS + * `azure` - Azure + * `gcp` - GCP + * `kubernetes` - Kubernetes + * `m365` - M365 + * `github` - GitHub + * `mongodbatlas` - MongoDB Atlas + * `iac` - IaC + * `oraclecloud` - Oracle Cloud Infrastructure + * `alibabacloud` - Alibaba Cloud + * `cloudflare` - Cloudflare + * `openstack` - OpenStack + * `image` - Image + * `googleworkspace` - Google Workspace + * `vercel` - Vercel + * `okta` - Okta + - in: query + name: filter[provider_type__in] + schema: + type: array + items: + type: string + enum: + - alibabacloud + - aws + - azure + - cloudflare + - gcp + - github + - googleworkspace + - iac + - image + - kubernetes + - m365 + - mongodbatlas + - okta + - openstack + - oraclecloud + - vercel + description: |- + Multiple values may be separated by commas. + + * `aws` - AWS + * `azure` - Azure + * `gcp` - GCP + * `kubernetes` - Kubernetes + * `m365` - M365 + * `github` - GitHub + * `mongodbatlas` - MongoDB Atlas + * `iac` - IaC + * `oraclecloud` - Oracle Cloud Infrastructure + * `alibabacloud` - Alibaba Cloud + * `cloudflare` - Cloudflare + * `openstack` - OpenStack + * `image` - Image + * `googleworkspace` - Google Workspace + * `vercel` - Vercel + * `okta` - Okta + explode: false + style: form + - in: query + name: filter[provider_uid] + schema: + type: string + - in: query + name: filter[provider_uid__icontains] + schema: + type: string + - in: query + name: filter[provider_uid__in] + schema: + type: array + items: + type: string + description: Multiple values may be separated by commas. + explode: false + style: form + - in: query + name: filter[region] + schema: + type: string + - in: query + name: filter[region__icontains] + schema: + type: string + - in: query + name: filter[region__in] + schema: + type: array + items: + type: string + description: Multiple values may be separated by commas. + explode: false + style: form + - in: query + name: filter[resource_groups] + schema: + type: string + - in: query + name: filter[resource_groups__in] + schema: + type: array + items: + type: string + description: Multiple values may be separated by commas. + explode: false + style: form + - in: query + name: filter[resource_name] + schema: + type: string + - in: query + name: filter[resource_name__icontains] + schema: + type: string + - in: query + name: filter[resource_name__in] + schema: + type: array + items: + type: string + description: Multiple values may be separated by commas. + explode: false + style: form + - in: query + name: filter[resource_type] + schema: + type: string + - in: query + name: filter[resource_type__icontains] + schema: + type: string + - in: query + name: filter[resource_type__in] + schema: + type: array + items: + type: string + description: Multiple values may be separated by commas. + explode: false + style: form + - in: query + name: filter[resource_uid] + schema: + type: string + - in: query + name: filter[resource_uid__icontains] + schema: + type: string + - in: query + name: filter[resource_uid__in] + schema: + type: array + items: + type: string + description: Multiple values may be separated by commas. + explode: false + style: form + - in: query + name: filter[resources] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form + - in: query + name: filter[scan] + schema: + type: string + format: uuid + - in: query + name: filter[scan__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form + - in: query + name: filter[service] + schema: + type: string + - in: query + name: filter[service__icontains] + schema: + type: string + - in: query + name: filter[service__in] + schema: + type: array + items: + type: string + description: Multiple values may be separated by commas. + explode: false + style: form + - in: query + name: filter[severity] + schema: + type: string + enum: + - critical + - high + - informational + - low + - medium + description: |- + * `critical` - Critical + * `high` - High + * `medium` - Medium + * `low` - Low + * `informational` - Informational + - in: query + name: filter[status] + schema: + type: string + enum: + - FAIL + - MANUAL + - PASS + description: |- + * `FAIL` - Fail + * `PASS` - Pass + * `MANUAL` - Manual + - in: query + name: filter[uid] + schema: + type: string + - in: query + name: filter[updated_at] + schema: + type: string + format: date + - name: sort + required: false + in: query + description: '[list of fields to sort by](https://jsonapi.org/format/#fetching-sorting)' + schema: + type: array + items: + type: string + enum: + - id + - -id + - check_id + - -check_id + - check_title + - -check_title + - check_description + - -check_description + - severity + - -severity + - status + - -status + - muted + - -muted + - impacted_providers + - -impacted_providers + - resources_fail + - -resources_fail + - resources_total + - -resources_total + - pass_count + - -pass_count + - fail_count + - -fail_count + - manual_count + - -manual_count + - pass_muted_count + - -pass_muted_count + - fail_muted_count + - -fail_muted_count + - manual_muted_count + - -manual_muted_count + - muted_count + - -muted_count + - new_count + - -new_count + - changed_count + - -changed_count + - new_fail_count + - -new_fail_count + - new_fail_muted_count + - -new_fail_muted_count + - new_pass_count + - -new_pass_count + - new_pass_muted_count + - -new_pass_muted_count + - new_manual_count + - -new_manual_count + - new_manual_muted_count + - -new_manual_muted_count + - changed_fail_count + - -changed_fail_count + - changed_fail_muted_count + - -changed_fail_muted_count + - changed_pass_count + - -changed_pass_count + - changed_pass_muted_count + - -changed_pass_muted_count + - changed_manual_count + - -changed_manual_count + - changed_manual_muted_count + - -changed_manual_muted_count + - first_seen_at + - -first_seen_at + - last_seen_at + - -last_seen_at + - failing_since + - -failing_since + explode: false tags: - Finding Groups security: @@ -2407,7 +3351,7 @@ paths: description: '' /api/v1/finding-groups/latest/{check_id}/resources: get: - operationId: finding_groups_latest_resources_retrieve + operationId: api_v1_finding_groups_latest_resources_retrieve description: "\n Retrieve resources affected by a specific check (finding\ \ group) from the\n latest completed scan for each provider.\n\n \ \ Returns individual resources with their current status, severity,\n\ @@ -2561,6 +3505,21 @@ paths: description: Multiple values may be separated by commas. explode: false style: form + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + - in: query + name: filter[provider_groups__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form - in: query name: filter[provider_id] schema: @@ -2593,10 +3552,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- * `aws` - AWS * `azure` - Azure @@ -2633,10 +3592,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- Multiple values may be separated by commas. @@ -2926,7 +3885,7 @@ paths: description: '' /api/v1/findings: get: - operationId: findings_list + operationId: api_v1_findings_list description: Retrieve a list of all findings with options for filtering by various criteria. summary: List all findings @@ -3068,13 +4027,11 @@ paths: name: filter[inserted_at__gte] schema: type: string - format: date description: Maximum date range is 7 days. - in: query name: filter[inserted_at__lte] schema: type: string - format: date description: Maximum date range is 7 days. - in: query name: filter[muted] @@ -3114,6 +4071,21 @@ paths: description: Multiple values may be separated by commas. explode: false style: form + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + - in: query + name: filter[provider_groups__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form - in: query name: filter[provider_id] schema: @@ -3133,7 +4105,7 @@ paths: name: filter[provider_type] schema: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -3147,10 +4119,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- * `aws` - AWS * `azure` - Azure @@ -3174,7 +4146,7 @@ paths: type: array items: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -3188,10 +4160,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- Multiple values may be separated by commas. @@ -3422,6 +4394,10 @@ paths: style: form - in: query name: filter[updated_at] + schema: + type: string + - in: query + name: filter[updated_at__date] schema: type: string format: date @@ -3429,12 +4405,12 @@ paths: name: filter[updated_at__gte] schema: type: string - format: date-time + description: Maximum date range is 7 days. - in: query name: filter[updated_at__lte] schema: type: string - format: date-time + description: Maximum date range is 7 days. - in: query name: include schema: @@ -3492,7 +4468,7 @@ paths: description: '' /api/v1/findings/{id}: get: - operationId: findings_retrieve + operationId: api_v1_findings_retrieve description: Fetch detailed information about a specific finding by its ID. summary: Retrieve data from a specific finding parameters: @@ -3556,7 +4532,7 @@ paths: description: '' /api/v1/findings/findings_services_regions: get: - operationId: findings_findings_services_regions_retrieve + operationId: api_v1_findings_findings_services_regions_retrieve description: Fetch services and regions affected in findings. summary: Retrieve the services and regions that are impacted by findings parameters: @@ -3668,7 +4644,6 @@ paths: name: filter[inserted_at] schema: type: string - format: date - in: query name: filter[inserted_at__date] schema: @@ -3678,13 +4653,11 @@ paths: name: filter[inserted_at__gte] schema: type: string - format: date description: Maximum date range is 7 days. - in: query name: filter[inserted_at__lte] schema: type: string - format: date description: Maximum date range is 7 days. - in: query name: filter[muted] @@ -3724,6 +4697,21 @@ paths: description: Multiple values may be separated by commas. explode: false style: form + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + - in: query + name: filter[provider_groups__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form - in: query name: filter[provider_id] schema: @@ -3743,7 +4731,7 @@ paths: name: filter[provider_type] schema: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -3757,10 +4745,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- * `aws` - AWS * `azure` - Azure @@ -3784,7 +4772,7 @@ paths: type: array items: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -3798,10 +4786,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- Multiple values may be separated by commas. @@ -4032,6 +5020,10 @@ paths: style: form - in: query name: filter[updated_at] + schema: + type: string + - in: query + name: filter[updated_at__date] schema: type: string format: date @@ -4039,12 +5031,12 @@ paths: name: filter[updated_at__gte] schema: type: string - format: date-time + description: Maximum date range is 7 days. - in: query name: filter[updated_at__lte] schema: type: string - format: date-time + description: Maximum date range is 7 days. - name: sort required: false in: query @@ -4079,7 +5071,7 @@ paths: description: '' /api/v1/findings/latest: get: - operationId: findings_latest_retrieve + operationId: api_v1_findings_latest_retrieve description: Retrieve a list of the latest findings from the latest scans for each provider with options for filtering by various criteria. summary: List the latest findings @@ -4242,6 +5234,21 @@ paths: description: Multiple values may be separated by commas. explode: false style: form + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + - in: query + name: filter[provider_groups__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form - in: query name: filter[provider_id] schema: @@ -4261,7 +5268,7 @@ paths: name: filter[provider_type] schema: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -4275,10 +5282,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- * `aws` - AWS * `azure` - Azure @@ -4302,7 +5309,7 @@ paths: type: array items: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -4316,10 +5323,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- Multiple values may be separated by commas. @@ -4583,7 +5590,7 @@ paths: description: '' /api/v1/findings/metadata: get: - operationId: findings_metadata_retrieve + operationId: api_v1_findings_metadata_retrieve description: Fetch unique metadata values from a set of findings. This is useful for dynamic filtering. summary: Retrieve metadata values from findings @@ -4758,6 +5765,21 @@ paths: description: Multiple values may be separated by commas. explode: false style: form + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + - in: query + name: filter[provider_groups__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form - in: query name: filter[provider_id] schema: @@ -4777,7 +5799,7 @@ paths: name: filter[provider_type] schema: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -4791,10 +5813,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- * `aws` - AWS * `azure` - Azure @@ -4818,7 +5840,7 @@ paths: type: array items: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -4832,10 +5854,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- Multiple values may be separated by commas. @@ -5112,7 +6134,7 @@ paths: description: '' /api/v1/findings/metadata/latest: get: - operationId: findings_metadata_latest_retrieve + operationId: api_v1_findings_metadata_latest_retrieve description: Fetch unique metadata values from a set of findings from the latest scans for each provider. This is useful for dynamic filtering. summary: Retrieve metadata values from the latest findings @@ -5262,6 +6284,21 @@ paths: description: Multiple values may be separated by commas. explode: false style: form + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + - in: query + name: filter[provider_groups__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form - in: query name: filter[provider_id] schema: @@ -5281,7 +6318,7 @@ paths: name: filter[provider_type] schema: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -5295,10 +6332,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- * `aws` - AWS * `azure` - Azure @@ -5322,7 +6359,7 @@ paths: type: array items: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -5336,10 +6373,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- Multiple values may be separated by commas. @@ -5591,7 +6628,7 @@ paths: description: '' /api/v1/integrations: get: - operationId: integrations_list + operationId: api_v1_integrations_list description: Retrieve a list of all configured integrations with options for filtering by various criteria. summary: List all integrations @@ -5742,7 +6779,7 @@ paths: $ref: '#/components/schemas/PaginatedIntegrationList' description: '' post: - operationId: integrations_create + operationId: api_v1_integrations_create description: Register a new integration with the system, providing necessary configuration details. summary: Create a new integration @@ -5771,7 +6808,7 @@ paths: description: '' /api/v1/integrations/{integration_pk}/jira/dispatches: post: - operationId: integrations_jira_dispatches_create + operationId: api_v1_integrations_jira_dispatches_create description: |- Send a set of filtered findings to the given integration. At least one finding filter must be provided. @@ -5844,7 +6881,7 @@ paths: description: '' /api/v1/integrations/{integration_pk}/jira/issue_types: get: - operationId: integrations_jira_issue_types_retrieve + operationId: api_v1_integrations_jira_issue_types_retrieve description: Fetch the available issue types from Jira for a given project key and update the integration configuration. summary: Get available issue types for a Jira project @@ -5885,7 +6922,7 @@ paths: description: '' /api/v1/integrations/{id}: get: - operationId: integrations_retrieve + operationId: api_v1_integrations_retrieve description: Fetch detailed information about a specific integration by its ID. summary: Retrieve integration details @@ -5939,7 +6976,7 @@ paths: $ref: '#/components/schemas/IntegrationResponse' description: '' patch: - operationId: integrations_partial_update + operationId: api_v1_integrations_partial_update description: Modify certain fields of an existing integration without affecting other settings. summary: Partially update an integration @@ -5975,7 +7012,7 @@ paths: $ref: '#/components/schemas/IntegrationUpdateResponse' description: '' delete: - operationId: integrations_destroy + operationId: api_v1_integrations_destroy description: Remove an integration from the system by its ID. summary: Delete an integration parameters: @@ -5995,7 +7032,7 @@ paths: description: No response body /api/v1/integrations/{id}/connection: post: - operationId: integrations_connection_create + operationId: api_v1_integrations_connection_create description: Try to verify integration connection summary: Check integration connection parameters: @@ -6034,7 +7071,7 @@ paths: description: '' /api/v1/invitations/accept: post: - operationId: invitations_accept_create + operationId: api_v1_invitations_accept_create description: Accept an invitation to an existing tenant. This invitation cannot be expired and the emails must match. summary: Accept an invitation @@ -6063,7 +7100,7 @@ paths: description: '' /api/v1/lighthouse-configurations: get: - operationId: lighthouse_configurations_list + operationId: api_v1_lighthouse_configurations_list description: Retrieve a list of all Lighthouse AI configurations. summary: List all Lighthouse AI configurations parameters: @@ -6136,7 +7173,7 @@ paths: $ref: '#/components/schemas/PaginatedLighthouseConfigList' description: '' post: - operationId: lighthouse_configurations_create + operationId: api_v1_lighthouse_configurations_create description: Create a new Lighthouse AI configuration with the specified details. summary: Create a new Lighthouse AI configuration tags: @@ -6165,7 +7202,7 @@ paths: description: '' /api/v1/lighthouse-configurations/{id}: patch: - operationId: lighthouse_configurations_partial_update + operationId: api_v1_lighthouse_configurations_partial_update description: Update certain fields of an existing Lighthouse AI configuration. summary: Partially update a Lighthouse AI configuration parameters: @@ -6199,7 +7236,7 @@ paths: $ref: '#/components/schemas/LighthouseConfigUpdateResponse' description: '' delete: - operationId: lighthouse_configurations_destroy + operationId: api_v1_lighthouse_configurations_destroy description: Remove a Lighthouse AI configuration by its ID. summary: Delete a Lighthouse AI configuration parameters: @@ -6218,7 +7255,7 @@ paths: description: No response body /api/v1/lighthouse-configurations/{id}/connection: post: - operationId: lighthouse_configurations_connection_create + operationId: api_v1_lighthouse_configurations_connection_create description: Verify the connection to the OpenAI API for a specific Lighthouse AI configuration. summary: Check the connection to the OpenAI API @@ -6257,7 +7294,7 @@ paths: description: '' /api/v1/lighthouse/configuration: get: - operationId: lighthouse_configuration_list + operationId: api_v1_lighthouse_configuration_list description: Retrieve current tenant-level Lighthouse AI settings. Returns a single configuration object. summary: Get Lighthouse AI Tenant config @@ -6332,7 +7369,7 @@ paths: $ref: '#/components/schemas/PaginatedLighthouseTenantConfigList' description: '' patch: - operationId: lighthouse_configuration_partial_update + operationId: api_v1_lighthouse_configuration_partial_update description: Update tenant-level settings. Validates that the default provider is configured and active and that default model IDs exist for the chosen providers. Auto-creates configuration if it doesn't exist. @@ -6362,7 +7399,7 @@ paths: description: '' /api/v1/lighthouse/models: get: - operationId: lighthouse_models_list + operationId: api_v1_lighthouse_models_list description: List available LLM models per configured provider for the current tenant. summary: List all LLM models @@ -6492,7 +7529,7 @@ paths: description: '' /api/v1/lighthouse/models/{id}: get: - operationId: lighthouse_models_retrieve + operationId: api_v1_lighthouse_models_retrieve description: Get details for a specific LLM model. summary: Retrieve LLM model details parameters: @@ -6533,7 +7570,7 @@ paths: description: '' /api/v1/lighthouse/providers: get: - operationId: lighthouse_providers_list + operationId: api_v1_lighthouse_providers_list description: Retrieve all LLM provider configurations for the current tenant summary: List all LLM provider configurations parameters: @@ -6648,7 +7685,7 @@ paths: $ref: '#/components/schemas/PaginatedLighthouseProviderConfigList' description: '' post: - operationId: lighthouse_providers_create + operationId: api_v1_lighthouse_providers_create description: Create a per-tenant configuration for an LLM provider. Only one configuration per provider type is allowed per tenant. summary: Create LLM provider configuration @@ -6677,7 +7714,7 @@ paths: description: '' /api/v1/lighthouse/providers/{id}: get: - operationId: lighthouse_providers_retrieve + operationId: api_v1_lighthouse_providers_retrieve description: Get details for a specific provider configuration in the current tenant. summary: Retrieve LLM provider configuration @@ -6718,7 +7755,7 @@ paths: $ref: '#/components/schemas/LighthouseProviderConfigResponse' description: '' patch: - operationId: lighthouse_providers_partial_update + operationId: api_v1_lighthouse_providers_partial_update description: Partially update a provider configuration (e.g., base_url, is_active). summary: Update LLM provider configuration parameters: @@ -6753,7 +7790,7 @@ paths: $ref: '#/components/schemas/LighthouseProviderConfigUpdateResponse' description: '' delete: - operationId: lighthouse_providers_destroy + operationId: api_v1_lighthouse_providers_destroy description: Delete a provider configuration. Any tenant defaults that reference this provider are cleared during deletion. summary: Delete LLM provider configuration @@ -6774,7 +7811,7 @@ paths: description: No response body /api/v1/lighthouse/providers/{id}/connection: post: - operationId: lighthouse_providers_connection_create + operationId: api_v1_lighthouse_providers_connection_create description: Validate provider credentials asynchronously and toggle is_active. summary: Check LLM provider connection parameters: @@ -6813,7 +7850,7 @@ paths: description: '' /api/v1/lighthouse/providers/{id}/refresh-models: post: - operationId: lighthouse_providers_refresh_models_create + operationId: api_v1_lighthouse_providers_refresh_models_create description: Fetch available models for this provider configuration and upsert into catalog. Supports OpenAI, OpenAI-compatible, and AWS Bedrock providers. summary: Refresh LLM models catalog @@ -6853,7 +7890,7 @@ paths: description: '' /api/v1/mute-rules: get: - operationId: mute_rules_list + operationId: api_v1_mute_rules_list description: Retrieve a list of all mute rules with filtering options. summary: List all mute rules parameters: @@ -6999,7 +8036,7 @@ paths: $ref: '#/components/schemas/PaginatedMuteRuleList' description: '' post: - operationId: mute_rules_create + operationId: api_v1_mute_rules_create description: Create a new mute rule by providing finding IDs, name, and reason. The rule will immediately mute the selected findings and launch a background task to mute all historical findings with matching UIDs. @@ -7029,7 +8066,7 @@ paths: description: '' /api/v1/mute-rules/{id}: get: - operationId: mute_rules_retrieve + operationId: api_v1_mute_rules_retrieve description: Fetch detailed information about a specific mute rule by ID. summary: Retrieve a mute rule parameters: @@ -7080,7 +8117,7 @@ paths: $ref: '#/components/schemas/MuteRuleResponse' description: '' patch: - operationId: mute_rules_partial_update + operationId: api_v1_mute_rules_partial_update description: Update certain fields of an existing mute rule (e.g., name, reason, enabled). summary: Partially update a mute rule @@ -7116,7 +8153,7 @@ paths: $ref: '#/components/schemas/SerializerMetaclassResponse' description: '' delete: - operationId: mute_rules_destroy + operationId: api_v1_mute_rules_destroy description: 'Remove a mute rule from the system. Note: Previously muted findings remain muted.' summary: Delete a mute rule @@ -7137,7 +8174,7 @@ paths: description: No response body /api/v1/overviews/attack-surfaces: get: - operationId: overviews_attack_surfaces_list + operationId: api_v1_overviews_attack_surfaces_list description: Retrieve aggregated attack surface metrics from latest completed scans per provider. summary: Get attack surface overview @@ -7156,6 +8193,21 @@ paths: description: endpoint return only specific fields in the response on a per-type basis by including a fields[TYPE] query parameter. explode: false + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + - in: query + name: filter[provider_groups__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form - in: query name: filter[provider_id] schema: @@ -7175,7 +8227,7 @@ paths: name: filter[provider_type] schema: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -7189,10 +8241,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- * `aws` - AWS * `azure` - Azure @@ -7216,7 +8268,7 @@ paths: type: array items: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -7230,10 +8282,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- Multiple values may be separated by commas. @@ -7304,7 +8356,7 @@ paths: description: '' /api/v1/overviews/categories: get: - operationId: overviews_categories_list + operationId: api_v1_overviews_categories_list description: 'Retrieve aggregated category metrics from latest completed scans per provider. Returns one row per category with total, failed, and new failed findings counts, plus a severity breakdown showing failed findings per severity @@ -7339,6 +8391,21 @@ paths: description: Multiple values may be separated by commas. explode: false style: form + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + - in: query + name: filter[provider_groups__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form - in: query name: filter[provider_id] schema: @@ -7358,7 +8425,7 @@ paths: name: filter[provider_type] schema: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -7372,10 +8439,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- * `aws` - AWS * `azure` - Azure @@ -7399,7 +8466,7 @@ paths: type: array items: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -7413,10 +8480,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- Multiple values may be separated by commas. @@ -7489,7 +8556,7 @@ paths: description: '' /api/v1/overviews/compliance-watchlist: get: - operationId: overviews_compliance_watchlist_list + operationId: api_v1_overviews_compliance_watchlist_list description: 'Retrieve compliance metrics with FAIL-dominant aggregation. Without filters: uses pre-aggregated TenantComplianceSummary. With provider filters: queries ProviderComplianceScore with FAIL-dominant logic where any FAIL in @@ -7512,6 +8579,21 @@ paths: description: endpoint return only specific fields in the response on a per-type basis by including a fields[TYPE] query parameter. explode: false + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + - in: query + name: filter[provider_groups__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form - in: query name: filter[provider_id] schema: @@ -7544,10 +8626,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- * `aws` - AWS * `azure` - Azure @@ -7584,10 +8666,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- Multiple values may be separated by commas. @@ -7662,7 +8744,7 @@ paths: description: '' /api/v1/overviews/findings: get: - operationId: overviews_findings_retrieve + operationId: api_v1_overviews_findings_retrieve description: Fetch aggregated findings data across all providers, grouped by various metrics such as passed, failed, muted, and total findings. This endpoint calculates summary statistics based on the latest scans for each provider @@ -7714,6 +8796,21 @@ paths: schema: type: string format: date-time + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + - in: query + name: filter[provider_groups__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form - in: query name: filter[provider_id] schema: @@ -7733,7 +8830,7 @@ paths: name: filter[provider_type] schema: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -7747,10 +8844,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- * `aws` - AWS * `azure` - Azure @@ -7774,7 +8871,7 @@ paths: type: array items: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -7788,10 +8885,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- Multiple values may be separated by commas. @@ -7887,7 +8984,7 @@ paths: description: '' /api/v1/overviews/findings_severity: get: - operationId: overviews_findings_severity_retrieve + operationId: api_v1_overviews_findings_severity_retrieve description: Retrieve an aggregated summary of findings grouped by severity levels, such as low, medium, high, and critical. The response includes the total count of findings for each severity, considering only the latest scans @@ -7931,6 +9028,21 @@ paths: schema: type: string format: date-time + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + - in: query + name: filter[provider_groups__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form - in: query name: filter[provider_id] schema: @@ -7950,7 +9062,7 @@ paths: name: filter[provider_type] schema: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -7964,10 +9076,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- * `aws` - AWS * `azure` - Azure @@ -7991,7 +9103,7 @@ paths: type: array items: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -8005,10 +9117,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- Multiple values may be separated by commas. @@ -8107,7 +9219,7 @@ paths: description: '' /api/v1/overviews/findings_severity/timeseries: get: - operationId: overviews_findings_severity_timeseries_retrieve + operationId: api_v1_overviews_findings_severity_timeseries_retrieve description: Retrieve daily aggregated findings data grouped by severity levels over a date range. Returns one data point per day with counts of failed findings by severity (critical, high, medium, low, informational) and muted findings. @@ -8143,6 +9255,21 @@ paths: schema: type: string format: date + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + - in: query + name: filter[provider_groups__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form - in: query name: filter[provider_id] schema: @@ -8175,10 +9302,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- * `aws` - AWS * `azure` - Azure @@ -8215,10 +9342,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- Multiple values may be separated by commas. @@ -8285,7 +9412,7 @@ paths: description: '' /api/v1/overviews/providers: get: - operationId: overviews_providers_retrieve + operationId: api_v1_overviews_providers_retrieve description: Retrieve an aggregated overview of findings and resources grouped by providers. The response includes the count of passed, failed, and manual findings, along with the total number of resources managed by each provider. @@ -8319,7 +9446,7 @@ paths: description: '' /api/v1/overviews/providers/count: get: - operationId: overviews_providers_count_retrieve + operationId: api_v1_overviews_providers_count_retrieve description: Retrieve the number of providers grouped by provider type. This endpoint counts every provider in the tenant, including those without completed scans. @@ -8350,7 +9477,7 @@ paths: description: '' /api/v1/overviews/regions: get: - operationId: overviews_regions_retrieve + operationId: api_v1_overviews_regions_retrieve description: Retrieve an aggregated summary of findings grouped by region. The response includes the total, passed, failed, and muted findings for each region based on the latest completed scans per provider. Standard overview filters @@ -8394,6 +9521,21 @@ paths: schema: type: string format: date-time + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + - in: query + name: filter[provider_groups__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form - in: query name: filter[provider_id] schema: @@ -8413,7 +9555,7 @@ paths: name: filter[provider_type] schema: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -8427,10 +9569,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- * `aws` - AWS * `azure` - Azure @@ -8454,7 +9596,7 @@ paths: type: array items: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -8468,10 +9610,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- Multiple values may be separated by commas. @@ -8553,7 +9695,7 @@ paths: description: '' /api/v1/overviews/resource-groups: get: - operationId: overviews_resource_groups_list + operationId: api_v1_overviews_resource_groups_list description: Retrieve aggregated resource group metrics from latest completed scans per provider. Returns one row per resource group with total, failed, and new failed findings counts, plus a severity breakdown showing failed findings @@ -8576,6 +9718,21 @@ paths: description: endpoint return only specific fields in the response on a per-type basis by including a fields[TYPE] query parameter. explode: false + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + - in: query + name: filter[provider_groups__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form - in: query name: filter[provider_id] schema: @@ -8595,7 +9752,7 @@ paths: name: filter[provider_type] schema: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -8609,10 +9766,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- * `aws` - AWS * `azure` - Azure @@ -8636,7 +9793,7 @@ paths: type: array items: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -8650,10 +9807,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- Multiple values may be separated by commas. @@ -8741,7 +9898,7 @@ paths: description: '' /api/v1/overviews/services: get: - operationId: overviews_services_retrieve + operationId: api_v1_overviews_services_retrieve description: Retrieve an aggregated summary of findings grouped by service. The response includes the total count of findings for each service, as long as there are at least one finding for that service. @@ -8782,6 +9939,21 @@ paths: schema: type: string format: date-time + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + - in: query + name: filter[provider_groups__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form - in: query name: filter[provider_id] schema: @@ -8801,7 +9973,7 @@ paths: name: filter[provider_type] schema: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -8815,10 +9987,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- * `aws` - AWS * `azure` - Azure @@ -8842,7 +10014,7 @@ paths: type: array items: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -8856,10 +10028,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- Multiple values may be separated by commas. @@ -8937,7 +10109,7 @@ paths: description: '' /api/v1/overviews/threatscore: get: - operationId: overviews_threatscore_retrieve + operationId: api_v1_overviews_threatscore_retrieve description: Retrieve ThreatScore metrics. By default, returns the latest snapshot for each provider. Use snapshot_id to retrieve a specific historical snapshot. summary: Get ThreatScore snapshots @@ -8968,6 +10140,38 @@ paths: description: endpoint return only specific fields in the response on a per-type basis by including a fields[TYPE] query parameter. explode: false + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + description: Filter by provider group ID + - in: query + name: filter[provider_groups__in] + schema: + type: string + description: Filter by multiple provider group IDs (comma-separated UUIDs) + - in: query + name: filter[provider_id] + schema: + type: string + format: uuid + description: Filter by specific provider ID + - in: query + name: filter[provider_id__in] + schema: + type: string + description: Filter by multiple provider IDs (comma-separated UUIDs) + - in: query + name: filter[provider_type] + schema: + type: string + description: Filter by provider type (aws, azure, gcp, etc.) + - in: query + name: filter[provider_type__in] + schema: + type: string + description: Filter by multiple provider types (comma-separated) - in: query name: include schema: @@ -8980,27 +10184,6 @@ paths: description: include query parameter to allow the client to customize which related resources should be returned. explode: false - - in: query - name: provider_id - schema: - type: string - format: uuid - description: Filter by specific provider ID - - in: query - name: provider_id__in - schema: - type: string - description: Filter by multiple provider IDs (comma-separated UUIDs) - - in: query - name: provider_type - schema: - type: string - description: Filter by provider type (aws, azure, gcp, etc.) - - in: query - name: provider_type__in - schema: - type: string - description: Filter by multiple provider types (comma-separated) - in: query name: snapshot_id schema: @@ -9021,7 +10204,7 @@ paths: description: '' /api/v1/processors: get: - operationId: processors_list + operationId: api_v1_processors_list description: Retrieve a list of all configured processors with options for filtering by various criteria. summary: List all processors @@ -9116,7 +10299,7 @@ paths: $ref: '#/components/schemas/PaginatedProcessorList' description: '' post: - operationId: processors_create + operationId: api_v1_processors_create description: Register a new processor with the system, providing necessary configuration details. There can only be one processor of each type per tenant. summary: Create a new processor @@ -9145,7 +10328,7 @@ paths: description: '' /api/v1/processors/{id}: get: - operationId: processors_retrieve + operationId: api_v1_processors_retrieve description: Fetch detailed information about a specific processor by its ID. summary: Retrieve processor details parameters: @@ -9183,7 +10366,7 @@ paths: $ref: '#/components/schemas/ProcessorResponse' description: '' patch: - operationId: processors_partial_update + operationId: api_v1_processors_partial_update description: Modify certain fields of an existing processor without affecting other settings. summary: Partially update a processor @@ -9219,7 +10402,7 @@ paths: $ref: '#/components/schemas/ProcessorUpdateResponse' description: '' delete: - operationId: processors_destroy + operationId: api_v1_processors_destroy description: Remove a processor from the system by its ID. summary: Delete a processor parameters: @@ -9239,7 +10422,7 @@ paths: description: No response body /api/v1/provider-groups: get: - operationId: provider_groups_list + operationId: api_v1_provider_groups_list description: Retrieve a list of all provider groups with options for filtering by various criteria. summary: List all provider groups @@ -9372,7 +10555,7 @@ paths: $ref: '#/components/schemas/PaginatedProviderGroupList' description: '' post: - operationId: provider_groups_create + operationId: api_v1_provider_groups_create description: Add a new provider group to the system by providing the required provider group details. summary: Create a new provider group @@ -9401,7 +10584,7 @@ paths: description: '' /api/v1/provider-groups/{id}: get: - operationId: provider_groups_retrieve + operationId: api_v1_provider_groups_retrieve description: Fetch detailed information about a specific provider group by their ID. summary: Retrieve data from a provider group @@ -9441,7 +10624,7 @@ paths: $ref: '#/components/schemas/ProviderGroupResponse' description: '' patch: - operationId: provider_groups_partial_update + operationId: api_v1_provider_groups_partial_update description: Update certain fields of an existing provider group's information without affecting other fields. summary: Partially update a provider group @@ -9477,7 +10660,7 @@ paths: $ref: '#/components/schemas/SerializerMetaclassResponse' description: '' delete: - operationId: provider_groups_destroy + operationId: api_v1_provider_groups_destroy description: Remove a provider group from the system by their ID. summary: Delete a provider group parameters: @@ -9497,7 +10680,7 @@ paths: description: No response body /api/v1/provider-groups/{id}/relationships/providers: post: - operationId: provider_groups_relationships_providers_create + operationId: api_v1_provider_groups_relationships_providers_create description: Add a new provider_group-providers relationship to the system by providing the required provider_group-providers details. summary: Create a new provider_group-providers relationship @@ -9523,7 +10706,7 @@ paths: '400': description: Bad request (e.g., relationship already exists) patch: - operationId: provider_groups_relationships_providers_partial_update + operationId: api_v1_provider_groups_relationships_providers_partial_update description: Update the provider_group-providers relationship information without affecting other fields. summary: Partially update a provider_group-providers relationship @@ -9547,7 +10730,7 @@ paths: '204': description: Relationship updated successfully delete: - operationId: provider_groups_relationships_providers_destroy + operationId: api_v1_provider_groups_relationships_providers_destroy description: Remove the provider_group-providers relationship from the system by their ID. summary: Delete a provider_group-providers relationship @@ -9560,7 +10743,7 @@ paths: description: Relationship deleted successfully /api/v1/providers: get: - operationId: providers_list + operationId: api_v1_providers_list description: Retrieve a list of all providers with options for filtering by various criteria. summary: List all providers @@ -9648,7 +10831,7 @@ paths: name: filter[provider] schema: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -9662,10 +10845,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- * `aws` - AWS * `azure` - Azure @@ -9689,7 +10872,7 @@ paths: type: array items: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -9703,10 +10886,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- Multiple values may be separated by commas. @@ -9728,11 +10911,26 @@ paths: * `okta` - Okta explode: false style: form + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + - in: query + name: filter[provider_groups__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form - in: query name: filter[provider_type] schema: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -9746,10 +10944,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- * `aws` - AWS * `azure` - Azure @@ -9773,7 +10971,7 @@ paths: type: array items: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -9787,10 +10985,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- Multiple values may be separated by commas. @@ -9910,7 +11108,7 @@ paths: $ref: '#/components/schemas/PaginatedProviderList' description: '' post: - operationId: providers_create + operationId: api_v1_providers_create description: Add a new provider to the system by providing the required provider details. summary: Create a new provider @@ -9939,7 +11137,7 @@ paths: description: '' /api/v1/providers/{id}: get: - operationId: providers_retrieve + operationId: api_v1_providers_retrieve description: Fetch detailed information about a specific provider by their ID. summary: Retrieve data from a provider parameters: @@ -9992,7 +11190,7 @@ paths: $ref: '#/components/schemas/ProviderResponse' description: '' patch: - operationId: providers_partial_update + operationId: api_v1_providers_partial_update description: Update certain fields of an existing provider's information without affecting other fields. summary: Partially update a provider @@ -10028,7 +11226,7 @@ paths: $ref: '#/components/schemas/SerializerMetaclassResponse' description: '' delete: - operationId: providers_destroy + operationId: api_v1_providers_destroy description: Remove a provider from the system by their ID. summary: Delete a provider parameters: @@ -10067,7 +11265,7 @@ paths: description: '' /api/v1/providers/{id}/connection: post: - operationId: providers_connection_create + operationId: api_v1_providers_connection_create description: Try to verify connection. For instance, Role & Credentials are set correctly summary: Check connection @@ -10107,7 +11305,7 @@ paths: description: '' /api/v1/providers/secrets: get: - operationId: providers_secrets_list + operationId: api_v1_providers_secrets_list description: Retrieve a list of all secrets with options for filtering by various criteria. summary: List all secrets @@ -10199,7 +11397,7 @@ paths: $ref: '#/components/schemas/PaginatedProviderSecretList' description: '' post: - operationId: providers_secrets_create + operationId: api_v1_providers_secrets_create description: Add a new secret to the system by providing the required secret details. summary: Create a new secret @@ -10228,7 +11426,7 @@ paths: description: '' /api/v1/providers/secrets/{id}: get: - operationId: providers_secrets_retrieve + operationId: api_v1_providers_secrets_retrieve description: Fetch detailed information about a specific secret by their ID. summary: Retrieve data from a secret parameters: @@ -10266,7 +11464,7 @@ paths: $ref: '#/components/schemas/ProviderSecretResponse' description: '' patch: - operationId: providers_secrets_partial_update + operationId: api_v1_providers_secrets_partial_update description: Update certain fields of an existing secret's information without affecting other fields. summary: Partially update a secret @@ -10301,7 +11499,7 @@ paths: $ref: '#/components/schemas/ProviderSecretUpdateResponse' description: '' delete: - operationId: providers_secrets_destroy + operationId: api_v1_providers_secrets_destroy description: Remove a secret from the system by their ID. summary: Delete a secret parameters: @@ -10320,7 +11518,7 @@ paths: description: No response body /api/v1/resources: get: - operationId: resources_list + operationId: api_v1_resources_list description: Retrieve a list of all resources with options for filtering by various criteria. Resources are objects that are discovered by Prowler. They can be anything from a single host to a whole VPC. @@ -10444,6 +11642,21 @@ paths: description: Multiple values may be separated by commas. explode: false style: form + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + - in: query + name: filter[provider_groups__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form - in: query name: filter[provider_id] schema: @@ -10463,7 +11676,7 @@ paths: name: filter[provider_type] schema: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -10477,10 +11690,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- * `aws` - AWS * `azure` - Azure @@ -10504,7 +11717,7 @@ paths: type: array items: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -10518,10 +11731,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- Multiple values may be separated by commas. @@ -10746,7 +11959,7 @@ paths: description: '' /api/v1/resources/{id}: get: - operationId: resources_retrieve + operationId: api_v1_resources_retrieve description: Fetch detailed information about a specific resource by their ID. A Resource is an object that is discovered by Prowler. It can be anything from a single host to a whole VPC. @@ -10810,7 +12023,7 @@ paths: description: '' /api/v1/resources/{id}/events: get: - operationId: resources_events_list + operationId: api_v1_resources_events_list description: |- Retrieve events showing modification history for a resource. Returns who modified the resource and when. Currently only available for AWS resources. @@ -10891,7 +12104,7 @@ paths: description: Provider service unavailable /api/v1/resources/latest: get: - operationId: resources_latest_retrieve + operationId: api_v1_resources_latest_retrieve description: Retrieve a list of the latest resources from the latest scans for each provider with options for filtering by various criteria. summary: List the latest resources @@ -10999,6 +12212,21 @@ paths: description: Multiple values may be separated by commas. explode: false style: form + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + - in: query + name: filter[provider_groups__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form - in: query name: filter[provider_id] schema: @@ -11018,7 +12246,7 @@ paths: name: filter[provider_type] schema: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -11032,10 +12260,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- * `aws` - AWS * `azure` - Azure @@ -11059,7 +12287,7 @@ paths: type: array items: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -11073,10 +12301,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- Multiple values may be separated by commas. @@ -11256,7 +12484,7 @@ paths: description: '' /api/v1/resources/metadata: get: - operationId: resources_metadata_retrieve + operationId: api_v1_resources_metadata_retrieve description: Fetch unique metadata values from a set of resources. This is useful for dynamic filtering. summary: Retrieve metadata values from resources @@ -11367,6 +12595,21 @@ paths: description: Multiple values may be separated by commas. explode: false style: form + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + - in: query + name: filter[provider_groups__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form - in: query name: filter[provider_id] schema: @@ -11386,7 +12629,7 @@ paths: name: filter[provider_type] schema: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -11400,10 +12643,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- * `aws` - AWS * `azure` - Azure @@ -11427,7 +12670,7 @@ paths: type: array items: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -11441,10 +12684,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- Multiple values may be separated by commas. @@ -11645,7 +12888,7 @@ paths: description: '' /api/v1/resources/metadata/latest: get: - operationId: resources_metadata_latest_retrieve + operationId: api_v1_resources_metadata_latest_retrieve description: Fetch unique metadata values from a set of resources from the latest scans for each provider. This is useful for dynamic filtering. summary: Retrieve metadata values from the latest resources @@ -11741,6 +12984,21 @@ paths: description: Multiple values may be separated by commas. explode: false style: form + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + - in: query + name: filter[provider_groups__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form - in: query name: filter[provider_id] schema: @@ -11760,7 +13018,7 @@ paths: name: filter[provider_type] schema: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -11774,10 +13032,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- * `aws` - AWS * `azure` - Azure @@ -11801,7 +13059,7 @@ paths: type: array items: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -11815,10 +13073,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- Multiple values may be separated by commas. @@ -11986,7 +13244,7 @@ paths: description: '' /api/v1/roles: get: - operationId: roles_list + operationId: api_v1_roles_list description: Retrieve a list of all roles with options for filtering by various criteria. summary: List all roles @@ -12155,7 +13413,7 @@ paths: $ref: '#/components/schemas/PaginatedRoleList' description: '' post: - operationId: roles_create + operationId: api_v1_roles_create description: Add a new role to the system by providing the required role details. summary: Create a new role tags: @@ -12183,7 +13441,7 @@ paths: description: '' /api/v1/roles/{id}: get: - operationId: roles_retrieve + operationId: api_v1_roles_retrieve description: Fetch detailed information about a specific role by their ID. summary: Retrieve data from a role parameters: @@ -12230,7 +13488,7 @@ paths: $ref: '#/components/schemas/RoleResponse' description: '' patch: - operationId: roles_partial_update + operationId: api_v1_roles_partial_update description: Update selected fields on an existing role. When changing the `users` relationship of a role that grants MANAGE_ACCOUNT, the API blocks attempts that would leave the tenant without any MANAGE_ACCOUNT assignees and prevents @@ -12268,7 +13526,7 @@ paths: $ref: '#/components/schemas/SerializerMetaclassResponse' description: '' delete: - operationId: roles_destroy + operationId: api_v1_roles_destroy description: Delete the specified role. The API rejects deletion of the last role in the tenant that grants MANAGE_ACCOUNT. summary: Delete a role @@ -12289,7 +13547,7 @@ paths: description: No response body /api/v1/roles/{id}/relationships/provider_groups: post: - operationId: roles_relationships_provider_groups_create + operationId: api_v1_roles_relationships_provider_groups_create description: Add a new role-provider_groups relationship to the system by providing the required role-provider_groups details. summary: Create a new role-provider_groups relationship @@ -12315,7 +13573,7 @@ paths: '400': description: Bad request (e.g., relationship already exists) patch: - operationId: roles_relationships_provider_groups_partial_update + operationId: api_v1_roles_relationships_provider_groups_partial_update description: Update the role-provider_groups relationship information without affecting other fields. summary: Partially update a role-provider_groups relationship @@ -12339,7 +13597,7 @@ paths: '204': description: Relationship updated successfully delete: - operationId: roles_relationships_provider_groups_destroy + operationId: api_v1_roles_relationships_provider_groups_destroy description: Remove the role-provider_groups relationship from the system by their ID. summary: Delete a role-provider_groups relationship @@ -12352,7 +13610,7 @@ paths: description: Relationship deleted successfully /api/v1/saml-config: get: - operationId: saml_config_list + operationId: api_v1_saml_config_list description: Returns all the SAML-based SSO configurations associated with the current tenant. summary: List all SSO configurations @@ -12421,7 +13679,7 @@ paths: $ref: '#/components/schemas/PaginatedSAMLConfigurationList' description: '' post: - operationId: saml_config_create + operationId: api_v1_saml_config_create description: Creates a new SAML SSO configuration for the current tenant, including email domain and metadata XML. summary: Create the SSO configuration @@ -12450,7 +13708,7 @@ paths: description: '' /api/v1/saml-config/{id}: get: - operationId: saml_config_retrieve + operationId: api_v1_saml_config_retrieve description: Returns the details of a specific SAML configuration belonging to the current tenant. summary: Retrieve SSO configuration details @@ -12488,7 +13746,7 @@ paths: $ref: '#/components/schemas/SAMLConfigurationResponse' description: '' patch: - operationId: saml_config_partial_update + operationId: api_v1_saml_config_partial_update description: Partially updates an existing SAML SSO configuration. Supports changes to email domain and metadata XML. summary: Update the SSO configuration @@ -12524,7 +13782,7 @@ paths: $ref: '#/components/schemas/SAMLConfigurationResponse' description: '' delete: - operationId: saml_config_destroy + operationId: api_v1_saml_config_destroy description: Deletes an existing SAML SSO configuration associated with the current tenant. summary: Delete the SSO configuration @@ -12545,7 +13803,7 @@ paths: description: No response body /api/v1/scans: get: - operationId: scans_list + operationId: api_v1_scans_list description: Retrieve a list of all scans with options for filtering by various criteria. summary: List all scans @@ -12655,11 +13913,26 @@ paths: description: Multiple values may be separated by commas. explode: false style: form + - in: query + name: filter[provider_groups] + schema: + type: string + format: uuid + - in: query + name: filter[provider_groups__in] + schema: + type: array + items: + type: string + format: uuid + description: Multiple values may be separated by commas. + explode: false + style: form - in: query name: filter[provider_type] schema: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -12673,10 +13946,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- * `aws` - AWS * `azure` - Azure @@ -12700,7 +13973,7 @@ paths: type: array items: type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 enum: - alibabacloud - aws @@ -12714,10 +13987,10 @@ paths: - kubernetes - m365 - mongodbatlas + - okta - openstack - oraclecloud - vercel - - okta description: |- Multiple values may be separated by commas. @@ -12889,7 +14162,7 @@ paths: $ref: '#/components/schemas/PaginatedScanList' description: '' post: - operationId: scans_create + operationId: api_v1_scans_create description: Trigger a manual scan by providing the required scan details. If `scanner_args` are not provided, the system will automatically use the default settings from the associated provider. If you do provide `scanner_args`, these @@ -12937,7 +14210,7 @@ paths: description: '' /api/v1/scans/{id}: get: - operationId: scans_retrieve + operationId: api_v1_scans_retrieve description: Fetch detailed information about a specific scan by its ID. summary: Retrieve data from a specific scan parameters: @@ -12996,7 +14269,7 @@ paths: $ref: '#/components/schemas/ScanResponse' description: '' patch: - operationId: scans_partial_update + operationId: api_v1_scans_partial_update description: Update certain fields of an existing scan without affecting other fields. summary: Partially update a scan @@ -13033,7 +14306,7 @@ paths: description: '' /api/v1/scans/{id}/cis: get: - operationId: scans_cis_retrieve + operationId: api_v1_scans_cis_retrieve description: Download the CIS Benchmark compliance report as a PDF file. When a provider ships multiple CIS versions, the report is generated for the highest available version. @@ -13100,7 +14373,7 @@ paths: has not started yet /api/v1/scans/{id}/compliance/{name}: get: - operationId: scans_compliance_retrieve + operationId: api_v1_scans_compliance_retrieve description: Download a specific compliance report (e.g., 'cis_1.4_aws') as a CSV file. summary: Retrieve compliance report as CSV @@ -13145,10 +14418,11 @@ paths: description: Compliance report not found, or the scan has no reports yet /api/v1/scans/{id}/compliance/{name}/ocsf: get: - operationId: scans_compliance_ocsf_retrieve + operationId: api_v1_scans_compliance_ocsf_retrieve description: Download a specific compliance report as an OCSF JSON file. Only universal frameworks that declare an output configuration produce this artifact - (currently 'dora' and 'csa_ccm_4.0'); any other framework returns 404. + (currently 'dora_2022_2554', 'csa_ccm_4.0' and 'cis_controls_8.1'); any other + framework returns 404. summary: Retrieve compliance report as OCSF JSON parameters: - in: query @@ -13174,7 +14448,7 @@ paths: name: name schema: type: string - description: The compliance report name, like 'dora' + description: The compliance report name, like 'dora_2022_2554' required: true tags: - Scan @@ -13192,7 +14466,7 @@ paths: an OCSF export, or the scan has no reports yet /api/v1/scans/{id}/csa: get: - operationId: scans_csa_retrieve + operationId: api_v1_scans_csa_retrieve description: Download CSA Cloud Controls Matrix (CCM) v4.0 compliance report as a PDF file. summary: Retrieve CSA CCM compliance report @@ -13258,7 +14532,7 @@ paths: task has not started yet /api/v1/scans/{id}/ens: get: - operationId: scans_ens_retrieve + operationId: api_v1_scans_ens_retrieve description: Download ENS RD2022 compliance report (e.g., 'ens_rd2022_aws') as a PDF file. summary: Retrieve ENS RD2022 compliance report @@ -13324,7 +14598,7 @@ paths: has not started yet /api/v1/scans/{id}/nis2: get: - operationId: scans_nis2_retrieve + operationId: api_v1_scans_nis2_retrieve description: Download NIS2 compliance report (Directive (EU) 2022/2555) as a PDF file. summary: Retrieve NIS2 compliance report @@ -13390,7 +14664,7 @@ paths: task has not started yet /api/v1/scans/{id}/report: get: - operationId: scans_report_retrieve + operationId: api_v1_scans_report_retrieve description: Returns a ZIP file containing the requested report summary: Download ZIP report parameters: @@ -13428,7 +14702,7 @@ paths: not started yet /api/v1/scans/{id}/threatscore: get: - operationId: scans_threatscore_retrieve + operationId: api_v1_scans_threatscore_retrieve description: Download a specific threatscore report (e.g., 'prowler_threatscore_aws') as a PDF file. summary: Retrieve threatscore report @@ -13494,7 +14768,7 @@ paths: generation task has not started yet /api/v1/schedules/daily: post: - operationId: schedules_daily_create + operationId: api_v1_schedules_daily_create description: Schedules a daily scan for the specified provider. This endpoint creates a periodic task that will execute a scan every 24 hours. summary: Create a daily schedule scan for a given provider @@ -13538,7 +14812,7 @@ paths: description: '' /api/v1/tasks: get: - operationId: tasks_list + operationId: api_v1_tasks_list description: Retrieve a list of all tasks with options for filtering by name, state, and other criteria. summary: List all tasks @@ -13638,7 +14912,7 @@ paths: description: '' /api/v1/tasks/{id}: get: - operationId: tasks_retrieve + operationId: api_v1_tasks_retrieve description: Fetch detailed information about a specific task by its ID. summary: Retrieve data from a specific task parameters: @@ -13678,7 +14952,7 @@ paths: $ref: '#/components/schemas/TaskResponse' description: '' delete: - operationId: tasks_destroy + operationId: api_v1_tasks_destroy description: Try to revoke a task using its ID. Only tasks that are not yet in progress can be revoked. summary: Revoke a task @@ -13718,7 +14992,7 @@ paths: description: '' /api/v1/tenants: get: - operationId: tenants_list + operationId: api_v1_tenants_list description: Retrieve a list of all tenants with options for filtering by various criteria. summary: List all tenants @@ -13824,7 +15098,7 @@ paths: $ref: '#/components/schemas/PaginatedTenantList' description: '' post: - operationId: tenants_create + operationId: api_v1_tenants_create description: Add a new tenant to the system by providing the required tenant details. summary: Create a new tenant @@ -13853,7 +15127,7 @@ paths: description: '' /api/v1/tenants/{id}: get: - operationId: tenants_retrieve + operationId: api_v1_tenants_retrieve description: Fetch detailed information about a specific tenant by their ID. summary: Retrieve data from a tenant parameters: @@ -13888,7 +15162,7 @@ paths: $ref: '#/components/schemas/TenantResponse' description: '' patch: - operationId: tenants_partial_update + operationId: api_v1_tenants_partial_update description: Update certain fields of an existing tenant's information without affecting other fields. summary: Partially update a tenant @@ -13924,7 +15198,7 @@ paths: $ref: '#/components/schemas/TenantResponse' description: '' delete: - operationId: tenants_destroy + operationId: api_v1_tenants_destroy description: Remove a tenant from the system by their ID. summary: Delete a tenant parameters: @@ -13944,7 +15218,7 @@ paths: description: No response body /api/v1/tenants/{tenant_pk}/memberships: get: - operationId: tenants_memberships_list + operationId: api_v1_tenants_memberships_list description: List the membership details of users in a tenant you are a part of. summary: List tenant memberships @@ -14062,7 +15336,7 @@ paths: description: '' /api/v1/tenants/{tenant_pk}/memberships/{id}: delete: - operationId: tenants_memberships_destroy + operationId: api_v1_tenants_memberships_destroy description: 'Delete a user''s membership from a tenant. This action: (1) removes the membership, (2) revokes all refresh tokens for the expelled user, (3) removes their role grants for this tenant, (4) cleans up orphaned roles, and @@ -14093,7 +15367,7 @@ paths: description: No response body /api/v1/tenants/invitations: get: - operationId: tenants_invitations_list + operationId: api_v1_tenants_invitations_list description: Retrieve a list of all tenant invitations with options for filtering by various criteria. summary: List all invitations @@ -14275,7 +15549,7 @@ paths: $ref: '#/components/schemas/PaginatedInvitationList' description: '' post: - operationId: tenants_invitations_create + operationId: api_v1_tenants_invitations_create description: Add a new tenant invitation to the system by providing the required invitation details. The invited user will have to accept the invitations or create an account using the given code. @@ -14305,7 +15579,7 @@ paths: description: '' /api/v1/tenants/invitations/{id}: get: - operationId: tenants_invitations_retrieve + operationId: api_v1_tenants_invitations_retrieve description: Fetch detailed information about a specific invitation by its ID. summary: Retrieve data from a tenant invitation parameters: @@ -14346,7 +15620,7 @@ paths: $ref: '#/components/schemas/InvitationResponse' description: '' patch: - operationId: tenants_invitations_partial_update + operationId: api_v1_tenants_invitations_partial_update description: Update certain fields of an existing tenant invitation's information without affecting other fields. summary: Partially update a tenant invitation @@ -14381,7 +15655,7 @@ paths: $ref: '#/components/schemas/InvitationUpdateResponse' description: '' delete: - operationId: tenants_invitations_destroy + operationId: api_v1_tenants_invitations_destroy description: Revoke a tenant invitation from the system by their ID. summary: Revoke a tenant invitation parameters: @@ -14400,7 +15674,7 @@ paths: description: No response body /api/v1/tokens: post: - operationId: tokens_create + operationId: api_v1_tokens_create description: Obtain a token by providing valid credentials and an optional tenant ID. summary: Obtain a token @@ -14430,7 +15704,7 @@ paths: description: '' /api/v1/tokens/refresh: post: - operationId: tokens_refresh_create + operationId: api_v1_tokens_refresh_create description: Refresh an access token by providing a valid refresh token. Former refresh tokens are invalidated when a new one is issued. summary: Refresh a token @@ -14460,7 +15734,7 @@ paths: description: '' /api/v1/tokens/switch: post: - operationId: tokens_switch_create + operationId: api_v1_tokens_switch_create description: Switch tenant by providing a valid tenant ID. The authenticated user must belong to the tenant. summary: Switch tenant using a valid tenant ID @@ -14489,7 +15763,7 @@ paths: description: '' /api/v1/users: get: - operationId: users_list + operationId: api_v1_users_list description: Retrieve a list of all users with options for filtering by various criteria. summary: List all users @@ -14620,7 +15894,7 @@ paths: $ref: '#/components/schemas/PaginatedUserList' description: '' post: - operationId: users_create + operationId: api_v1_users_create description: Create a new user account by providing the necessary registration details. summary: Register a new user @@ -14657,7 +15931,7 @@ paths: description: '' /api/v1/users/{id}: get: - operationId: users_retrieve + operationId: api_v1_users_retrieve description: Fetch detailed information about an authenticated user. summary: Retrieve a user's information parameters: @@ -14708,7 +15982,7 @@ paths: $ref: '#/components/schemas/UserResponse' description: '' patch: - operationId: users_partial_update + operationId: api_v1_users_partial_update description: Partially update information about a user. summary: Update user information parameters: @@ -14743,7 +16017,7 @@ paths: $ref: '#/components/schemas/UserUpdateResponse' description: '' delete: - operationId: users_destroy + operationId: api_v1_users_destroy description: Remove the current user account from the system. summary: Delete the user account parameters: @@ -14763,7 +16037,7 @@ paths: description: No response body /api/v1/users/{id}/relationships/roles: post: - operationId: users_relationships_roles_create + operationId: api_v1_users_relationships_roles_create description: Add a new user-roles relationship to the system by providing the required user-roles details. summary: Create a new user-roles relationship @@ -14789,7 +16063,7 @@ paths: '400': description: Bad request (e.g., relationship already exists) patch: - operationId: users_relationships_roles_partial_update + operationId: api_v1_users_relationships_roles_partial_update description: Update the user-roles relationship information without affecting other fields. If the update would remove MANAGE_ACCOUNT from the last remaining user in the tenant, the API rejects the request with a 400 response. @@ -14814,7 +16088,7 @@ paths: '204': description: Relationship updated successfully delete: - operationId: users_relationships_roles_destroy + operationId: api_v1_users_relationships_roles_destroy description: Remove the user-roles relationship from the system by their ID. If removing MANAGE_ACCOUNT would take it away from the last remaining user in the tenant, the API rejects the request with a 400 response. Users also @@ -14830,7 +16104,7 @@ paths: description: Relationship deleted successfully /api/v1/users/{user_pk}/memberships: get: - operationId: users_memberships_list + operationId: api_v1_users_memberships_list description: Retrieve a list of all user memberships with options for filtering by various criteria. summary: List user memberships @@ -14943,7 +16217,7 @@ paths: description: '' /api/v1/users/{user_pk}/memberships/{id}: get: - operationId: users_memberships_retrieve + operationId: api_v1_users_memberships_retrieve description: Fetch detailed information about a specific user membership by their ID. summary: Retrieve membership data from the user @@ -14988,7 +16262,7 @@ paths: description: '' /api/v1/users/me: get: - operationId: users_me_retrieve + operationId: api_v1_users_me_retrieve description: Fetch detailed information about the authenticated user. summary: Retrieve the current user's information parameters: @@ -20271,18 +21545,22 @@ components: properties: okta_client_id: type: string - description: Client ID of the Okta API Services app used for OAuth 2.0 private-key JWT authentication. + description: Client ID of the Okta API Services app used for + OAuth 2.0 private-key JWT authentication. okta_private_key: type: string - description: PEM-encoded private key whose matching public key (JWK) is registered on the Okta service app. + description: PEM-encoded private key whose matching public + key (JWK) is registered on the Okta service app. okta_scopes: type: array items: type: string - description: OAuth scopes to request. Optional; defaults to the minimum set required to run the currently enabled Okta checks. + description: OAuth scopes to request. Optional; defaults to + the minimum set required to run the currently enabled Okta + checks. required: - - okta_client_id - - okta_private_key + - okta_client_id + - okta_private_key - type: object title: Vercel API Token properties: @@ -21314,7 +22592,7 @@ components: * `googleworkspace` - Google Workspace * `vercel` - Vercel * `okta` - Okta - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 uid: type: string title: Unique identifier for the provider, set by the provider @@ -21437,7 +22715,7 @@ components: - vercel - okta type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 description: |- Type of provider to create. @@ -21511,7 +22789,7 @@ components: - vercel - okta type: string - x-spec-enum-id: 91f917e0c3ab97e8 + x-spec-enum-id: 203afc16daac9b64 description: |- Type of provider to create. @@ -22385,18 +23663,21 @@ components: properties: okta_client_id: type: string - description: Client ID of the Okta API Services app used for OAuth 2.0 private-key JWT authentication. + description: Client ID of the Okta API Services app used for OAuth + 2.0 private-key JWT authentication. okta_private_key: type: string - description: PEM-encoded private key whose matching public key (JWK) is registered on the Okta service app. + description: PEM-encoded private key whose matching public key + (JWK) is registered on the Okta service app. okta_scopes: type: array items: type: string - description: OAuth scopes to request. Optional; defaults to the minimum set required to run the currently enabled Okta checks. + description: OAuth scopes to request. Optional; defaults to the + minimum set required to run the currently enabled Okta checks. required: - - okta_client_id - - okta_private_key + - okta_client_id + - okta_private_key - type: object title: Vercel API Token properties: @@ -22827,18 +24108,22 @@ components: properties: okta_client_id: type: string - description: Client ID of the Okta API Services app used for OAuth 2.0 private-key JWT authentication. + description: Client ID of the Okta API Services app used for + OAuth 2.0 private-key JWT authentication. okta_private_key: type: string - description: PEM-encoded private key whose matching public key (JWK) is registered on the Okta service app. + description: PEM-encoded private key whose matching public + key (JWK) is registered on the Okta service app. okta_scopes: type: array items: type: string - description: OAuth scopes to request. Optional; defaults to the minimum set required to run the currently enabled Okta checks. + description: OAuth scopes to request. Optional; defaults to + the minimum set required to run the currently enabled Okta + checks. required: - - okta_client_id - - okta_private_key + - okta_client_id + - okta_private_key - type: object title: Vercel API Token properties: @@ -23279,18 +24564,21 @@ components: properties: okta_client_id: type: string - description: Client ID of the Okta API Services app used for OAuth 2.0 private-key JWT authentication. + description: Client ID of the Okta API Services app used for OAuth + 2.0 private-key JWT authentication. okta_private_key: type: string - description: PEM-encoded private key whose matching public key (JWK) is registered on the Okta service app. + description: PEM-encoded private key whose matching public key + (JWK) is registered on the Okta service app. okta_scopes: type: array items: type: string - description: OAuth scopes to request. Optional; defaults to the minimum set required to run the currently enabled Okta checks. + description: OAuth scopes to request. Optional; defaults to the + minimum set required to run the currently enabled Okta checks. required: - - okta_client_id - - okta_private_key + - okta_client_id + - okta_private_key - type: object title: Vercel API Token properties: diff --git a/api/src/backend/api/tests/test_views.py b/api/src/backend/api/tests/test_views.py index d0f2f3f7c3..392d859698 100644 --- a/api/src/backend/api/tests/test_views.py +++ b/api/src/backend/api/tests/test_views.py @@ -57,6 +57,7 @@ from api.models import ( UserRoleRelationship, ) from api.rls import Tenant +from api.uuid_utils import datetime_to_uuid7 from api.v1.serializers import TokenSerializer from api.v1.views import ComplianceOverviewViewSet, TenantFinishACSView from botocore.exceptions import ClientError, NoCredentialsError @@ -7218,6 +7219,26 @@ class TestFindingViewSet: assert response.status_code == status.HTTP_400_BAD_REQUEST assert response.json()["errors"][0]["code"] == "invalid" + def test_findings_updated_at_range_too_large_with_inserted_at_filter( + self, authenticated_client + ): + response = authenticated_client.get( + reverse("finding-list"), + { + "filter[inserted_at]": TODAY, + "filter[updated_at.gte]": today_after_n_days( + -(settings.FINDINGS_MAX_DAYS_IN_RANGE + 1) + ), + "filter[updated_at.lte]": TODAY, + }, + ) + + assert response.status_code == status.HTTP_400_BAD_REQUEST + assert response.json()["errors"][0]["code"] == "invalid" + assert response.json()["errors"][0]["source"]["pointer"] == ( + "/data/attributes/updated_at" + ) + def test_findings_list(self, authenticated_client, findings_fixture): response = authenticated_client.get( reverse("finding-list"), {"filter[inserted_at]": TODAY} @@ -7229,6 +7250,170 @@ class TestFindingViewSet: == findings_fixture[0].status ) + def test_findings_list_inserted_at_accepts_timestamp_precision_filters( + self, authenticated_client, scans_fixture + ): + scan, *_ = scans_fixture + + def create_finding(uid, inserted_at): + finding = Finding.objects.create( + id=datetime_to_uuid7(inserted_at), + tenant_id=scan.tenant_id, + uid=uid, + scan=scan, + status=Status.FAIL, + status_extended="timestamp precision status", + impact=Severity.medium, + severity=Severity.medium, + check_id="timestamp_precision_check", + check_metadata={ + "CheckId": "timestamp_precision_check", + "Description": "timestamp precision check", + "servicename": "ec2", + }, + first_seen_at=inserted_at, + ) + Finding.all_objects.filter(pk=finding.pk).update( + inserted_at=inserted_at, + updated_at=inserted_at, + ) + finding.refresh_from_db() + return finding + + create_finding( + "timestamp_precision_early", + datetime(2026, 1, 15, 10, 30, 0, 100000, tzinfo=UTC), + ) + late_finding = create_finding( + "timestamp_precision_late", + datetime(2026, 1, 15, 10, 30, 0, 200000, tzinfo=UTC), + ) + + response = authenticated_client.get( + reverse("finding-list"), + { + "filter[inserted_at.gte]": "2026-01-15T10:30:00.150Z", + "filter[inserted_at.lte]": "2026-01-15T10:30:00.250Z", + }, + ) + + assert response.status_code == status.HTTP_200_OK + returned_uids = { + finding["attributes"]["uid"] for finding in response.json()["data"] + } + assert returned_uids == {late_finding.uid} + + response = authenticated_client.get( + reverse("finding-list"), + {"filter[inserted_at]": "2026-01-15T10:30:00.200Z"}, + ) + + assert response.status_code == status.HTTP_200_OK + returned_uids = { + finding["attributes"]["uid"] for finding in response.json()["data"] + } + assert returned_uids == {late_finding.uid} + + def test_findings_list_updated_at_accepts_timestamp_precision_filters( + self, authenticated_client, findings_fixture + ): + early_finding, late_finding, *_ = findings_fixture + early_updated_at = datetime(2026, 1, 15, 10, 30, 0, 100000, tzinfo=UTC) + late_updated_at = datetime(2026, 1, 15, 10, 30, 0, 200000, tzinfo=UTC) + Finding.all_objects.filter(pk=early_finding.pk).update( + updated_at=early_updated_at + ) + Finding.all_objects.filter(pk=late_finding.pk).update( + updated_at=late_updated_at + ) + + response = authenticated_client.get( + reverse("finding-list"), + { + "filter[updated_at.gte]": "2026-01-15T10:30:00.150Z", + "filter[updated_at.lte]": "2026-01-15T10:30:00.250Z", + }, + ) + + assert response.status_code == status.HTTP_200_OK + returned_uids = { + finding["attributes"]["uid"] for finding in response.json()["data"] + } + assert returned_uids == {late_finding.uid} + + response = authenticated_client.get( + reverse("finding-list"), + {"filter[updated_at]": "2026-01-15T10:30:00.200Z"}, + ) + + assert response.status_code == status.HTTP_200_OK + returned_uids = { + finding["attributes"]["uid"] for finding in response.json()["data"] + } + assert returned_uids == {late_finding.uid} + + def test_findings_list_inserted_at_and_updated_at_filters_are_combined( + self, authenticated_client, scans_fixture + ): + scan, *_ = scans_fixture + + def create_finding(uid, inserted_at, updated_at): + finding = Finding.objects.create( + id=datetime_to_uuid7(inserted_at), + tenant_id=scan.tenant_id, + uid=uid, + scan=scan, + status=Status.FAIL, + status_extended="timestamp precision status", + impact=Severity.medium, + severity=Severity.medium, + check_id="timestamp_precision_check", + check_metadata={ + "CheckId": "timestamp_precision_check", + "Description": "timestamp precision check", + "servicename": "ec2", + }, + first_seen_at=inserted_at, + ) + Finding.all_objects.filter(pk=finding.pk).update( + inserted_at=inserted_at, + updated_at=updated_at, + ) + finding.refresh_from_db() + return finding + + matching_finding = create_finding( + "timestamp_precision_combined_match", + datetime(2026, 1, 15, 10, 30, 0, 200000, tzinfo=UTC), + datetime(2026, 1, 15, 11, 30, 0, 200000, tzinfo=UTC), + ) + create_finding( + "timestamp_precision_combined_inserted_only", + datetime(2026, 1, 15, 10, 30, 0, 200000, tzinfo=UTC), + datetime(2026, 1, 15, 12, 30, 0, 200000, tzinfo=UTC), + ) + create_finding( + "timestamp_precision_combined_updated_only", + datetime(2026, 1, 15, 9, 30, 0, 200000, tzinfo=UTC), + datetime(2026, 1, 15, 11, 30, 0, 200000, tzinfo=UTC), + ) + + response = authenticated_client.get( + reverse("finding-list"), + { + "filter[inserted_at.gte]": "2026-01-15T10:30:00.150Z", + "filter[inserted_at.lte]": "2026-01-15T10:30:00.250Z", + "filter[updated_at.gte]": "2026-01-15T11:30:00.150Z", + "filter[updated_at.lte]": "2026-01-15T11:30:00.250Z", + }, + ) + + assert response.status_code == status.HTTP_200_OK + returned_uids = { + finding["attributes"]["uid"] for finding in response.json()["data"] + } + assert returned_uids == {matching_finding.uid} + def test_findings_list_resource_tags_no_n_plus_one( self, authenticated_client, findings_fixture ): @@ -7694,6 +7879,23 @@ class TestFindingViewSet: ] } + @pytest.mark.parametrize( + "filter_name", + ["inserted_at", "inserted_at.gte", "inserted_at.lte"], + ) + def test_findings_metadata_rejects_timestamp_precision_filters( + self, authenticated_client, filter_name + ): + response = authenticated_client.get( + reverse("finding-metadata"), + {f"filter[{filter_name}]": "2048-01-01T10:30:00Z"}, + ) + + assert response.status_code == status.HTTP_400_BAD_REQUEST + error = response.json()["errors"][0] + assert error["detail"] == "Enter a valid date." + assert error["code"] == "invalid" + def test_findings_metadata_backfill( self, authenticated_client, scans_fixture, findings_fixture ): diff --git a/api/src/backend/api/v1/views.py b/api/src/backend/api/v1/views.py index b488525a0a..d5eab3f704 100644 --- a/api/src/backend/api/v1/views.py +++ b/api/src/backend/api/v1/views.py @@ -50,6 +50,7 @@ from api.filters import ( FindingGroupAggregatedComputedFilter, FindingGroupFilter, FindingGroupSummaryFilter, + FindingMetadataFilter, IntegrationFilter, IntegrationJiraFindingsFilter, InvitationFilter, @@ -3833,6 +3834,8 @@ class FindingViewSet(PaginateByPkMixin, BaseRLSViewSet): def get_filterset_class(self): if self.action in ["latest", "metadata_latest"]: return LatestFindingFilter + if self.action == "metadata": + return FindingMetadataFilter return FindingFilter def get_queryset(self):