Ignoring, Unignoring, Repairing, or Verifying the Failed Configuration Check Items

Function

Ignore, unignore, repair, or verify the failed configuration check items.

URI

PUT /v5/{project_id}/baseline/check-rule/action

Table 1 Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Project ID.

Table 2 Query Parameters
Parameter	Mandatory	Type	Description
enterprise_project_id	No	String	Enterprise project ID. To query all enterprise projects, set this parameter to all_granted_eps.
host_id	No	String	Server ID. If this parameter is not specified, all the servers of the user are queried.
action	Yes	String	Action. ignore unignore fix verify

Request Parameters

Table 3 Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	User token. It can be obtained by calling an IAM API. The value of X-Subject-Token in the response header is the user token.

Table 4 Request body parameters
Parameter	Mandatory	Type	Description
check_rules	No	Array of CheckRuleKeyInfoRequestInfo objects	Check item ID list

Table 5 CheckRuleKeyInfoRequestInfo
Parameter	Mandatory	Type	Description
check_name	No	String	Name of the configuration check (baseline), for example, SSH, CentOS 7, and Windows.
check_rule_id	No	String	Check item ID, which can be obtained from the return data of this API: /v5/{project_id}/baseline/risk-config/{check_name}/check-rules
standard	No	String	Baseline standards. The options are as follows: cn_standard: DJCP MLPS compliance standard hw_standard: Cloud security practice standard
fix_values	No	Array of CheckRuleFixValuesInfo objects	User-entered repair parameters of check items

Table 6 CheckRuleFixValuesInfo
Parameter	Mandatory	Type	Description
rule_param_id	No	Integer	Parameter ID of the check item
fix_value	No	Integer	Parameter value of the check item

Response Parameters

None

Example Requests

This API is used to ignore the configuration check items whose baseline name is SSH, check item ID is 1.11, check standard is cloud security practice standard, and enterprise project ID is xxx. This operation applies to all affected servers.
```
PUT https://{endpoint}/v5/{project_id}/baseline/check-rule/action?enterprise_project_id=xxx&action=ignore

{
  "check_rules" : [ {
    "check_name" : "SSH",
    "check_rule_id" : "1.11",
    "standard" : "hw_standard"
  } ]
}
```

This API is used to restore the configuration check items whose baseline name is SSH, check item ID is 1.11, check standard is cloud security practice standard, and enterprise project ID is xxx. This operation applies only to the server whose ID is xxx. The restoration parameters are as follows: Set the value of the repair item whose ID is 1 to 5 and the value of the repair item whose ID is 2 to 20.

PUT https://{endpoint}/v5/{project_id}/baseline/check-rule/action?enterprise_project_id=xxx&host_id=xxx&action=fix

{
  "check_rules" : [ {
    "check_name" : "SSH",
    "check_rule_id" : "1.11",
    "standard" : "hw_standard",
    "fix_values" : [ {
      "rule_param_id" : 1,
      "fix_value" : 5
    }, {
      "rule_param_id" : 2,
      "fix_value" : 20
    } ]
  } ]
}

Example Responses

None

Status Codes

Status Code	Description
200	Request succeeded.

Error Codes

See Error Codes.

Parent topic: Baseline Management

Предыдущая статья

Querying the Report of a Check Item in a Security Configuration Check

Следующая статья

Container Management

Была ли эта статья полезна?

Поддержка Юридические документы