Introduction
Vulnerability Advisor checks the security status of container images that are provided by IBM, third parties, or added to your organization's registry namespace.
Vulnerability Advisor 4 introduces a different back-end scanning technology to Vulnerability Advisor 3, and includes some minor changes to the API.
For more information about Vulnerability Advisor, see Managing image security with Vulnerability Advisor.
For more information about IBM Cloud® Container Registry, see About IBM Cloud Container Registry.
For more information about IBM Cloud Kubernetes Service, see Getting started with IBM Cloud Kubernetes Service.
SDKs
SDKs for Java, Node, Python, and Go are available for this API. The client libraries that are provided by the SDKs implement best practices for using the API and reduce the amount of code that you need to write. The tab for each language includes code examples that demonstrate how to use the client libraries.
The code examples on this tab use the client library that is provided for Node.js.
npm install @ibm-cloud/ibm-container-registry
GitHub
The code examples on this tab use the client library that is provided for Go.
go get -u github.com/IBM/container-registry-go-sdk
GitHub
The code examples on this tab use the client library that is provided for Python.
pip install --upgrade "ibm-container-registry"
GitHub
The code examples on this tab use the client library that is provided for Java.
Gradle
compile group: 'com.ibm.cloud', name: 'vulnerability-advisor', version: '1.+'
Maven
GitHub
Endpoint URL
The endpoint for the Vulnerability Advisor for IBM Cloud Container Registry API is in the format: https://<registry_dns_name>/va/api/v4 For example, the API endpoint for Dallas is: https://us.icr.io/va/api/v4 To find out about the available IBM Cloud Container Registry DNS names, see Regions.
Authentication
Access to IBM Cloud Container Registry and Vulnerability Advisor is controlled by using IBM Cloud Identity and Access Management (IAM), which provides a unified approach to managing user identities and access control across your IBM Cloud services and applications.
This API requires IBM Cloud Identity and Access Management (IAM) authentication. You must pass an IAM token in the Authorization header of the request. You can retrieve your IAM access token, which is prefixed with Bearer, by running the ibmcloud iam oauth-tokens command. You must also set the Account header to the unique ID for your IBM Cloud account. You can retrieve your Account ID by running the ibmcloud account show command.
To call each method, you must be assigned a role that includes the required IAM actions. Each method lists the associated action. For more information about IAM actions and how they map to roles, see Managing access for IBM Cloud Container Registry.
Auditing
You can monitor API activity within your account by using the IBM Cloud Activity Tracker Event Routing service. Whenever an API method is called, an event is generated that you can then track and audit from within IBM Cloud Activity Tracker Event Routing. The specific event type is listed for each individual method. For more information about how to track IBM Cloud Container Registry activity, see Activity tracking events for Container Registry.
For more information about IAM actions and IBM Cloud Activity Tracker Event Routing actions by API method, see IAM and activity tracker auditing event actions by API method for Container Registry.
Error handling
The Vulnerabiliy Advisor service uses standard HTTP response codes to indicate whether a method completed successfully.
- A
200response always indicates success. - A
400type response indicates a bad request that you must change before retrying. - A
500type response usually indicates an internal system error.
Vulnerability report status codes
The following table shows the vulnerability report status codes.
| Code | Description |
|---|---|
OK |
No security issues were found in the image. |
FAIL |
The scan found one or more potential security issues or vulnerabilities in the image that are outside the scope of all exemptions. |
WARN |
The scan found one or more potential security issues or vulnerabilities in the image. However all of the issues are within the scope of one or more exemptions. |
UNSUPPORTED |
The scan found no supported operating system (OS) distribution and no active configuration issues in the image. |
INCOMPLETE |
The image is being scanned and the final vulnerability status is not determined. |
UNSCANNED |
A vulnerability assessment for the image could not be found. |
Methods
Get the vulnerability assessment for all images
Get the vulnerability assessment for the list of registry images that belong to a specific account.
Get the vulnerability assessment for the list of registry images that belong to a specific account.
Get the vulnerability assessment for the list of registry images that belong to a specific account.
Get the vulnerability assessment for the list of registry images that belong to a specific account.
Get the vulnerability assessment for the list of registry images that belong to a specific account.
GET /va/api/v4/report/account
(vulnerabilityAdvisor *VulnerabilityAdvisorV4) AccountReportQueryPath(accountReportQueryPathOptions *AccountReportQueryPathOptions) (result *ScanReportList, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV4) AccountReportQueryPathWithContext(ctx context.Context, accountReportQueryPathOptions *AccountReportQueryPathOptions) (result *ScanReportList, response *core.DetailedResponse, err error)
accountReportQueryPath(params)
account_report_query_path(
self,
*,
repository: str = None,
include_ibm: str = None,
include_private: str = None,
**kwargs,
) -> DetailedResponseServiceCall<ScanReportList> accountReportQueryPath(AccountReportQueryPathOptions accountReportQueryPathOptions)Request
Instantiate the AccountReportQueryPathOptions struct and set the fields to provide parameter values for the AccountReportQueryPath method.
Use the AccountReportQueryPathOptions.Builder to create a AccountReportQueryPathOptions object that contains the parameter values for the accountReportQueryPath method.
Custom Headers
The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.
The preferred language code for this request.
Query Parameters
The name of the repository that you want to see image vulnerability assessments for. For example, us.icr.io/namespace/image.
When set to true, the returned list contains IBM public images and the account images. If not set, or set to false, the list contains only the account images.
When set to false, the returned list does not contain the private account images. If not set, or set to true, the list contains the private account images.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The AccountReportQueryPath options.
The name of the repository that you want to see image vulnerability assessments for. For example, us.icr.io/namespace/image.
When set to true, the returned list contains IBM public images and the account images. If not set, or set to false, the list contains only the account images.
When set to false, the returned list does not contain the private account images. If not set, or set to true, the list contains the private account images.
parameters
The name of the repository that you want to see image vulnerability assessments for. For example, us.icr.io/namespace/image.
When set to true, the returned list contains IBM public images and the account images. If not set, or set to false, the list contains only the account images.
When set to false, the returned list does not contain the private account images. If not set, or set to true, the list contains the private account images.
parameters
The name of the repository that you want to see image vulnerability assessments for. For example, us.icr.io/namespace/image.
When set to true, the returned list contains IBM public images and the account images. If not set, or set to false, the list contains only the account images.
When set to false, the returned list does not contain the private account images. If not set, or set to true, the list contains the private account images.
The accountReportQueryPath options.
The name of the repository that you want to see image vulnerability assessments for. For example, us.icr.io/namespace/image.
When set to true, the returned list contains IBM public images and the account images. If not set, or set to false, the list contains only the account images.
When set to false, the returned list does not contain the private account images. If not set, or set to true, the list contains the private account images.
accountReportQueryPathOptions := vulnerabilityAdvisorService.NewAccountReportQueryPathOptions() accountReportQueryPathOptions.IncludePrivate = core.StringPtr("true") scanReportList, response, err := vulnerabilityAdvisorService.AccountReportQueryPath(accountReportQueryPathOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(scanReportList, "", " ") fmt.Println(string(b))
let res; try { res = await vulnerabilityAdvisorService.accountReportQueryPath({}); console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
response = vulnerability_advisor_service.account_report_query_path() scan_report_list = response.get_result() print(json.dumps(scan_report_list, indent=2))
AccountReportQueryPathOptions accountReportQueryPathOptions = new AccountReportQueryPathOptions.Builder() .build(); Response<ScanReportList> response = vulnerabilityAdvisorService.accountReportQueryPath(accountReportQueryPathOptions).execute(); ScanReportList scanReportList = response.getResult(); System.out.println(scanReportList);
curl -X 'GET' 'https://icr.io/va/api/v4/report/account' -H 'Authorization: Bearer <bearer_token>' -H 'accept: application/json' -H 'Account: <account_ID>'
Response
A dictionary of image names as key and report.Report object as value
- assessments
A dictionary of image names as key and report.Report object as value.
- Assessments
Not supported, will always be empty.
- ConfigurationIssues
Not supported.
Not supported.
Not supported.
Not supported.
Not supported.
The unique ID of the report.
The primary operating system distribution identified in the container image.
- OsDistribution
Primary operating system distribution.
Examples:debian
Primary operating system version.
Examples:11Primary operating system version code name.
Examples:bullseye
The last time that the vulnerability data source was checked for vulnerabilities as a UNIX timestamp.
Overall vulnerability assessment status: OK, WARN, FAIL, UNSUPPORTED, INCOMPLETE, UNSCANNED. For more information about these status codes, see https://cloud.ibm.com/apidocs/vulnerability-advisor#vulnerability-report-status-codes.
Vulnerabilities found in the container image at the scan time.
- Vulnerabilities
True if this CVE has been exempted by user policy, and false otherwise.
The ID for this CVE.
Number of security notices that contain fixes for this CVE and are exempted by user policy.
'exempt' if this CVE is exempt or all security notices for this CVE are exempt. 'partial' if this CVE is not exempt but a subset of security notices for this CVE are exempt. 'active' if this CVE is not exempt and no security notices for this CVE are exempt.
Number of security notices that contain fixes for this CVE and are not exempted by user policy.
Security notices that contain fixes for this CVE.
- SecurityNotices
Further information about this security notice.
True if this security notice has been exempted by user policy, and false otherwise.
The ID for this security notice.
Summary of information about the security vulnerabilities fixed by this security notice.
Package updates that contain fixes for this vulnerability.
- VulnerablePackages
Advice on how to solve this vulnerability.
Description of the vulnerability.
The version of this package that contains the fix for this vulnerability.
The version of this package that was found installed at scan time.
The name of the package.
The summary of the security vulnerability for this CVE.
Total number of security notices that contain fixes for this CVE.
A dictionary of image names as key and report.Report object as value.
- assessments
Not supported, will always be empty.
- configuration_issues
Not supported.
Not supported.
Not supported.
Not supported.
Not supported.
The unique ID of the report.
The primary operating system distribution identified in the container image.
- os_distribution
Primary operating system distribution.
Examples:debian
Primary operating system version.
Examples:11Primary operating system version code name.
Examples:bullseye
The last time that the vulnerability data source was checked for vulnerabilities as a UNIX timestamp.
Overall vulnerability assessment status: OK, WARN, FAIL, UNSUPPORTED, INCOMPLETE, UNSCANNED. For more information about these status codes, see https://cloud.ibm.com/apidocs/vulnerability-advisor#vulnerability-report-status-codes.
Vulnerabilities found in the container image at the scan time.
- vulnerabilities
True if this CVE has been exempted by user policy, and false otherwise.
The ID for this CVE.
Number of security notices that contain fixes for this CVE and are exempted by user policy.
'exempt' if this CVE is exempt or all security notices for this CVE are exempt. 'partial' if this CVE is not exempt but a subset of security notices for this CVE are exempt. 'active' if this CVE is not exempt and no security notices for this CVE are exempt.
Number of security notices that contain fixes for this CVE and are not exempted by user policy.
Security notices that contain fixes for this CVE.
- security_notices
Further information about this security notice.
True if this security notice has been exempted by user policy, and false otherwise.
The ID for this security notice.
Summary of information about the security vulnerabilities fixed by this security notice.
Package updates that contain fixes for this vulnerability.
- vulnerable_packages
Advice on how to solve this vulnerability.
Description of the vulnerability.
The version of this package that contains the fix for this vulnerability.
The version of this package that was found installed at scan time.
The name of the package.
The summary of the security vulnerability for this CVE.
Total number of security notices that contain fixes for this CVE.
A dictionary of image names as key and report.Report object as value.
- assessments
Not supported, will always be empty.
- configuration_issues
Not supported.
Not supported.
Not supported.
Not supported.
Not supported.
The unique ID of the report.
The primary operating system distribution identified in the container image.
- os_distribution
Primary operating system distribution.
Examples:debian
Primary operating system version.
Examples:11Primary operating system version code name.
Examples:bullseye
The last time that the vulnerability data source was checked for vulnerabilities as a UNIX timestamp.
Overall vulnerability assessment status: OK, WARN, FAIL, UNSUPPORTED, INCOMPLETE, UNSCANNED. For more information about these status codes, see https://cloud.ibm.com/apidocs/vulnerability-advisor#vulnerability-report-status-codes.
Vulnerabilities found in the container image at the scan time.
- vulnerabilities
True if this CVE has been exempted by user policy, and false otherwise.
The ID for this CVE.
Number of security notices that contain fixes for this CVE and are exempted by user policy.
'exempt' if this CVE is exempt or all security notices for this CVE are exempt. 'partial' if this CVE is not exempt but a subset of security notices for this CVE are exempt. 'active' if this CVE is not exempt and no security notices for this CVE are exempt.
Number of security notices that contain fixes for this CVE and are not exempted by user policy.
Security notices that contain fixes for this CVE.
- security_notices
Further information about this security notice.
True if this security notice has been exempted by user policy, and false otherwise.
The ID for this security notice.
Summary of information about the security vulnerabilities fixed by this security notice.
Package updates that contain fixes for this vulnerability.
- vulnerable_packages
Advice on how to solve this vulnerability.
Description of the vulnerability.
The version of this package that contains the fix for this vulnerability.
The version of this package that was found installed at scan time.
The name of the package.
The summary of the security vulnerability for this CVE.
Total number of security notices that contain fixes for this CVE.
A dictionary of image names as key and report.Report object as value.
- assessments
Not supported, will always be empty.
- configurationIssues
Not supported.
Not supported.
Not supported.
Not supported.
Not supported.
The unique ID of the report.
The primary operating system distribution identified in the container image.
- osDistribution
Primary operating system distribution.
Examples:debian
Primary operating system version.
Examples:11Primary operating system version code name.
Examples:bullseye
The last time that the vulnerability data source was checked for vulnerabilities as a UNIX timestamp.
Overall vulnerability assessment status: OK, WARN, FAIL, UNSUPPORTED, INCOMPLETE, UNSCANNED. For more information about these status codes, see https://cloud.ibm.com/apidocs/vulnerability-advisor#vulnerability-report-status-codes.
Vulnerabilities found in the container image at the scan time.
- vulnerabilities
True if this CVE has been exempted by user policy, and false otherwise.
The ID for this CVE.
Number of security notices that contain fixes for this CVE and are exempted by user policy.
'exempt' if this CVE is exempt or all security notices for this CVE are exempt. 'partial' if this CVE is not exempt but a subset of security notices for this CVE are exempt. 'active' if this CVE is not exempt and no security notices for this CVE are exempt.
Number of security notices that contain fixes for this CVE and are not exempted by user policy.
Security notices that contain fixes for this CVE.
- securityNotices
Further information about this security notice.
True if this security notice has been exempted by user policy, and false otherwise.
The ID for this security notice.
Summary of information about the security vulnerabilities fixed by this security notice.
Package updates that contain fixes for this vulnerability.
- vulnerablePackages
Advice on how to solve this vulnerability.
Description of the vulnerability.
The version of this package that contains the fix for this vulnerability.
The version of this package that was found installed at scan time.
The name of the package.
The summary of the security vulnerability for this CVE.
Total number of security notices that contain fixes for this CVE.
Status Code
The returned list might contain unscanned results for images in your account that haven't yet been scanned. Try again later. If this issue persists, contact support for help; see https://cloud.ibm.com/docs/get-support?topic=get-support-using-avatar
A required header is missing. Add the header to the request and try again.
You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.
You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.
An internal server error occurred
This service is unavailable at the moment. Try again later.
Unable to authenticate with IBM Cloud. Try again later.
{ "assessments": { "us.icr.io/birds/grebe:crested": { "id": "12345678-130f-423f-a521-16f787651234", "scan_time": 1594050648, "status": "UNSUPPORTED", "vulnerabilities": [], "configuration_issues": [], "os_distribution": { "distribution_id": "unknown" } }, "us.icr.io/birds/woodpecker:green": { "id": "12345678-130f-423f-a521-16f787654321", "scan_time": 1594148866, "status": "WARN", "vulnerabilities": [ { "cve_id": "CVE-2019-99999", "summary": "This is a CVE.", "cve_exempt": true, "exempt_status": "exempt", "security_notice_count": 1, "exempt_security_notice_count": 0, "total_security_notice_count": 1, "security_notices": [ { "notice_id": "ALPINE-CVE-2019-99999", "notice": "", "references": [ "" ], "notice_exempt": false, "summary": "This is a summary.", "vulnerable_packages": [ { "description": "Description of vulnerability to package", "corrective_action": "Upgrade the offending package", "fix_version": "0.0.1", "installed_version": "0.0.0", "package_name": "package" } ] } ] } ], "configuration_issues": [], "os_distribution": { "distribution_id": "alpine" } } } }{ "assessments": { "us.icr.io/birds/grebe:crested": { "id": "12345678-130f-423f-a521-16f787651234", "scan_time": 1594050648, "status": "UNSUPPORTED", "vulnerabilities": [], "configuration_issues": [], "os_distribution": { "distribution_id": "unknown" } }, "us.icr.io/birds/woodpecker:green": { "id": "12345678-130f-423f-a521-16f787654321", "scan_time": 1594148866, "status": "WARN", "vulnerabilities": [ { "cve_id": "CVE-2019-99999", "summary": "This is a CVE.", "cve_exempt": true, "exempt_status": "exempt", "security_notice_count": 1, "exempt_security_notice_count": 0, "total_security_notice_count": 1, "security_notices": [ { "notice_id": "ALPINE-CVE-2019-99999", "notice": "", "references": [ "" ], "notice_exempt": false, "summary": "This is a summary.", "vulnerable_packages": [ { "description": "Description of vulnerability to package", "corrective_action": "Upgrade the offending package", "fix_version": "0.0.1", "installed_version": "0.0.0", "package_name": "package" } ] } ] } ], "configuration_issues": [], "os_distribution": { "distribution_id": "alpine" } } } }
Get vulnerability assessment status for all images
Get the vulnerability assessment status for the list of registry images that belong to a specific account.
Get the vulnerability assessment status for the list of registry images that belong to a specific account.
Get the vulnerability assessment status for the list of registry images that belong to a specific account.
Get the vulnerability assessment status for the list of registry images that belong to a specific account.
Get the vulnerability assessment status for the list of registry images that belong to a specific account.
GET /va/api/v4/report/account/status
(vulnerabilityAdvisor *VulnerabilityAdvisorV4) AccountStatusQueryPath(accountStatusQueryPathOptions *AccountStatusQueryPathOptions) (result *ScanreportImageSummaryList, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV4) AccountStatusQueryPathWithContext(ctx context.Context, accountStatusQueryPathOptions *AccountStatusQueryPathOptions) (result *ScanreportImageSummaryList, response *core.DetailedResponse, err error)
accountStatusQueryPath(params)
account_status_query_path(
self,
*,
repository: str = None,
include_ibm: str = None,
include_private: str = None,
**kwargs,
) -> DetailedResponseServiceCall<ScanreportImageSummaryList> accountStatusQueryPath(AccountStatusQueryPathOptions accountStatusQueryPathOptions)Request
Instantiate the AccountStatusQueryPathOptions struct and set the fields to provide parameter values for the AccountStatusQueryPath method.
Use the AccountStatusQueryPathOptions.Builder to create a AccountStatusQueryPathOptions object that contains the parameter values for the accountStatusQueryPath method.
Custom Headers
The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.
The preferred language code for this request.
Query Parameters
The name of the repository that you want to see image vulnerability assessments for. For example, us.icr.io/namespace/image.
When set to true, the returned list contains IBM public images and the account images. If not set, or set to false, the list contains only the account images.
When set to false, the returned list does not contain the private account images. If not set, or set to true, the list contains the private account images.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The AccountStatusQueryPath options.
The name of the repository that you want to see image vulnerability assessments for. For example, us.icr.io/namespace/image.
When set to true, the returned list contains IBM public images and the account images. If not set, or set to false, the list contains only the account images.
When set to false, the returned list does not contain the private account images. If not set, or set to true, the list contains the private account images.
parameters
The name of the repository that you want to see image vulnerability assessments for. For example, us.icr.io/namespace/image.
When set to true, the returned list contains IBM public images and the account images. If not set, or set to false, the list contains only the account images.
When set to false, the returned list does not contain the private account images. If not set, or set to true, the list contains the private account images.
parameters
The name of the repository that you want to see image vulnerability assessments for. For example, us.icr.io/namespace/image.
When set to true, the returned list contains IBM public images and the account images. If not set, or set to false, the list contains only the account images.
When set to false, the returned list does not contain the private account images. If not set, or set to true, the list contains the private account images.
The accountStatusQueryPath options.
The name of the repository that you want to see image vulnerability assessments for. For example, us.icr.io/namespace/image.
When set to true, the returned list contains IBM public images and the account images. If not set, or set to false, the list contains only the account images.
When set to false, the returned list does not contain the private account images. If not set, or set to true, the list contains the private account images.
accountStatusQueryPathOptions := vulnerabilityAdvisorService.NewAccountStatusQueryPathOptions() scanreportImageSummaryList, response, err := vulnerabilityAdvisorService.AccountStatusQueryPath(accountStatusQueryPathOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(scanreportImageSummaryList, "", " ") fmt.Println(string(b))
let res; try { res = await vulnerabilityAdvisorService.accountStatusQueryPath({}); console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
response = vulnerability_advisor_service.account_status_query_path() scanreport_image_summary_list = response.get_result() print(json.dumps(scanreport_image_summary_list, indent=2))
AccountStatusQueryPathOptions accountStatusQueryPathOptions = new AccountStatusQueryPathOptions.Builder() .build(); Response<ScanreportImageSummaryList> response = vulnerabilityAdvisorService.accountStatusQueryPath(accountStatusQueryPathOptions).execute(); ScanreportImageSummaryList scanreportImageSummaryList = response.getResult(); System.out.println(scanreportImageSummaryList);
curl -X 'GET' 'https://icr.io/va/api/v4/report/account/status' -H 'Authorization: Bearer <bearer_token>' -H 'accept: application/json' -H 'Account: <account_ID>'
Response
List of image summaries.
List of image summaries.
- Images
Not supported, this will always be zero.
The image creation time as a UNIX timestamp.
Not supported, this will always be zero.
The number of exempt issues found.
The number of exempt vulnerability issues found.
The number of issues found.
Full docker image name including tag e.g. us.icr.io/namespace/repository:tag.
The last time that the vulnerability data source was checked for vulnerabilities as a UNIX timestamp.
Overall vulnerability assessment status: OK, WARN, FAIL, UNSUPPORTED, INCOMPLETE, UNSCANNED. For more information about these status codes, see https://cloud.ibm.com/apidocs/vulnerability-advisor#vulnerability-report-status-codes.
The number of vulnerability issues found.
List of image summaries.
- images
Not supported, this will always be zero.
The image creation time as a UNIX timestamp.
Not supported, this will always be zero.
The number of exempt issues found.
The number of exempt vulnerability issues found.
The number of issues found.
Full docker image name including tag e.g. us.icr.io/namespace/repository:tag.
The last time that the vulnerability data source was checked for vulnerabilities as a UNIX timestamp.
Overall vulnerability assessment status: OK, WARN, FAIL, UNSUPPORTED, INCOMPLETE, UNSCANNED. For more information about these status codes, see https://cloud.ibm.com/apidocs/vulnerability-advisor#vulnerability-report-status-codes.
The number of vulnerability issues found.
List of image summaries.
- images
Not supported, this will always be zero.
The image creation time as a UNIX timestamp.
Not supported, this will always be zero.
The number of exempt issues found.
The number of exempt vulnerability issues found.
The number of issues found.
Full docker image name including tag e.g. us.icr.io/namespace/repository:tag.
The last time that the vulnerability data source was checked for vulnerabilities as a UNIX timestamp.
Overall vulnerability assessment status: OK, WARN, FAIL, UNSUPPORTED, INCOMPLETE, UNSCANNED. For more information about these status codes, see https://cloud.ibm.com/apidocs/vulnerability-advisor#vulnerability-report-status-codes.
The number of vulnerability issues found.
List of image summaries.
- images
Not supported, this will always be zero.
The image creation time as a UNIX timestamp.
Not supported, this will always be zero.
The number of exempt issues found.
The number of exempt vulnerability issues found.
The number of issues found.
Full docker image name including tag e.g. us.icr.io/namespace/repository:tag.
The last time that the vulnerability data source was checked for vulnerabilities as a UNIX timestamp.
Overall vulnerability assessment status: OK, WARN, FAIL, UNSUPPORTED, INCOMPLETE, UNSCANNED. For more information about these status codes, see https://cloud.ibm.com/apidocs/vulnerability-advisor#vulnerability-report-status-codes.
The number of vulnerability issues found.
Status Code
The returned list might contain unscanned results for images in your account that haven't yet been scanned. Try again later. If this issue persists, contact support for help; see https://cloud.ibm.com/docs/get-support?topic=get-support-using-avatar
A required header is missing. Add the header to the request and try again.
You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.
You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.
An internal server error occurred
This service is unavailable at the moment. Try again later.
Unable to authenticate with IBM Cloud. Try again later.
{ "images": [ { "name": "us.icr.io/birds/woodpecker:green", "created_time": 1515532258, "status": "FAIL", "scan_time": 1594031816, "issue_count": 2, "exempt_issue_count": 1, "vulnerability_count": 2, "exempt_vulnerability_count": 1, "configuration_issue_count": 0, "exempt_configuration_issue_count": 0 }, { "name": "us.icr.io/birds/grebe:crested", "created_time": 1546305670, "status": "UNSUPPORTED", "scan_time": 1594389126, "issue_count": 0, "exempt_issue_count": 0, "vulnerability_count": 0, "exempt_vulnerability_count": 0, "configuration_issue_count": 0, "exempt_configuration_issue_count": 0 } ] }{ "images": [ { "name": "us.icr.io/birds/woodpecker:green", "created_time": 1515532258, "status": "FAIL", "scan_time": 1594031816, "issue_count": 2, "exempt_issue_count": 1, "vulnerability_count": 2, "exempt_vulnerability_count": 1, "configuration_issue_count": 0, "exempt_configuration_issue_count": 0 }, { "name": "us.icr.io/birds/grebe:crested", "created_time": 1546305670, "status": "UNSUPPORTED", "scan_time": 1594389126, "issue_count": 0, "exempt_issue_count": 0, "vulnerability_count": 0, "exempt_vulnerability_count": 0, "configuration_issue_count": 0, "exempt_configuration_issue_count": 0 } ] }
Get vulnerability assessment
Get the vulnerability assessment for a registry image.
Get the vulnerability assessment for a registry image.
Get the vulnerability assessment for a registry image.
Get the vulnerability assessment for a registry image.
Get the vulnerability assessment for a registry image.
GET /va/api/v4/report/image/{name}(vulnerabilityAdvisor *VulnerabilityAdvisorV4) ImageReportQueryPath(imageReportQueryPathOptions *ImageReportQueryPathOptions) (result *ScanReport, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV4) ImageReportQueryPathWithContext(ctx context.Context, imageReportQueryPathOptions *ImageReportQueryPathOptions) (result *ScanReport, response *core.DetailedResponse, err error)
imageReportQueryPath(params)
image_report_query_path(
self,
name: str,
**kwargs,
) -> DetailedResponseServiceCall<ScanReport> imageReportQueryPath(ImageReportQueryPathOptions imageReportQueryPathOptions)Request
Instantiate the ImageReportQueryPathOptions struct and set the fields to provide parameter values for the ImageReportQueryPath method.
Use the ImageReportQueryPathOptions.Builder to create a ImageReportQueryPathOptions object that contains the parameter values for the imageReportQueryPath method.
Custom Headers
The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.
The preferred language code for this request.
Path Parameters
The name of the image. For example, us.icr.io/namespace/repository:tag
Possible values: Value must match regular expression
.*
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The ImageReportQueryPath options.
The name of the image. For example, us.icr.io/namespace/repository:tag.
Possible values: Value must match regular expression
/.*/
parameters
The name of the image. For example, us.icr.io/namespace/repository:tag.
Possible values: Value must match regular expression
/.*/
parameters
The name of the image. For example, us.icr.io/namespace/repository:tag.
Possible values: Value must match regular expression
/.*/
The imageReportQueryPath options.
The name of the image. For example, us.icr.io/namespace/repository:tag.
Possible values: Value must match regular expression
/.*/
imageReportQueryPathOptions := vulnerabilityAdvisorService.NewImageReportQueryPathOptions( "image name", ) scanReport, response, err := vulnerabilityAdvisorService.ImageReportQueryPath(imageReportQueryPathOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(scanReport, "", " ") fmt.Println(string(b))
const params = { name: 'image name', }; let res; try { res = await vulnerabilityAdvisorService.imageReportQueryPath(params); console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
response = vulnerability_advisor_service.image_report_query_path( name='image name', ) scan_report = response.get_result() print(json.dumps(scan_report, indent=2))
ImageReportQueryPathOptions imageReportQueryPathOptions = new ImageReportQueryPathOptions.Builder() .name("image name") .build(); Response<ScanReport> response = vulnerabilityAdvisorService.imageReportQueryPath(imageReportQueryPathOptions).execute(); ScanReport scanReport = response.getResult(); System.out.println(scanReport);
curl -X 'GET' 'https://icr.io/va/api/v4/report/image/us.icr.io%2Fbirds%2Fwoodpecker%3Agreen' -H 'Authorization: Bearer <bearer_token>' -H 'accept: application/json' -H 'Account: <account_ID>'
Response
Not supported, will always be empty
The unique ID of the report.
The primary operating system distribution identified in the container image
- os_distribution
Primary operating system distribution
Example:
debianPrimary operating system version
Example:
11Primary operating system version code name
Example:
bullseye
The last time that the vulnerability data source was checked for vulnerabilities as a UNIX timestamp
Overall vulnerability assessment status: OK, WARN, FAIL, UNSUPPORTED, INCOMPLETE, UNSCANNED. For more information about these status codes, see https://cloud.ibm.com/apidocs/vulnerability-advisor#vulnerability-report-status-codes
Vulnerabilities found in the container image at the scan time
Not supported, will always be empty.
- ConfigurationIssues
Not supported.
Not supported.
Not supported.
Not supported.
Not supported.
The unique ID of the report.
The primary operating system distribution identified in the container image.
- OsDistribution
Primary operating system distribution.
Examples:debian
Primary operating system version.
Examples:11Primary operating system version code name.
Examples:bullseye
The last time that the vulnerability data source was checked for vulnerabilities as a UNIX timestamp.
Overall vulnerability assessment status: OK, WARN, FAIL, UNSUPPORTED, INCOMPLETE, UNSCANNED. For more information about these status codes, see https://cloud.ibm.com/apidocs/vulnerability-advisor#vulnerability-report-status-codes.
Vulnerabilities found in the container image at the scan time.
- Vulnerabilities
True if this CVE has been exempted by user policy, and false otherwise.
The ID for this CVE.
Number of security notices that contain fixes for this CVE and are exempted by user policy.
'exempt' if this CVE is exempt or all security notices for this CVE are exempt. 'partial' if this CVE is not exempt but a subset of security notices for this CVE are exempt. 'active' if this CVE is not exempt and no security notices for this CVE are exempt.
Number of security notices that contain fixes for this CVE and are not exempted by user policy.
Security notices that contain fixes for this CVE.
- SecurityNotices
Further information about this security notice.
True if this security notice has been exempted by user policy, and false otherwise.
The ID for this security notice.
Summary of information about the security vulnerabilities fixed by this security notice.
Package updates that contain fixes for this vulnerability.
- VulnerablePackages
Advice on how to solve this vulnerability.
Description of the vulnerability.
The version of this package that contains the fix for this vulnerability.
The version of this package that was found installed at scan time.
The name of the package.
The summary of the security vulnerability for this CVE.
Total number of security notices that contain fixes for this CVE.
Not supported, will always be empty.
- configuration_issues
Not supported.
Not supported.
Not supported.
Not supported.
Not supported.
The unique ID of the report.
The primary operating system distribution identified in the container image.
- os_distribution
Primary operating system distribution.
Examples:debian
Primary operating system version.
Examples:11Primary operating system version code name.
Examples:bullseye
The last time that the vulnerability data source was checked for vulnerabilities as a UNIX timestamp.
Overall vulnerability assessment status: OK, WARN, FAIL, UNSUPPORTED, INCOMPLETE, UNSCANNED. For more information about these status codes, see https://cloud.ibm.com/apidocs/vulnerability-advisor#vulnerability-report-status-codes.
Vulnerabilities found in the container image at the scan time.
- vulnerabilities
True if this CVE has been exempted by user policy, and false otherwise.
The ID for this CVE.
Number of security notices that contain fixes for this CVE and are exempted by user policy.
'exempt' if this CVE is exempt or all security notices for this CVE are exempt. 'partial' if this CVE is not exempt but a subset of security notices for this CVE are exempt. 'active' if this CVE is not exempt and no security notices for this CVE are exempt.
Number of security notices that contain fixes for this CVE and are not exempted by user policy.
Security notices that contain fixes for this CVE.
- security_notices
Further information about this security notice.
True if this security notice has been exempted by user policy, and false otherwise.
The ID for this security notice.
Summary of information about the security vulnerabilities fixed by this security notice.
Package updates that contain fixes for this vulnerability.
- vulnerable_packages
Advice on how to solve this vulnerability.
Description of the vulnerability.
The version of this package that contains the fix for this vulnerability.
The version of this package that was found installed at scan time.
The name of the package.
The summary of the security vulnerability for this CVE.
Total number of security notices that contain fixes for this CVE.
Not supported, will always be empty.
- configuration_issues
Not supported.
Not supported.
Not supported.
Not supported.
Not supported.
The unique ID of the report.
The primary operating system distribution identified in the container image.
- os_distribution
Primary operating system distribution.
Examples:debian
Primary operating system version.
Examples:11Primary operating system version code name.
Examples:bullseye
The last time that the vulnerability data source was checked for vulnerabilities as a UNIX timestamp.
Overall vulnerability assessment status: OK, WARN, FAIL, UNSUPPORTED, INCOMPLETE, UNSCANNED. For more information about these status codes, see https://cloud.ibm.com/apidocs/vulnerability-advisor#vulnerability-report-status-codes.
Vulnerabilities found in the container image at the scan time.
- vulnerabilities
True if this CVE has been exempted by user policy, and false otherwise.
The ID for this CVE.
Number of security notices that contain fixes for this CVE and are exempted by user policy.
'exempt' if this CVE is exempt or all security notices for this CVE are exempt. 'partial' if this CVE is not exempt but a subset of security notices for this CVE are exempt. 'active' if this CVE is not exempt and no security notices for this CVE are exempt.
Number of security notices that contain fixes for this CVE and are not exempted by user policy.
Security notices that contain fixes for this CVE.
- security_notices
Further information about this security notice.
True if this security notice has been exempted by user policy, and false otherwise.
The ID for this security notice.
Summary of information about the security vulnerabilities fixed by this security notice.
Package updates that contain fixes for this vulnerability.
- vulnerable_packages
Advice on how to solve this vulnerability.
Description of the vulnerability.
The version of this package that contains the fix for this vulnerability.
The version of this package that was found installed at scan time.
The name of the package.
The summary of the security vulnerability for this CVE.
Total number of security notices that contain fixes for this CVE.
Not supported, will always be empty.
- configurationIssues
Not supported.
Not supported.
Not supported.
Not supported.
Not supported.
The unique ID of the report.
The primary operating system distribution identified in the container image.
- osDistribution
Primary operating system distribution.
Examples:debian
Primary operating system version.
Examples:11Primary operating system version code name.
Examples:bullseye
The last time that the vulnerability data source was checked for vulnerabilities as a UNIX timestamp.
Overall vulnerability assessment status: OK, WARN, FAIL, UNSUPPORTED, INCOMPLETE, UNSCANNED. For more information about these status codes, see https://cloud.ibm.com/apidocs/vulnerability-advisor#vulnerability-report-status-codes.
Vulnerabilities found in the container image at the scan time.
- vulnerabilities
True if this CVE has been exempted by user policy, and false otherwise.
The ID for this CVE.
Number of security notices that contain fixes for this CVE and are exempted by user policy.
'exempt' if this CVE is exempt or all security notices for this CVE are exempt. 'partial' if this CVE is not exempt but a subset of security notices for this CVE are exempt. 'active' if this CVE is not exempt and no security notices for this CVE are exempt.
Number of security notices that contain fixes for this CVE and are not exempted by user policy.
Security notices that contain fixes for this CVE.
- securityNotices
Further information about this security notice.
True if this security notice has been exempted by user policy, and false otherwise.
The ID for this security notice.
Summary of information about the security vulnerabilities fixed by this security notice.
Package updates that contain fixes for this vulnerability.
- vulnerablePackages
Advice on how to solve this vulnerability.
Description of the vulnerability.
The version of this package that contains the fix for this vulnerability.
The version of this package that was found installed at scan time.
The name of the package.
The summary of the security vulnerability for this CVE.
Total number of security notices that contain fixes for this CVE.
Status Code
OK
A required header is missing. Add the header to the request and try again.
You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.
You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.
Your image hasn't been scanned yet. Try again later. If this issue persists, contact support for help; see https://cloud.ibm.com/docs/get-support?topic=get-support-using-avatar
An internal server error occurred
This service is unavailable at the moment. Try again later.
Unable to authenticate with IBM Cloud. Try again later.
{ "id": "12345678-130f-423f-a521-16f787654321", "scan_time": 1594148866, "status": "WARN", "vulnerabilities": [ { "cve_id": "CVE-2019-99999", "summary": "This is a CVE.", "cve_exempt": true, "exempt_status": "exempt", "security_notice_count": 1, "exempt_security_notice_count": 0, "total_security_notice_count": 1, "security_notices": [ { "notice_id": "DEBIAN-CVE-2019-99999", "notice": "", "references": [ "" ], "notice_exempt": false, "summary": "This is a summary.", "vulnerable_packages": [ { "description": "Description of vulnerability to package", "corrective_action": "Upgrade the offending package", "fix_version": "0.0.1", "installed_version": "0.0.0", "package_name": "package" } ] } ] } ], "configuration_issues": [], "os_distribution": { "distribution_id": "debian", "version_id": "11", "version_code_name": "bullseye" } }{ "id": "12345678-130f-423f-a521-16f787654321", "scan_time": 1594148866, "status": "WARN", "vulnerabilities": [ { "cve_id": "CVE-2019-99999", "summary": "This is a CVE.", "cve_exempt": true, "exempt_status": "exempt", "security_notice_count": 1, "exempt_security_notice_count": 0, "total_security_notice_count": 1, "security_notices": [ { "notice_id": "DEBIAN-CVE-2019-99999", "notice": "", "references": [ "" ], "notice_exempt": false, "summary": "This is a summary.", "vulnerable_packages": [ { "description": "Description of vulnerability to package", "corrective_action": "Upgrade the offending package", "fix_version": "0.0.1", "installed_version": "0.0.0", "package_name": "package" } ] } ] } ], "configuration_issues": [], "os_distribution": { "distribution_id": "debian", "version_id": "11", "version_code_name": "bullseye" } }
Get vulnerability assessment status
Get the overall vulnerability status for a registry image.
Get the overall vulnerability status for a registry image.
Get the overall vulnerability status for a registry image.
Get the overall vulnerability status for a registry image.
Get the overall vulnerability status for a registry image.
GET /va/api/v4/report/image/status/{name}(vulnerabilityAdvisor *VulnerabilityAdvisorV4) ImageStatusQueryPath(imageStatusQueryPathOptions *ImageStatusQueryPathOptions) (result *ScanreportSummary, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV4) ImageStatusQueryPathWithContext(ctx context.Context, imageStatusQueryPathOptions *ImageStatusQueryPathOptions) (result *ScanreportSummary, response *core.DetailedResponse, err error)
imageStatusQueryPath(params)
image_status_query_path(
self,
name: str,
**kwargs,
) -> DetailedResponseServiceCall<ScanreportSummary> imageStatusQueryPath(ImageStatusQueryPathOptions imageStatusQueryPathOptions)Request
Instantiate the ImageStatusQueryPathOptions struct and set the fields to provide parameter values for the ImageStatusQueryPath method.
Use the ImageStatusQueryPathOptions.Builder to create a ImageStatusQueryPathOptions object that contains the parameter values for the imageStatusQueryPath method.
Custom Headers
The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.
The preferred language code for this request.
Path Parameters
The name of the image. For example, us.icr.io/namespace/repository:tag.
Possible values: Value must match regular expression
.*
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The ImageStatusQueryPath options.
The name of the image. For example, us.icr.io/namespace/repository:tag.
Possible values: Value must match regular expression
/.*/
parameters
The name of the image. For example, us.icr.io/namespace/repository:tag.
Possible values: Value must match regular expression
/.*/
parameters
The name of the image. For example, us.icr.io/namespace/repository:tag.
Possible values: Value must match regular expression
/.*/
The imageStatusQueryPath options.
The name of the image. For example, us.icr.io/namespace/repository:tag.
Possible values: Value must match regular expression
/.*/
imageStatusQueryPathOptions := vulnerabilityAdvisorService.NewImageStatusQueryPathOptions( "image name", ) scanreportSummary, response, err := vulnerabilityAdvisorService.ImageStatusQueryPath(imageStatusQueryPathOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(scanreportSummary, "", " ") fmt.Println(string(b))
const params = { name: 'image name', }; let res; try { res = await vulnerabilityAdvisorService.imageStatusQueryPath(params); console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
response = vulnerability_advisor_service.image_status_query_path( name='image name', ) scanreport_summary = response.get_result() print(json.dumps(scanreport_summary, indent=2))
ImageStatusQueryPathOptions imageStatusQueryPathOptions = new ImageStatusQueryPathOptions.Builder() .name("image name") .build(); Response<ScanreportSummary> response = vulnerabilityAdvisorService.imageStatusQueryPath(imageStatusQueryPathOptions).execute(); ScanreportSummary scanreportSummary = response.getResult(); System.out.println(scanreportSummary);
curl -X 'GET' 'https://icr.io/va/api/v4/report/image/status/us.icr.io%2Fbirds%2Fwoodpecker%3Agreen' -H 'Authorization: Bearer <bearer_token>' -H 'accept: application/json' -H 'Account: <account_ID>'
Response
Not supported, this will always be zero
Not supported, this will always be zero
The number of exempt issues found
The number of exempt vulnerability issues found
The number of issues found
The last time that the vulnerability data source was checked for vulnerabilities as a UNIX timestamp
Overall vulnerability assessment status: OK, WARN, FAIL, UNSUPPORTED, INCOMPLETE, UNSCANNED. For more information about these status codes, see https://cloud.ibm.com/apidocs/vulnerability-advisor#vulnerability-report-status-codes
The number of vulnerability issues found
Not supported, this will always be zero.
Not supported, this will always be zero.
The number of exempt issues found.
The number of exempt vulnerability issues found.
The number of issues found.
The last time that the vulnerability data source was checked for vulnerabilities as a UNIX timestamp.
Overall vulnerability assessment status: OK, WARN, FAIL, UNSUPPORTED, INCOMPLETE, UNSCANNED. For more information about these status codes, see https://cloud.ibm.com/apidocs/vulnerability-advisor#vulnerability-report-status-codes.
The number of vulnerability issues found.
Not supported, this will always be zero.
Not supported, this will always be zero.
The number of exempt issues found.
The number of exempt vulnerability issues found.
The number of issues found.
The last time that the vulnerability data source was checked for vulnerabilities as a UNIX timestamp.
Overall vulnerability assessment status: OK, WARN, FAIL, UNSUPPORTED, INCOMPLETE, UNSCANNED. For more information about these status codes, see https://cloud.ibm.com/apidocs/vulnerability-advisor#vulnerability-report-status-codes.
The number of vulnerability issues found.
Not supported, this will always be zero.
Not supported, this will always be zero.
The number of exempt issues found.
The number of exempt vulnerability issues found.
The number of issues found.
The last time that the vulnerability data source was checked for vulnerabilities as a UNIX timestamp.
Overall vulnerability assessment status: OK, WARN, FAIL, UNSUPPORTED, INCOMPLETE, UNSCANNED. For more information about these status codes, see https://cloud.ibm.com/apidocs/vulnerability-advisor#vulnerability-report-status-codes.
The number of vulnerability issues found.
Not supported, this will always be zero.
Not supported, this will always be zero.
The number of exempt issues found.
The number of exempt vulnerability issues found.
The number of issues found.
The last time that the vulnerability data source was checked for vulnerabilities as a UNIX timestamp.
Overall vulnerability assessment status: OK, WARN, FAIL, UNSUPPORTED, INCOMPLETE, UNSCANNED. For more information about these status codes, see https://cloud.ibm.com/apidocs/vulnerability-advisor#vulnerability-report-status-codes.
The number of vulnerability issues found.
Status Code
OK
A required header is missing. Add the header to the request and try again.
You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.
You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.
Your image hasn't been scanned yet. Try again later. If this issue persists, contact support for help; see https://cloud.ibm.com/docs/get-support?topic=get-support-using-avatar
An internal server error occurred
This service is unavailable at the moment. Try again later.
Unable to authenticate with IBM Cloud. Try again later.
{ "name": "us.icr.io/birds/woodpecker:green", "created_time": 1515532258, "status": "FAIL", "scan_time": 1594031816, "issue_count": 2, "exempt_issue_count": 1, "vulnerability_count": 2, "exempt_vulnerability_count": 1, "configuration_issue_count": 0, "exempt_configuration_issue_count": 0 }{ "name": "us.icr.io/birds/woodpecker:green", "created_time": 1515532258, "status": "FAIL", "scan_time": 1594031816, "issue_count": 2, "exempt_issue_count": 1, "vulnerability_count": 2, "exempt_vulnerability_count": 1, "configuration_issue_count": 0, "exempt_configuration_issue_count": 0 }
List account level exemptions
List the exemptions that are specified with account level scope.
List the exemptions that are specified with account level scope.
List the exemptions that are specified with account level scope.
List the exemptions that are specified with account level scope.
List the exemptions that are specified with account level scope.
GET /va/api/v4/exempt/image
(vulnerabilityAdvisor *VulnerabilityAdvisorV4) ListExemptionAccount(listExemptionAccountOptions *ListExemptionAccountOptions) (result []Exemption, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV4) ListExemptionAccountWithContext(ctx context.Context, listExemptionAccountOptions *ListExemptionAccountOptions) (result []Exemption, response *core.DetailedResponse, err error)
listExemptionAccount(params)
list_exemption_account(
self,
**kwargs,
) -> DetailedResponseServiceCall<List<Exemption>> listExemptionAccount(ListExemptionAccountOptions listExemptionAccountOptions)
Request
Instantiate the ListExemptionAccountOptions struct and set the fields to provide parameter values for the ListExemptionAccount method.
Use the ListExemptionAccountOptions.Builder to create a ListExemptionAccountOptions object that contains the parameter values for the listExemptionAccount method.
Custom Headers
The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.
The preferred language code for this request.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
parameters
parameters
listExemptionAccountOptions := vulnerabilityAdvisorService.NewListExemptionAccountOptions() exemption, response, err := vulnerabilityAdvisorService.ListExemptionAccount(listExemptionAccountOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(exemption, "", " ") fmt.Println(string(b))
let res; try { res = await vulnerabilityAdvisorService.listExemptionAccount({}); console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
response = vulnerability_advisor_service.list_exemption_account() list_exemption = response.get_result() print(json.dumps(list_exemption, indent=2))
ListExemptionAccountOptions listExemptionAccountOptions = new ListExemptionAccountOptions(); Response<List<Exemption>> response = vulnerabilityAdvisorService.listExemptionAccount(listExemptionAccountOptions).execute(); List<Exemption> listExemption = response.getResult(); System.out.println(listExemption);
curl -X 'GET' 'https://icr.io/va/api/v4/exempt/image' -H 'Authorization: Bearer <bearer_token>' -H 'accept: application/json' -H 'Account: <account_ID>'
Response
Response type: []Exemption
Response type: Exemption[]
Response type: List[Exemption]
Response type: List<Exemption>
The unique ID for the IBM Cloud account for this policy
ID of issue being exempted
Type of issue being exempted
Details of the level of IBM Cloud Registry resource the exemption applies to
Status Code
OK
A required header is missing. Add the header to the request and try again.
You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.
You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.
An internal server error occurred
This service is unavailable at the moment. Try again later.
Unable to authenticate with IBM Cloud. Try again later.
[ { "issue_type": "cve", "issue_id": "CVE-2019-99999", "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff", "scope": { "scope_type": "image", "namespace": "", "repository": "", "tag": "" } } ][ { "issue_type": "cve", "issue_id": "CVE-2019-99999", "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff", "scope": { "scope_type": "image", "namespace": "", "repository": "", "tag": "" } } ]
Get an account level exemption
Get details of an exemption that is specified with account level scope.
Get details of an exemption that is specified with account level scope.
Get details of an exemption that is specified with account level scope.
Get details of an exemption that is specified with account level scope.
Get details of an exemption that is specified with account level scope.
GET /va/api/v4/exempt/image/issue/{issueType}/{issueID}(vulnerabilityAdvisor *VulnerabilityAdvisorV4) GetExemptionAccount(getExemptionAccountOptions *GetExemptionAccountOptions) (result *Exemption, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV4) GetExemptionAccountWithContext(ctx context.Context, getExemptionAccountOptions *GetExemptionAccountOptions) (result *Exemption, response *core.DetailedResponse, err error)
getExemptionAccount(params)
get_exemption_account(
self,
issue_type: str,
issue_id: str,
**kwargs,
) -> DetailedResponseServiceCall<Exemption> getExemptionAccount(GetExemptionAccountOptions getExemptionAccountOptions)Request
Instantiate the GetExemptionAccountOptions struct and set the fields to provide parameter values for the GetExemptionAccount method.
Use the GetExemptionAccountOptions.Builder to create a GetExemptionAccountOptions object that contains the parameter values for the getExemptionAccount method.
Custom Headers
The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.
The preferred language code for this request.
Path Parameters
Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
.*
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The GetExemptionAccount options.
Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
/.*/
parameters
Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
/.*/
parameters
Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
/.*/
The getExemptionAccount options.
Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
/.*/
getExemptionAccountOptions := vulnerabilityAdvisorService.NewGetExemptionAccountOptions( "cve", "CVE-2020-0001", ) exemption, response, err := vulnerabilityAdvisorService.GetExemptionAccount(getExemptionAccountOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(exemption, "", " ") fmt.Println(string(b))
const params = { issueType: 'cve', issueId: 'CVE-2020-0001', }; let res; try { res = await vulnerabilityAdvisorService.getExemptionAccount(params); console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
response = vulnerability_advisor_service.get_exemption_account( issue_type='cve', issue_id='CVE-2023-0001', ) exemption = response.get_result() print(json.dumps(exemption, indent=2))
GetExemptionAccountOptions getExemptionAccountOptions = new GetExemptionAccountOptions.Builder() .issueType("cve") .issueId("CVE-2023-0001") .build(); Response<Exemption> response = vulnerabilityAdvisorService.getExemptionAccount(getExemptionAccountOptions).execute(); Exemption exemption = response.getResult(); System.out.println(exemption);
curl -X 'GET' 'https://icr.io/va/api/v4/exempt/image/issue/cve/CVE-2019-99999' -H 'Authorization: Bearer <bearer_token>' -H 'accept: application/json' -H 'Account: <account_ID>'
Response
The unique ID for the IBM Cloud account for this policy
ID of issue being exempted
Type of issue being exempted
Details of the level of IBM Cloud Registry resource the exemption applies to
The unique ID for the IBM Cloud account for this policy.
ID of issue being exempted.
Type of issue being exempted.
- Scope
The type of scope the exemption applies to: account, namespace, repository, image.
The IBM Cloud Registry namespace included in scope.
The IBM Cloud Registry repository included in scope.
The IBM Cloud Registry tag included in scope.
The unique ID for the IBM Cloud account for this policy.
ID of issue being exempted.
Type of issue being exempted.
- scope
The type of scope the exemption applies to: account, namespace, repository, image.
The IBM Cloud Registry namespace included in scope.
The IBM Cloud Registry repository included in scope.
The IBM Cloud Registry tag included in scope.
The unique ID for the IBM Cloud account for this policy.
ID of issue being exempted.
Type of issue being exempted.
- scope
The type of scope the exemption applies to: account, namespace, repository, image.
The IBM Cloud Registry namespace included in scope.
The IBM Cloud Registry repository included in scope.
The IBM Cloud Registry tag included in scope.
The unique ID for the IBM Cloud account for this policy.
ID of issue being exempted.
Type of issue being exempted.
- scope
The type of scope the exemption applies to: account, namespace, repository, image.
The IBM Cloud Registry namespace included in scope.
The IBM Cloud Registry repository included in scope.
The IBM Cloud Registry tag included in scope.
Status Code
OK
A required header is missing. Add the header to the request and try again.
You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.
You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.
An internal server error occurred
This service is unavailable at the moment. Try again later.
Unable to authenticate with IBM Cloud. Try again later.
{ "issue_type": "cve", "issue_id": "CVE-2019-99999", "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff", "scope": { "scope_type": "image", "namespace": "", "repository": "", "tag": "" } }{ "issue_type": "cve", "issue_id": "CVE-2019-99999", "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff", "scope": { "scope_type": "image", "namespace": "", "repository": "", "tag": "" } }
Create or update an account level exemption
Create or update an exemption that is specified with account level scope.
Create or update an exemption that is specified with account level scope.
Create or update an exemption that is specified with account level scope.
Create or update an exemption that is specified with account level scope.
Create or update an exemption that is specified with account level scope.
POST /va/api/v4/exempt/image/issue/{issueType}/{issueID}(vulnerabilityAdvisor *VulnerabilityAdvisorV4) CreateExemptionAccount(createExemptionAccountOptions *CreateExemptionAccountOptions) (result *Exemption, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV4) CreateExemptionAccountWithContext(ctx context.Context, createExemptionAccountOptions *CreateExemptionAccountOptions) (result *Exemption, response *core.DetailedResponse, err error)
createExemptionAccount(params)
create_exemption_account(
self,
issue_type: str,
issue_id: str,
**kwargs,
) -> DetailedResponseServiceCall<Exemption> createExemptionAccount(CreateExemptionAccountOptions createExemptionAccountOptions)Request
Instantiate the CreateExemptionAccountOptions struct and set the fields to provide parameter values for the CreateExemptionAccount method.
Use the CreateExemptionAccountOptions.Builder to create a CreateExemptionAccountOptions object that contains the parameter values for the createExemptionAccount method.
Custom Headers
The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.
The preferred language code for this request.
Path Parameters
Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
.*
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The CreateExemptionAccount options.
Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
/.*/
parameters
Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
/.*/
parameters
Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
/.*/
The createExemptionAccount options.
Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
/.*/
createExemptionAccountOptions := vulnerabilityAdvisorService.NewCreateExemptionAccountOptions( "cve", "CVE-2020-0001", ) exemption, response, err := vulnerabilityAdvisorService.CreateExemptionAccount(createExemptionAccountOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(exemption, "", " ") fmt.Println(string(b))
const params = { issueType: 'cve', issueId: 'CVE-2020-0001', }; let res; try { res = await vulnerabilityAdvisorService.createExemptionAccount(params); console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
response = vulnerability_advisor_service.create_exemption_account( issue_type='cve', issue_id='CVE-2023-0001', ) exemption = response.get_result() print(json.dumps(exemption, indent=2))
CreateExemptionAccountOptions createExemptionAccountOptions = new CreateExemptionAccountOptions.Builder() .issueType("cve") .issueId("CVE-2023-0001") .build(); Response<Exemption> response = vulnerabilityAdvisorService.createExemptionAccount(createExemptionAccountOptions).execute(); Exemption exemption = response.getResult(); System.out.println(exemption);
curl -X 'POST' 'https://icr.io/va/api/v4/exempt/image/issue/cve/CVE-2019-99999' -H 'Authorization: Bearer <bearer_token>' -H 'accept: application/json' -H 'Account: <account_ID>'
Response
The unique ID for the IBM Cloud account for this policy
ID of issue being exempted
Type of issue being exempted
Details of the level of IBM Cloud Registry resource the exemption applies to
The unique ID for the IBM Cloud account for this policy.
ID of issue being exempted.
Type of issue being exempted.
- Scope
The type of scope the exemption applies to: account, namespace, repository, image.
The IBM Cloud Registry namespace included in scope.
The IBM Cloud Registry repository included in scope.
The IBM Cloud Registry tag included in scope.
The unique ID for the IBM Cloud account for this policy.
ID of issue being exempted.
Type of issue being exempted.
- scope
The type of scope the exemption applies to: account, namespace, repository, image.
The IBM Cloud Registry namespace included in scope.
The IBM Cloud Registry repository included in scope.
The IBM Cloud Registry tag included in scope.
The unique ID for the IBM Cloud account for this policy.
ID of issue being exempted.
Type of issue being exempted.
- scope
The type of scope the exemption applies to: account, namespace, repository, image.
The IBM Cloud Registry namespace included in scope.
The IBM Cloud Registry repository included in scope.
The IBM Cloud Registry tag included in scope.
The unique ID for the IBM Cloud account for this policy.
ID of issue being exempted.
Type of issue being exempted.
- scope
The type of scope the exemption applies to: account, namespace, repository, image.
The IBM Cloud Registry namespace included in scope.
The IBM Cloud Registry repository included in scope.
The IBM Cloud Registry tag included in scope.
Status Code
Created
A required header is missing. Add the header to the request and try again.
You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.
You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.
An internal server error occurred
This service is unavailable at the moment. Try again later.
Unable to authenticate with IBM Cloud. Try again later.
{ "issue_type": "cve", "issue_id": "CVE-2019-99999", "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff", "scope": { "scope_type": "image", "namespace": "", "repository": "", "tag": "" } }{ "issue_type": "cve", "issue_id": "CVE-2019-99999", "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff", "scope": { "scope_type": "image", "namespace": "", "repository": "", "tag": "" } }
Delete an account level exemption
Delete an exemption that is specified with account level scope.
Delete an exemption that is specified with account level scope.
Delete an exemption that is specified with account level scope.
Delete an exemption that is specified with account level scope.
Delete an exemption that is specified with account level scope.
DELETE /va/api/v4/exempt/image/issue/{issueType}/{issueID}(vulnerabilityAdvisor *VulnerabilityAdvisorV4) DeleteExemptionAccount(deleteExemptionAccountOptions *DeleteExemptionAccountOptions) (response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV4) DeleteExemptionAccountWithContext(ctx context.Context, deleteExemptionAccountOptions *DeleteExemptionAccountOptions) (response *core.DetailedResponse, err error)
deleteExemptionAccount(params)
delete_exemption_account(
self,
issue_type: str,
issue_id: str,
**kwargs,
) -> DetailedResponseServiceCall<Void> deleteExemptionAccount(DeleteExemptionAccountOptions deleteExemptionAccountOptions)Request
Instantiate the DeleteExemptionAccountOptions struct and set the fields to provide parameter values for the DeleteExemptionAccount method.
Use the DeleteExemptionAccountOptions.Builder to create a DeleteExemptionAccountOptions object that contains the parameter values for the deleteExemptionAccount method.
Custom Headers
The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.
The preferred language code for this request.
Path Parameters
Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
.*
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The DeleteExemptionAccount options.
Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
/.*/
parameters
Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
/.*/
parameters
Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
/.*/
The deleteExemptionAccount options.
Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
/.*/
deleteExemptionAccountOptions := vulnerabilityAdvisorService.NewDeleteExemptionAccountOptions( "cve", "CVE-2020-0001", ) response, err := vulnerabilityAdvisorService.DeleteExemptionAccount(deleteExemptionAccountOptions) if err != nil { panic(err) } if response.StatusCode != 200 { fmt.Printf("\nUnexpected response status code received from DeleteExemptionAccount(): %d\n", response.StatusCode) }
const params = { issueType: 'cve', issueId: 'CVE-2020-0001', }; try { await vulnerabilityAdvisorService.deleteExemptionAccount(params); } catch (err) { console.warn(err); }
response = vulnerability_advisor_service.delete_exemption_account( issue_type='cve', issue_id='CVE-2023-0001', )
DeleteExemptionAccountOptions deleteExemptionAccountOptions = new DeleteExemptionAccountOptions.Builder() .issueType("cve") .issueId("CVE-2023-0001") .build(); Response<Void> response = vulnerabilityAdvisorService.deleteExemptionAccount(deleteExemptionAccountOptions).execute();
curl -X 'DELETE' 'https://icr.io/va/api/v4/exempt/image/issue/cve/CVE-2019-99999' -H 'Authorization: Bearer <bearer_token>' -H 'Account: <account_ID>'
Response
Status Code
OK
A required header is missing. Add the header to the request and try again.
You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.
You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.
Exemption not found.
An internal server error occurred
This service is unavailable at the moment. Try again later.
Unable to authenticate with IBM Cloud. Try again later.
No Sample Response
List resource exemptions
List the exemptions that are specified for a resource (account, registry namespace, repository, or image).
List the exemptions that are specified for a resource (account, registry namespace, repository, or image).
List the exemptions that are specified for a resource (account, registry namespace, repository, or image).
List the exemptions that are specified for a resource (account, registry namespace, repository, or image).
List the exemptions that are specified for a resource (account, registry namespace, repository, or image).
GET /va/api/v4/exempt/image/{resource}(vulnerabilityAdvisor *VulnerabilityAdvisorV4) ListExemptionResource(listExemptionResourceOptions *ListExemptionResourceOptions) (result []Exemption, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV4) ListExemptionResourceWithContext(ctx context.Context, listExemptionResourceOptions *ListExemptionResourceOptions) (result []Exemption, response *core.DetailedResponse, err error)
listExemptionResource(params)
list_exemption_resource(
self,
resource: str,
**kwargs,
) -> DetailedResponseServiceCall<List<Exemption>> listExemptionResource(ListExemptionResourceOptions listExemptionResourceOptions)
Request
Instantiate the ListExemptionResourceOptions struct and set the fields to provide parameter values for the ListExemptionResource method.
Use the ListExemptionResourceOptions.Builder to create a ListExemptionResourceOptions object that contains the parameter values for the listExemptionResource method.
Custom Headers
The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.
The preferred language code for this request.
Path Parameters
IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash)
Possible values: Value must match regular expression
.*
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The ListExemptionResource options.
IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).
Possible values: Value must match regular expression
/.*/
parameters
IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).
Possible values: Value must match regular expression
/.*/
parameters
IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).
Possible values: Value must match regular expression
/.*/
The listExemptionResource options.
IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).
Possible values: Value must match regular expression
/.*/
listExemptionResourceOptions := vulnerabilityAdvisorService.NewListExemptionResourceOptions( "image name", ) exemption, response, err := vulnerabilityAdvisorService.ListExemptionResource(listExemptionResourceOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(exemption, "", " ") fmt.Println(string(b))
const params = { resource: 'image name', }; let res; try { res = await vulnerabilityAdvisorService.listExemptionResource(params); console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
response = vulnerability_advisor_service.list_exemption_resource( resource='image name', ) list_exemption = response.get_result() print(json.dumps(list_exemption, indent=2))
ListExemptionResourceOptions listExemptionResourceOptions = new ListExemptionResourceOptions.Builder() .resource("image name") .build(); Response<List<Exemption>> response = vulnerabilityAdvisorService.listExemptionResource(listExemptionResourceOptions).execute(); List<Exemption> listExemption = response.getResult(); System.out.println(listExemption);
curl -X 'GET' 'https://icr.io/va/api/v4/exempt/image/birds' -H 'Authorization: Bearer <bearer_token>' -H 'accept: application/json' -H 'Account: <account_ID>'
Response
Response type: []Exemption
Response type: Exemption[]
Response type: List[Exemption]
Response type: List<Exemption>
The unique ID for the IBM Cloud account for this policy
ID of issue being exempted
Type of issue being exempted
Details of the level of IBM Cloud Registry resource the exemption applies to
Status Code
OK
A required header is missing. Add the header to the request and try again.
You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.
You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.
An internal server error occurred
This service is unavailable at the moment. Try again later.
Unable to authenticate with IBM Cloud. Try again later.
[ { "issue_type": "cve", "issue_id": "CVE-2019-99999", "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff", "scope": { "scope_type": "image", "namespace": "birds", "repository": "", "tag": "" } } ][ { "issue_type": "cve", "issue_id": "CVE-2019-99999", "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff", "scope": { "scope_type": "image", "namespace": "birds", "repository": "", "tag": "" } } ]
Get details of a resource exemption
Get an exemption that is specified for a resource (account, registry namespace, repository, or image).
Get an exemption that is specified for a resource (account, registry namespace, repository, or image).
Get an exemption that is specified for a resource (account, registry namespace, repository, or image).
Get an exemption that is specified for a resource (account, registry namespace, repository, or image).
Get an exemption that is specified for a resource (account, registry namespace, repository, or image).
GET /va/api/v4/exempt/image/{resource}/issue/{issueType}/{issueID}(vulnerabilityAdvisor *VulnerabilityAdvisorV4) GetExemptionResource(getExemptionResourceOptions *GetExemptionResourceOptions) (result *Exemption, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV4) GetExemptionResourceWithContext(ctx context.Context, getExemptionResourceOptions *GetExemptionResourceOptions) (result *Exemption, response *core.DetailedResponse, err error)
getExemptionResource(params)
get_exemption_resource(
self,
resource: str,
issue_type: str,
issue_id: str,
**kwargs,
) -> DetailedResponseServiceCall<Exemption> getExemptionResource(GetExemptionResourceOptions getExemptionResourceOptions)Request
Instantiate the GetExemptionResourceOptions struct and set the fields to provide parameter values for the GetExemptionResource method.
Use the GetExemptionResourceOptions.Builder to create a GetExemptionResourceOptions object that contains the parameter values for the getExemptionResource method.
Custom Headers
The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.
The preferred language code for this request.
Path Parameters
IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash)
Possible values: Value must match regular expression
.*Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
.*
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The GetExemptionResource options.
IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).
Possible values: Value must match regular expression
/.*/Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
/.*/
parameters
IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).
Possible values: Value must match regular expression
/.*/Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
/.*/
parameters
IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).
Possible values: Value must match regular expression
/.*/Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
/.*/
The getExemptionResource options.
IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).
Possible values: Value must match regular expression
/.*/Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
/.*/
getExemptionResourceOptions := vulnerabilityAdvisorService.NewGetExemptionResourceOptions( "cve", "CVE-2020-0001", "image name", ) exemption, response, err := vulnerabilityAdvisorService.GetExemptionResource(getExemptionResourceOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(exemption, "", " ") fmt.Println(string(b))
const params = { resource: 'image name', issueType: 'cve', issueId: 'CVE-2020-0001', }; let res; try { res = await vulnerabilityAdvisorService.getExemptionResource(params); console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
response = vulnerability_advisor_service.get_exemption_resource( resource='image name', issue_type='cve', issue_id='CVE-2023-0001', ) exemption = response.get_result() print(json.dumps(exemption, indent=2))
GetExemptionResourceOptions getExemptionResourceOptions = new GetExemptionResourceOptions.Builder() .resource("image name") .issueType("cve") .issueId("CVE-2023-0001") .build(); Response<Exemption> response = vulnerabilityAdvisorService.getExemptionResource(getExemptionResourceOptions).execute(); Exemption exemption = response.getResult(); System.out.println(exemption);
curl -X 'GET' 'https://icr.io/va/api/v4/exempt/image/birds/issue/cve/CVE-2019-99999' -H 'Authorization: Bearer <bearer_token>' -H 'accept: application/json' -H 'Account: <account_ID>'
Response
The unique ID for the IBM Cloud account for this policy
ID of issue being exempted
Type of issue being exempted
Details of the level of IBM Cloud Registry resource the exemption applies to
The unique ID for the IBM Cloud account for this policy.
ID of issue being exempted.
Type of issue being exempted.
- Scope
The type of scope the exemption applies to: account, namespace, repository, image.
The IBM Cloud Registry namespace included in scope.
The IBM Cloud Registry repository included in scope.
The IBM Cloud Registry tag included in scope.
The unique ID for the IBM Cloud account for this policy.
ID of issue being exempted.
Type of issue being exempted.
- scope
The type of scope the exemption applies to: account, namespace, repository, image.
The IBM Cloud Registry namespace included in scope.
The IBM Cloud Registry repository included in scope.
The IBM Cloud Registry tag included in scope.
The unique ID for the IBM Cloud account for this policy.
ID of issue being exempted.
Type of issue being exempted.
- scope
The type of scope the exemption applies to: account, namespace, repository, image.
The IBM Cloud Registry namespace included in scope.
The IBM Cloud Registry repository included in scope.
The IBM Cloud Registry tag included in scope.
The unique ID for the IBM Cloud account for this policy.
ID of issue being exempted.
Type of issue being exempted.
- scope
The type of scope the exemption applies to: account, namespace, repository, image.
The IBM Cloud Registry namespace included in scope.
The IBM Cloud Registry repository included in scope.
The IBM Cloud Registry tag included in scope.
Status Code
OK
A required header is missing. Add the header to the request and try again.
You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.
You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.
An internal server error occurred
This service is unavailable at the moment. Try again later.
Unable to authenticate with IBM Cloud. Try again later.
{ "issue_type": "cve", "issue_id": "CVE-2019-99999", "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff", "scope": { "scope_type": "image", "namespace": "birds", "repository": "", "tag": "" } }{ "issue_type": "cve", "issue_id": "CVE-2019-99999", "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff", "scope": { "scope_type": "image", "namespace": "birds", "repository": "", "tag": "" } }
Create or update a resource exemption
Create or update an exemption that is specified for a resource (account, registry namespace, repository, or image).
Create or update an exemption that is specified for a resource (account, registry namespace, repository, or image).
Create or update an exemption that is specified for a resource (account, registry namespace, repository, or image).
Create or update an exemption that is specified for a resource (account, registry namespace, repository, or image).
Create or update an exemption that is specified for a resource (account, registry namespace, repository, or image).
POST /va/api/v4/exempt/image/{resource}/issue/{issueType}/{issueID}(vulnerabilityAdvisor *VulnerabilityAdvisorV4) CreateExemptionResource(createExemptionResourceOptions *CreateExemptionResourceOptions) (result *Exemption, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV4) CreateExemptionResourceWithContext(ctx context.Context, createExemptionResourceOptions *CreateExemptionResourceOptions) (result *Exemption, response *core.DetailedResponse, err error)
createExemptionResource(params)
create_exemption_resource(
self,
resource: str,
issue_type: str,
issue_id: str,
**kwargs,
) -> DetailedResponseServiceCall<Exemption> createExemptionResource(CreateExemptionResourceOptions createExemptionResourceOptions)Request
Instantiate the CreateExemptionResourceOptions struct and set the fields to provide parameter values for the CreateExemptionResource method.
Use the CreateExemptionResourceOptions.Builder to create a CreateExemptionResourceOptions object that contains the parameter values for the createExemptionResource method.
Custom Headers
The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.
The preferred language code for this request.
Path Parameters
IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash)
Possible values: Value must match regular expression
.*Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
.*
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The CreateExemptionResource options.
IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).
Possible values: Value must match regular expression
/.*/Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
/.*/
parameters
IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).
Possible values: Value must match regular expression
/.*/Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
/.*/
parameters
IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).
Possible values: Value must match regular expression
/.*/Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
/.*/
The createExemptionResource options.
IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).
Possible values: Value must match regular expression
/.*/Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
/.*/
createExemptionResourceOptions := vulnerabilityAdvisorService.NewCreateExemptionResourceOptions( "cve", "CVE-2020-0001", "image name", ) exemption, response, err := vulnerabilityAdvisorService.CreateExemptionResource(createExemptionResourceOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(exemption, "", " ") fmt.Println(string(b))
const params = { resource: 'image name', issueType: 'cve', issueId: 'CVE-2020-0001', }; let res; try { res = await vulnerabilityAdvisorService.createExemptionResource(params); console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
response = vulnerability_advisor_service.create_exemption_resource( resource='image name', issue_type='cve', issue_id='CVE-2023-0001', ) exemption = response.get_result() print(json.dumps(exemption, indent=2))
CreateExemptionResourceOptions createExemptionResourceOptions = new CreateExemptionResourceOptions.Builder() .resource("image name") .issueType("cve") .issueId("CVE-2023-0001") .build(); Response<Exemption> response = vulnerabilityAdvisorService.createExemptionResource(createExemptionResourceOptions).execute(); Exemption exemption = response.getResult(); System.out.println(exemption);
curl -X 'POST' 'https://icr.io/va/api/v4/exempt/image/birds/issue/cve/CVE-2019-99999' -H 'Authorization: Bearer <bearer_token>' -H 'accept: application/json' -H 'Account: <account_ID>'
Response
The unique ID for the IBM Cloud account for this policy
ID of issue being exempted
Type of issue being exempted
Details of the level of IBM Cloud Registry resource the exemption applies to
The unique ID for the IBM Cloud account for this policy.
ID of issue being exempted.
Type of issue being exempted.
- Scope
The type of scope the exemption applies to: account, namespace, repository, image.
The IBM Cloud Registry namespace included in scope.
The IBM Cloud Registry repository included in scope.
The IBM Cloud Registry tag included in scope.
The unique ID for the IBM Cloud account for this policy.
ID of issue being exempted.
Type of issue being exempted.
- scope
The type of scope the exemption applies to: account, namespace, repository, image.
The IBM Cloud Registry namespace included in scope.
The IBM Cloud Registry repository included in scope.
The IBM Cloud Registry tag included in scope.
The unique ID for the IBM Cloud account for this policy.
ID of issue being exempted.
Type of issue being exempted.
- scope
The type of scope the exemption applies to: account, namespace, repository, image.
The IBM Cloud Registry namespace included in scope.
The IBM Cloud Registry repository included in scope.
The IBM Cloud Registry tag included in scope.
The unique ID for the IBM Cloud account for this policy.
ID of issue being exempted.
Type of issue being exempted.
- scope
The type of scope the exemption applies to: account, namespace, repository, image.
The IBM Cloud Registry namespace included in scope.
The IBM Cloud Registry repository included in scope.
The IBM Cloud Registry tag included in scope.
Status Code
Created
A required header is missing. Add the header to the request and try again.
You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.
You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.
An internal server error occurred
This service is unavailable at the moment. Try again later.
Unable to authenticate with IBM Cloud. Try again later.
{ "issue_type": "cve", "issue_id": "CVE-2019-99999", "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff", "scope": { "scope_type": "image", "namespace": "birds", "repository": "", "tag": "" } }{ "issue_type": "cve", "issue_id": "CVE-2019-99999", "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff", "scope": { "scope_type": "image", "namespace": "birds", "repository": "", "tag": "" } }
Delete a resource exemption
Delete an exemption that is specified for a resource (account, registry namespace, repository, or image).
Delete an exemption that is specified for a resource (account, registry namespace, repository, or image).
Delete an exemption that is specified for a resource (account, registry namespace, repository, or image).
Delete an exemption that is specified for a resource (account, registry namespace, repository, or image).
Delete an exemption that is specified for a resource (account, registry namespace, repository, or image).
DELETE /va/api/v4/exempt/image/{resource}/issue/{issueType}/{issueID}(vulnerabilityAdvisor *VulnerabilityAdvisorV4) DeleteExemptionResource(deleteExemptionResourceOptions *DeleteExemptionResourceOptions) (response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV4) DeleteExemptionResourceWithContext(ctx context.Context, deleteExemptionResourceOptions *DeleteExemptionResourceOptions) (response *core.DetailedResponse, err error)
deleteExemptionResource(params)
delete_exemption_resource(
self,
resource: str,
issue_type: str,
issue_id: str,
**kwargs,
) -> DetailedResponseServiceCall<Void> deleteExemptionResource(DeleteExemptionResourceOptions deleteExemptionResourceOptions)Request
Instantiate the DeleteExemptionResourceOptions struct and set the fields to provide parameter values for the DeleteExemptionResource method.
Use the DeleteExemptionResourceOptions.Builder to create a DeleteExemptionResourceOptions object that contains the parameter values for the deleteExemptionResource method.
Custom Headers
The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.
The preferred language code for this request.
Path Parameters
IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash)
Possible values: Value must match regular expression
.*Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
.*
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The DeleteExemptionResource options.
IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).
Possible values: Value must match regular expression
/.*/Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
/.*/
parameters
IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).
Possible values: Value must match regular expression
/.*/Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
/.*/
parameters
IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).
Possible values: Value must match regular expression
/.*/Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
/.*/
The deleteExemptionResource options.
IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).
Possible values: Value must match regular expression
/.*/Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v4/exempt/types for more details.
Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v4/exempt/types for more details.
Possible values: Value must match regular expression
/.*/
deleteExemptionResourceOptions := vulnerabilityAdvisorService.NewDeleteExemptionResourceOptions( "cve", "CVE-2020-0001", "image name", ) response, err := vulnerabilityAdvisorService.DeleteExemptionResource(deleteExemptionResourceOptions) if err != nil { panic(err) } if response.StatusCode != 200 { fmt.Printf("\nUnexpected response status code received from DeleteExemptionResource(): %d\n", response.StatusCode) }
const params = { resource: 'image name', issueType: 'cve', issueId: 'CVE-2020-0001', }; try { await vulnerabilityAdvisorService.deleteExemptionResource(params); } catch (err) { console.warn(err); }
response = vulnerability_advisor_service.delete_exemption_resource( resource='image name', issue_type='cve', issue_id='CVE-2023-0001', )
DeleteExemptionResourceOptions deleteExemptionResourceOptions = new DeleteExemptionResourceOptions.Builder() .resource("image name") .issueType("cve") .issueId("CVE-2023-0001") .build(); Response<Void> response = vulnerabilityAdvisorService.deleteExemptionResource(deleteExemptionResourceOptions).execute();
curl -X 'DELETE' 'https://icr.io/va/api/v4/exempt/image/birds/issue/cve/CVE-2019-99999' -H 'Authorization: Bearer <bearer_token>' -H 'Account: <account_ID>'
Response
Status Code
OK
A required header is missing. Add the header to the request and try again.
You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.
You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.
Exemption not found.
An internal server error occurred
This service is unavailable at the moment. Try again later.
Unable to authenticate with IBM Cloud. Try again later.
No Sample Response
List the types of exemption
List the types of exemption.
List the types of exemption.
List the types of exemption.
List the types of exemption.
List the types of exemption.
GET /va/api/v4/exempt/types
(vulnerabilityAdvisor *VulnerabilityAdvisorV4) ExemptHandler(exemptHandlerOptions *ExemptHandlerOptions) (result []ExemptionTypeInfo, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV4) ExemptHandlerWithContext(ctx context.Context, exemptHandlerOptions *ExemptHandlerOptions) (result []ExemptionTypeInfo, response *core.DetailedResponse, err error)
exemptHandler(params)
exempt_handler(
self,
**kwargs,
) -> DetailedResponseServiceCall<List<ExemptionTypeInfo>> exemptHandler(ExemptHandlerOptions exemptHandlerOptions)
Request
Instantiate the ExemptHandlerOptions struct and set the fields to provide parameter values for the ExemptHandler method.
Use the ExemptHandlerOptions.Builder to create a ExemptHandlerOptions object that contains the parameter values for the exemptHandler method.
Custom Headers
The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.
The preferred language code for this request.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
parameters
parameters
exemptHandlerOptions := vulnerabilityAdvisorService.NewExemptHandlerOptions() exemptionTypeInfo, response, err := vulnerabilityAdvisorService.ExemptHandler(exemptHandlerOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(exemptionTypeInfo, "", " ") fmt.Println(string(b))
let res; try { res = await vulnerabilityAdvisorService.exemptHandler({}); console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
response = vulnerability_advisor_service.exempt_handler() list_exemption_type_info = response.get_result() print(json.dumps(list_exemption_type_info, indent=2))
ExemptHandlerOptions exemptHandlerOptions = new ExemptHandlerOptions(); Response<List<ExemptionTypeInfo>> response = vulnerabilityAdvisorService.exemptHandler(exemptHandlerOptions).execute(); List<ExemptionTypeInfo> listExemptionTypeInfo = response.getResult(); System.out.println(listExemptionTypeInfo);
curl -X 'GET' 'https://icr.io/va/api/v4/exempt/types' -H 'Authorization: Bearer <bearer_token>' -H 'accept: application/json' -H 'Account: <account_ID>'
Response
Response type: []ExemptionTypeInfo
Response type: ExemptionTypeInfo[]
Response type: List[ExemptionTypeInfo]
Response type: List<ExemptionTypeInfo>
Status Code
OK
A required header is missing. Add the header to the request and try again.
You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.
You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.
An internal server error occurred
This service is unavailable at the moment. Try again later.
Unable to authenticate with IBM Cloud. Try again later.
[ { "identifier": "cve", "display_name": "CVE", "validation_regex": "^(?:CVE-(?:\\d){4}-(?:\\d){4,})$" }, { "identifier": "sn", "display_name": "Security Notice", "validation_regex": "^(?:(?:RHSA-(?:\\d){4}:(?:\\d){4})|(?:DSA-(?:\\d){3,}-(?:\\d){1,})|(?:usn-(?:\\d){1,}-(?:\\d){1,})|(?:ALPINE-(?:CVE-(?:\\d){4}-(?:\\d){4,})))$" }, { "identifier": "configuration", "display_name": "Configuration Issue", "validation_regex": "^(?:(?:system_configuration:Linux\\.(?:\\d){1,2}-\\d-[a-z])|(?:application_configuration:(?:(?:[a-zA-Z/](?:(?:(?:[a-zA-Z0-9-_/])+)?[a-zA-Z0-9])?)(?:\\.(?:[a-zA-Z/](?:(?:(?:[a-zA-Z0-9-_/])+)?[a-zA-Z0-9])?))+)))$" } ][ { "identifier": "cve", "display_name": "CVE", "validation_regex": "^(?:CVE-(?:\\d){4}-(?:\\d){4,})$" }, { "identifier": "sn", "display_name": "Security Notice", "validation_regex": "^(?:(?:RHSA-(?:\\d){4}:(?:\\d){4})|(?:DSA-(?:\\d){3,}-(?:\\d){1,})|(?:usn-(?:\\d){1,}-(?:\\d){1,})|(?:ALPINE-(?:CVE-(?:\\d){4}-(?:\\d){4,})))$" }, { "identifier": "configuration", "display_name": "Configuration Issue", "validation_regex": "^(?:(?:system_configuration:Linux\\.(?:\\d){1,2}-\\d-[a-z])|(?:application_configuration:(?:(?:[a-zA-Z/](?:(?:(?:[a-zA-Z0-9-_/])+)?[a-zA-Z0-9])?)(?:\\.(?:[a-zA-Z/](?:(?:(?:[a-zA-Z0-9-_/])+)?[a-zA-Z0-9])?))+)))$" } ]
List all exemptions
List all of the exemptions in the given account.
List all of the exemptions in the given account.
List all of the exemptions in the given account.
List all of the exemptions in the given account.
List all of the exemptions in the given account.
GET /va/api/v4/exemptions/account
(vulnerabilityAdvisor *VulnerabilityAdvisorV4) ListAccountExemptions(listAccountExemptionsOptions *ListAccountExemptionsOptions) (result []Exemption, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV4) ListAccountExemptionsWithContext(ctx context.Context, listAccountExemptionsOptions *ListAccountExemptionsOptions) (result []Exemption, response *core.DetailedResponse, err error)
listAccountExemptions(params)
list_account_exemptions(
self,
**kwargs,
) -> DetailedResponseServiceCall<List<Exemption>> listAccountExemptions(ListAccountExemptionsOptions listAccountExemptionsOptions)
Request
Instantiate the ListAccountExemptionsOptions struct and set the fields to provide parameter values for the ListAccountExemptions method.
Use the ListAccountExemptionsOptions.Builder to create a ListAccountExemptionsOptions object that contains the parameter values for the listAccountExemptions method.
Custom Headers
The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.
The preferred language code for this request.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
parameters
parameters
listAccountExemptionsOptions := vulnerabilityAdvisorService.NewListAccountExemptionsOptions() exemption, response, err := vulnerabilityAdvisorService.ListAccountExemptions(listAccountExemptionsOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(exemption, "", " ") fmt.Println(string(b))
let res; try { res = await vulnerabilityAdvisorService.listAccountExemptions({}); console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
response = vulnerability_advisor_service.list_account_exemptions() list_exemption = response.get_result() print(json.dumps(list_exemption, indent=2))
ListAccountExemptionsOptions listAccountExemptionsOptions = new ListAccountExemptionsOptions(); Response<List<Exemption>> response = vulnerabilityAdvisorService.listAccountExemptions(listAccountExemptionsOptions).execute(); List<Exemption> listExemption = response.getResult(); System.out.println(listExemption);
curl -X 'GET' 'https://icr.io/va/api/v4/exemptions/account' -H 'Authorization: Bearer <bearer_token>' -H 'accept: application/json' -H 'Account: <account_ID>'
Response
Response type: []Exemption
Response type: Exemption[]
Response type: List[Exemption]
Response type: List<Exemption>
The unique ID for the IBM Cloud account for this policy
ID of issue being exempted
Type of issue being exempted
Details of the level of IBM Cloud Registry resource the exemption applies to
Status Code
OK
A required header is missing. Add the header to the request and try again.
You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.
You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.
An internal server error occurred
This service is unavailable at the moment. Try again later.
Unable to authenticate with IBM Cloud. Try again later.
[ { "issue_type": "cve", "issue_id": "CVE-2019-99999", "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff", "scope": { "scope_type": "image", "namespace": "", "repository": "", "tag": "" } }, { "issue_type": "cve", "issue_id": "CVE-2019-11111", "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff", "scope": { "scope_type": "image", "namespace": "birds", "repository": "", "tag": "" } } ][ { "issue_type": "cve", "issue_id": "CVE-2019-99999", "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff", "scope": { "scope_type": "image", "namespace": "", "repository": "", "tag": "" } }, { "issue_type": "cve", "issue_id": "CVE-2019-11111", "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff", "scope": { "scope_type": "image", "namespace": "birds", "repository": "", "tag": "" } } ]
Delete all exemptions
Delete all of the exemptions in the given account.
Delete all of the exemptions in the given account.
Delete all of the exemptions in the given account.
Delete all of the exemptions in the given account.
Delete all of the exemptions in the given account.
POST /va/api/v4/exemptions/deleteAll
(vulnerabilityAdvisor *VulnerabilityAdvisorV4) ExemptionsAccountDeleteHandler(exemptionsAccountDeleteHandlerOptions *ExemptionsAccountDeleteHandlerOptions) (result *ExemptionDeletionInfo, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV4) ExemptionsAccountDeleteHandlerWithContext(ctx context.Context, exemptionsAccountDeleteHandlerOptions *ExemptionsAccountDeleteHandlerOptions) (result *ExemptionDeletionInfo, response *core.DetailedResponse, err error)
exemptionsAccountDeleteHandler(params)
exemptions_account_delete_handler(
self,
**kwargs,
) -> DetailedResponseServiceCall<ExemptionDeletionInfo> exemptionsAccountDeleteHandler(ExemptionsAccountDeleteHandlerOptions exemptionsAccountDeleteHandlerOptions)Request
Instantiate the ExemptionsAccountDeleteHandlerOptions struct and set the fields to provide parameter values for the ExemptionsAccountDeleteHandler method.
Use the ExemptionsAccountDeleteHandlerOptions.Builder to create a ExemptionsAccountDeleteHandlerOptions object that contains the parameter values for the exemptionsAccountDeleteHandler method.
Custom Headers
The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.
The preferred language code for this request.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
parameters
parameters
exemptionsAccountDeleteHandlerOptions := vulnerabilityAdvisorService.NewExemptionsAccountDeleteHandlerOptions() exemptionDeletionInfo, response, err := vulnerabilityAdvisorService.ExemptionsAccountDeleteHandler(exemptionsAccountDeleteHandlerOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(exemptionDeletionInfo, "", " ") fmt.Println(string(b))
let res; try { res = await vulnerabilityAdvisorService.exemptionsAccountDeleteHandler({}); console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
response = vulnerability_advisor_service.exemptions_account_delete_handler() exemption_deletion_info = response.get_result() print(json.dumps(exemption_deletion_info, indent=2))
ExemptionsAccountDeleteHandlerOptions exemptionsAccountDeleteHandlerOptions = new ExemptionsAccountDeleteHandlerOptions(); Response<ExemptionDeletionInfo> response = vulnerabilityAdvisorService.exemptionsAccountDeleteHandler(exemptionsAccountDeleteHandlerOptions).execute(); ExemptionDeletionInfo exemptionDeletionInfo = response.getResult(); System.out.println(exemptionDeletionInfo);
curl -X 'POST' 'https://icr.io/va/api/v4/exemptions/deleteAll' -H 'Authorization: Bearer <bearer_token>' -H 'accept: application/json' -H 'Account: <account_ID>'
Response
Status Code
OK
A required header is missing. Add the header to the request and try again.
You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.
You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.
An internal server error occurred
This service is unavailable at the moment. Try again later.
Unable to authenticate with IBM Cloud. Try again later.
{ "number_of_exemptions_deleted": 2 }{ "number_of_exemptions_deleted": 2 }
List image exemptions
List all of the exemptions for an image.
List all of the exemptions for an image.
List all of the exemptions for an image.
List all of the exemptions for an image.
List all of the exemptions for an image.
GET /va/api/v4/exemptions/image/{resource}(vulnerabilityAdvisor *VulnerabilityAdvisorV4) ListImageExemptions(listImageExemptionsOptions *ListImageExemptionsOptions) (result []Exemption, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV4) ListImageExemptionsWithContext(ctx context.Context, listImageExemptionsOptions *ListImageExemptionsOptions) (result []Exemption, response *core.DetailedResponse, err error)
listImageExemptions(params)
list_image_exemptions(
self,
resource: str,
*,
include_scope: bool = None,
**kwargs,
) -> DetailedResponseServiceCall<List<Exemption>> listImageExemptions(ListImageExemptionsOptions listImageExemptionsOptions)
Request
Instantiate the ListImageExemptionsOptions struct and set the fields to provide parameter values for the ListImageExemptions method.
Use the ListImageExemptionsOptions.Builder to create a ListImageExemptionsOptions object that contains the parameter values for the listImageExemptions method.
Custom Headers
The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.
The preferred language code for this request.
Path Parameters
IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash)
Possible values: Value must match regular expression
.*
Query Parameters
Include scope on returned exemptions
Default:
false
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The ListImageExemptions options.
IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).
Possible values: Value must match regular expression
/.*/Include scope on returned exemptions.
Default:
false
parameters
IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).
Possible values: Value must match regular expression
/.*/Include scope on returned exemptions.
Default:
false
parameters
IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).
Possible values: Value must match regular expression
/.*/Include scope on returned exemptions.
Default:
false
The listImageExemptions options.
IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).
Possible values: Value must match regular expression
/.*/Include scope on returned exemptions.
Default:
false
listImageExemptionsOptions := vulnerabilityAdvisorService.NewListImageExemptionsOptions( "image name", ) exemption, response, err := vulnerabilityAdvisorService.ListImageExemptions(listImageExemptionsOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(exemption, "", " ") fmt.Println(string(b))
const params = { resource: 'image name', }; let res; try { res = await vulnerabilityAdvisorService.listImageExemptions(params); console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
response = vulnerability_advisor_service.list_image_exemptions( resource='image name', ) list_exemption = response.get_result() print(json.dumps(list_exemption, indent=2))
ListImageExemptionsOptions listImageExemptionsOptions = new ListImageExemptionsOptions.Builder() .resource("image name") .build(); Response<List<Exemption>> response = vulnerabilityAdvisorService.listImageExemptions(listImageExemptionsOptions).execute(); List<Exemption> listExemption = response.getResult(); System.out.println(listExemption);
curl -X 'GET' 'https://icr.io/va/api/v4/exemptions/image/birds?includeScope=false' -H 'Authorization: Bearer <bearer_token>' -H 'accept: application/json' -H 'Account: <account_ID>'
Response
Response type: []Exemption
Response type: Exemption[]
Response type: List[Exemption]
Response type: List<Exemption>
The unique ID for the IBM Cloud account for this policy
ID of issue being exempted
Type of issue being exempted
Details of the level of IBM Cloud Registry resource the exemption applies to
Status Code
OK. If the includeScope query parameter is set to true this endpoint will return a list of exemptions that have an additional field 'scope' that describes the level at which the exemption is set (namespace, repository, tag)
A required header is missing. Add the header to the request and try again.
You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.
You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.
An internal server error occurred
This service is unavailable at the moment. Try again later.
Unable to authenticate with IBM Cloud. Try again later.
[ { "issue_type": "cve", "issue_id": "CVE-2019-99999", "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff" } ][ { "issue_type": "cve", "issue_id": "CVE-2019-99999", "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff" } ]
List exemptions for images
List the exemptions for the given list of images.
List the exemptions for the given list of images.
List the exemptions for the given list of images.
List the exemptions for the given list of images.
List the exemptions for the given list of images.
POST /va/api/v4/exemptions/images
(vulnerabilityAdvisor *VulnerabilityAdvisorV4) ListBulkImageExemptions(listBulkImageExemptionsOptions *ListBulkImageExemptionsOptions) (result map[string][]Exemption, response *core.DetailedResponse, err error)(vulnerabilityAdvisor *VulnerabilityAdvisorV4) ListBulkImageExemptionsWithContext(ctx context.Context, listBulkImageExemptionsOptions *ListBulkImageExemptionsOptions) (result map[string][]Exemption, response *core.DetailedResponse, err error)listBulkImageExemptions(params)
list_bulk_image_exemptions(
self,
body: List[str],
**kwargs,
) -> DetailedResponseServiceCall<Map<String, List<Exemption>>> listBulkImageExemptions(ListBulkImageExemptionsOptions listBulkImageExemptionsOptions)
Request
Instantiate the ListBulkImageExemptionsOptions struct and set the fields to provide parameter values for the ListBulkImageExemptions method.
Use the ListBulkImageExemptionsOptions.Builder to create a ListBulkImageExemptionsOptions object that contains the parameter values for the listBulkImageExemptions method.
Custom Headers
The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.
The preferred language code for this request.
List of images
[
"us.icr.io/birds/woodpecker:green",
"us.icr.io/birds/grebe:crested"
]WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The ListBulkImageExemptions options.
List of images.
Examples:[ "us.icr.io/birds/woodpecker:green", "us.icr.io/birds/grebe:crested" ]
parameters
List of images.
Examples:
parameters
List of images.
Examples:
The listBulkImageExemptions options.
List of images.
Examples:[ "us.icr.io/birds/woodpecker:green", "us.icr.io/birds/grebe:crested" ]
listBulkImageExemptionsOptions := vulnerabilityAdvisorService.NewListBulkImageExemptionsOptions( []string{"us.icr.io/birds/woodpecker:green", "us.icr.io/birds/grebe:crested"}, ) mapStringExemption, response, err := vulnerabilityAdvisorService.ListBulkImageExemptions(listBulkImageExemptionsOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(mapStringExemption, "", " ") fmt.Println(string(b))
const params = { body: ['us.icr.io/birds/woodpecker:green', 'us.icr.io/birds/grebe:crested'], }; let res; try { res = await vulnerabilityAdvisorService.listBulkImageExemptions(params); console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
response = vulnerability_advisor_service.list_bulk_image_exemptions( body=['us.icr.io/birds/woodpecker:green', 'us.icr.io/birds/grebe:crested'], ) exemptions_map = response.get_result() print(json.dumps(exemptions_map, indent=2))
ListBulkImageExemptionsOptions listBulkImageExemptionsOptions = new ListBulkImageExemptionsOptions.Builder() .body(java.util.Arrays.asList("us.icr.io/birds/woodpecker:green", "us.icr.io/birds/grebe:crested")) .build(); Response<Map<String, List<Exemption>>> response = vulnerabilityAdvisorService.listBulkImageExemptions(listBulkImageExemptionsOptions).execute(); Map<String, List<Exemption>> mapStringListExemption = response.getResult(); System.out.println(mapStringListExemption);
curl -X 'POST' 'https://icr.io/va/api/v4/exemptions/images' -H 'Authorization: Bearer <bearer_token>' -H 'accept: application/json' -H 'Account: <account_ID>' -H 'Content-Type: application/json' -d '[ "us.icr.io/birds/woodpecker:green", "us.icr.io/birds/grebe:crested" ]'
Response
Response type: map[string][]Exemption
Response type: JsonObject
Response type: dict
Response type: Map<String, List<Exemption>>
- any property
The unique ID for the IBM Cloud account for this policy
ID of issue being exempted
Type of issue being exempted
Details of the level of IBM Cloud Registry resource the exemption applies to
Status Code
OK
A required header is missing. Add the header to the request and try again.
You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.
You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.
An internal server error occurred
This service is unavailable at the moment. Try again later.
Unable to authenticate with IBM Cloud. Try again later.
{ "us.icr.io/birds/woodpecker:green": [ { "issue_type": "cve", "issue_id": "CVE-2019-99999", "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff" } ], "us.icr.io/birds/grebe:crested": [ { "issue_type": "cve", "issue_id": "CVE-2019-11111", "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff" } ] }{ "us.icr.io/birds/woodpecker:green": [ { "issue_type": "cve", "issue_id": "CVE-2019-99999", "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff" } ], "us.icr.io/birds/grebe:crested": [ { "issue_type": "cve", "issue_id": "CVE-2019-11111", "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff" } ] }