Vulnerability Advisor for IBM Cloud Container Registry

Introduction

Vulnerability Advisor checks the security status of container images that are provided by IBM®, third parties, or added to your organization's registry namespace.

For more information about Vulnerability Advisor, see Managing image security with Vulnerability Advisor.

For more information about IBM Cloud Container Registry, see About IBM Cloud Container Registry.

For more information about IBM Cloud Kubernetes Service, see Getting started with IBM Cloud Kubernetes Service.

The code examples on this tab use the client library that is provided for Node.js.

npm install @ibm-cloud/ibm-container-registry

GitHub

The code examples on this tab use the client library that is provided for Go.

go get -u github.com/IBM/container-registry-go-sdk

GitHub

The code examples on this tab use the client library that is provided for Python.

pip install --upgrade "ibm-container-registry"

GitHub

The code examples on this tab use the client library that is provided for Java.

Gradle

compile group: 'com.ibm.cloud', name: 'vulnerability-advisor', version: '0.+'

Maven

GitHub

Endpoint URL

The endpoint for the Vulnerability Advisor for IBM Cloud Container Registry API is in the format: https://<registry_dns_name>/va/api/v3 For example, the API endpoint for Dallas is: https://us.icr.io/va/api/v3 To find out about the available IBM Cloud Container Registry DNS names, see Regions.

Authentication

Access to IBM Cloud Container Registry and Vulnerability Advisor is controlled by using IBM Cloud Identity and Access Management (IAM), which provides a unified approach to managing user identities and access control across your IBM Cloud services and applications.

This API requires IBM Cloud Identity and Access Management (IAM) authentication. You must pass an IAM token in the Authorization header of the request. You can retrieve your IAM access token, which is prefixed with Bearer, by running the ibmcloud iam oauth-tokens command. You must also set the Account header to the unique ID for your IBM Cloud account. You can retrieve your Account ID by running the ibmcloud account show command.

To call each method, you must be assigned a role that includes the required IAM actions. Each method lists the associated action. For more information about IAM actions and how they map to roles, see Managing access for IBM Cloud Container Registry.

Auditing

You can monitor API activity within your account by using the IBM Cloud Activity Tracker service. Whenever an API method is called, an event is generated that you can then track and audit from within Activity Tracker. The specific event type is listed for each individual method. For more information about how to track IBM Cloud Container Registry activity, see Auditing the events for Container Registry.

For more information about IAM actions and Activity Tracker actions by API method, see IAM and Activity Tracker actions by API method.

Error handling

The Vulnerabiliy Advisor service uses standard HTTP response codes to indicate whether a method completed successfully. A 200 response always indicates success. A 400 type response indicates a failure, and a 500 type response usually indicates an internal system error.

Vulnerability report status codes

The following table shows the vulnerability report status codes.

Table 1. Vulnerability report status codes
Code Description
OK No security issues were found in the image.
FAIL The scan found one or more potential security issues or vulnerabilities in the image that are outside the scope of all exemptions.
WARN The scan found one or more potential security issues or vulnerabilities in the image. However all of the issues are within the scope of one or more exemptions.
UNSUPPORTED The scan found no supported operating system (OS) distribution and no active configuration issues in the image.
INCOMPLETE The image is being scanned and the final vulnerability status is not determined.
UNSCANNED A vulnerability assessment for the image could not be found.

Methods

Get the vulnerability assessment for all images

Get the vulnerability assessment for the list of registry images that belong to a specific account.

Get the vulnerability assessment for the list of registry images that belong to a specific account.

Get the vulnerability assessment for the list of registry images that belong to a specific account.

Get the vulnerability assessment for the list of registry images that belong to a specific account.

Get the vulnerability assessment for the list of registry images that belong to a specific account.

GET /va/api/v3/report/account
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) AccountReportQueryPath(accountReportQueryPathOptions *AccountReportQueryPathOptions) (result *ScanReportList, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) AccountReportQueryPathWithContext(ctx context.Context, accountReportQueryPathOptions *AccountReportQueryPathOptions) (result *ScanReportList, response *core.DetailedResponse, err error)
accountReportQueryPath(params)
account_report_query_path(self,
        *,
        repository: str = None,
        include_ibm: str = None,
        include_private: str = None,
        **kwargs
    ) -> DetailedResponse
ServiceCall<ScanReportList> accountReportQueryPath(AccountReportQueryPathOptions accountReportQueryPathOptions)

Request

Instantiate the AccountReportQueryPathOptions struct and set the fields to provide parameter values for the AccountReportQueryPath method.

Use the AccountReportQueryPathOptions.Builder to create a AccountReportQueryPathOptions object that contains the parameter values for the accountReportQueryPath method.

Custom Headers

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

Query Parameters

  • The name of the repository that you want to see image vulnerability assessments for. For example, us.icr.io/namespace/image.

  • When set to true, the returned list contains IBM public images and the account images. If not set, or set to false, the list contains only the account images.

  • When set to false, the returned list does not contain the private account images. If not set, or set to true, the list contains the private account images.

WithContext method only

The AccountReportQueryPath options.

parameters

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The name of the repository that you want to see image vulnerability assessments for. For example, us.icr.io/namespace/image.

  • When set to true, the returned list contains IBM public images and the account images. If not set, or set to false, the list contains only the account images.

  • When set to false, the returned list does not contain the private account images. If not set, or set to true, the list contains the private account images.

  • The preferred language code for this request.

parameters

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The name of the repository that you want to see image vulnerability assessments for. For example, us.icr.io/namespace/image.

  • When set to true, the returned list contains IBM public images and the account images. If not set, or set to false, the list contains only the account images.

  • When set to false, the returned list does not contain the private account images. If not set, or set to true, the list contains the private account images.

  • The preferred language code for this request.

The accountReportQueryPath options.

  • accountReportQueryPathOptions := vulnerabilityAdvisorService.NewAccountReportQueryPathOptions()
    
    accountReportQueryPathOptions.IncludePrivate = core.StringPtr("true")
    
    scanReportList, response, err := vulnerabilityAdvisorService.AccountReportQueryPath(accountReportQueryPathOptions)
    if err != nil {
      panic(err)
    }
    b, _ := json.MarshalIndent(scanReportList, "", "  ")
    fmt.Println(string(b))
  • vulnerabilityAdvisorService.accountReportQueryPath({})
      .then(res => {
        console.log(JSON.stringify(res.result, null, 2));
      })
      .catch(err => {
        console.warn(err)
      });
  • scan_report_list = vulnerability_advisor_service.account_report_query_path().get_result()
    
    print(json.dumps(scan_report_list, indent=2))
  • AccountReportQueryPathOptions accountReportQueryPathOptions = new AccountReportQueryPathOptions.Builder()
      .build();
    
    Response<ScanReportList> response = service.accountReportQueryPath(accountReportQueryPathOptions).execute();
    ScanReportList scanReportList = response.getResult();
    
    System.out.println(scanReportList);
  • curl -X 'GET'   'https://us.icr.io/va/api/v3/report/account'   -H 'Authorization: Bearer <bearer_token>'   -H 'accept: application/json'   -H 'Account: <account_ID>'

Response

Status Code

  • The returned list might contain unscanned results for images in your account that haven't yet been scanned. Try again later. If this issue persists, contact support for help; see https://cloud.ibm.com/docs/get-support?topic=get-support-using-avatar

  • A required header is missing. Add the header to the request and try again.

  • You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.

  • You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.

  • An internal server error occurred

  • This service is unavailable at the moment. Try again later.

  • Unable to authenticate with IBM Cloud. Try again later.

Example responses
  • {
      "assessments": {
        "us.icr.io/birds/grebe:crested": {
          "id": "12345678-130f-423f-a521-16f787651234",
          "scan_time": 1594050648,
          "status": "UNSUPPORTED",
          "vulnerabilities": [],
          "configuration_issues": []
        },
        "us.icr.io/birds/woodpecker:green": {
          "id": "12345678-130f-423f-a521-16f787654321",
          "scan_time": 1594148866,
          "status": "WARN",
          "vulnerabilities": [
            {
              "cve_id": "CVE-2019-99999",
              "summary": "This is a CVE.",
              "cve_exempt": true,
              "exempt_status": "exempt",
              "security_notice_count": 1,
              "exempt_security_notice_count": 0,
              "total_security_notice_count": 1,
              "security_notices": [
                {
                  "notice_id": "ALPINE-CVE-2019-99999",
                  "notice": "",
                  "notice_exempt": false,
                  "summary": "This is a summary.",
                  "vulnerable_packages": [
                    {
                      "description": "Description of vulnerability to package",
                      "corrective_action": "Upgrade the offending packahe",
                      "fix_version": "0.0.1",
                      "installed_version": "0.0.0",
                      "package_name": "package"
                    }
                  ]
                }
              ]
            }
          ],
          "configuration_issues": []
        }
      }
    }
  • {
      "assessments": {
        "us.icr.io/birds/grebe:crested": {
          "id": "12345678-130f-423f-a521-16f787651234",
          "scan_time": 1594050648,
          "status": "UNSUPPORTED",
          "vulnerabilities": [],
          "configuration_issues": []
        },
        "us.icr.io/birds/woodpecker:green": {
          "id": "12345678-130f-423f-a521-16f787654321",
          "scan_time": 1594148866,
          "status": "WARN",
          "vulnerabilities": [
            {
              "cve_id": "CVE-2019-99999",
              "summary": "This is a CVE.",
              "cve_exempt": true,
              "exempt_status": "exempt",
              "security_notice_count": 1,
              "exempt_security_notice_count": 0,
              "total_security_notice_count": 1,
              "security_notices": [
                {
                  "notice_id": "ALPINE-CVE-2019-99999",
                  "notice": "",
                  "notice_exempt": false,
                  "summary": "This is a summary.",
                  "vulnerable_packages": [
                    {
                      "description": "Description of vulnerability to package",
                      "corrective_action": "Upgrade the offending packahe",
                      "fix_version": "0.0.1",
                      "installed_version": "0.0.0",
                      "package_name": "package"
                    }
                  ]
                }
              ]
            }
          ],
          "configuration_issues": []
        }
      }
    }

Get vulnerability assessment status for all images

Get the vulnerability assessment status for the list of registry images that belong to a specific account.

Get the vulnerability assessment status for the list of registry images that belong to a specific account.

Get the vulnerability assessment status for the list of registry images that belong to a specific account.

Get the vulnerability assessment status for the list of registry images that belong to a specific account.

Get the vulnerability assessment status for the list of registry images that belong to a specific account.

GET /va/api/v3/report/account/status
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) AccountStatusQueryPath(accountStatusQueryPathOptions *AccountStatusQueryPathOptions) (result *ScanreportImageSummaryList, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) AccountStatusQueryPathWithContext(ctx context.Context, accountStatusQueryPathOptions *AccountStatusQueryPathOptions) (result *ScanreportImageSummaryList, response *core.DetailedResponse, err error)
accountStatusQueryPath(params)
account_status_query_path(self,
        *,
        repository: str = None,
        include_ibm: str = None,
        include_private: str = None,
        **kwargs
    ) -> DetailedResponse
ServiceCall<ScanreportImageSummaryList> accountStatusQueryPath(AccountStatusQueryPathOptions accountStatusQueryPathOptions)

Request

Instantiate the AccountStatusQueryPathOptions struct and set the fields to provide parameter values for the AccountStatusQueryPath method.

Use the AccountStatusQueryPathOptions.Builder to create a AccountStatusQueryPathOptions object that contains the parameter values for the accountStatusQueryPath method.

Custom Headers

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

Query Parameters

  • The name of the repository that you want to see image vulnerability assessments for. For example, us.icr.io/namespace/image.

  • When set to true, the returned list contains IBM public images and the account images. If not set, or set to false, the list contains only the account images.

  • When set to false, the returned list does not contain the private account images. If not set, or set to true, the list contains the private account images.

WithContext method only

The AccountStatusQueryPath options.

parameters

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The name of the repository that you want to see image vulnerability assessments for. For example, us.icr.io/namespace/image.

  • When set to true, the returned list contains IBM public images and the account images. If not set, or set to false, the list contains only the account images.

  • When set to false, the returned list does not contain the private account images. If not set, or set to true, the list contains the private account images.

  • The preferred language code for this request.

parameters

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The name of the repository that you want to see image vulnerability assessments for. For example, us.icr.io/namespace/image.

  • When set to true, the returned list contains IBM public images and the account images. If not set, or set to false, the list contains only the account images.

  • When set to false, the returned list does not contain the private account images. If not set, or set to true, the list contains the private account images.

  • The preferred language code for this request.

The accountStatusQueryPath options.

  • accountStatusQueryPathOptions := vulnerabilityAdvisorService.NewAccountStatusQueryPathOptions()
    
    accountStatusQueryPathOptions.IncludePrivate = core.StringPtr("true")
    
    scanreportImageSummaryList, response, err := vulnerabilityAdvisorService.AccountStatusQueryPath(accountStatusQueryPathOptions)
    if err != nil {
      panic(err)
    }
    b, _ := json.MarshalIndent(scanreportImageSummaryList, "", "  ")
    fmt.Println(string(b))
  • vulnerabilityAdvisorService.accountStatusQueryPath({})
      .then(res => {
        console.log(JSON.stringify(res.result, null, 2));
      })
      .catch(err => {
        console.warn(err)
      });
  • scanreport_image_summary_list = vulnerability_advisor_service.account_status_query_path().get_result()
    
    print(json.dumps(scanreport_image_summary_list, indent=2))
  • AccountStatusQueryPathOptions accountStatusQueryPathOptions = new AccountStatusQueryPathOptions.Builder()
      .build();
    
    Response<ScanreportImageSummaryList> response = service.accountStatusQueryPath(accountStatusQueryPathOptions).execute();
    ScanreportImageSummaryList scanreportImageSummaryList = response.getResult();
    
    System.out.println(scanreportImageSummaryList);
  • curl -X 'GET'   'https://us.icr.io/va/api/v3/report/account/status'   -H 'Authorization: Bearer <bearer_token>'   -H 'accept: application/json'   -H 'Account: <account_ID>'

Response

Status Code

  • The returned list might contain unscanned results for images in your account that haven't yet been scanned. Try again later. If this issue persists, contact support for help; see https://cloud.ibm.com/docs/get-support?topic=get-support-using-avatar

  • A required header is missing. Add the header to the request and try again.

  • You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.

  • You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.

  • An internal server error occurred

  • This service is unavailable at the moment. Try again later.

  • Unable to authenticate with IBM Cloud. Try again later.

Example responses
  • {
      "images": [
        {
          "name": "us.icr.io/birds/woodpecker:green",
          "created_time": 1515532258,
          "status": "FAIL",
          "scan_time": 1594031816,
          "issue_count": 2,
          "exempt_issue_count": 1,
          "vulnerability_count": 2,
          "exempt_vulnerability_count": 1,
          "configuration_issue_count": 0,
          "exempt_configuration_issue_count": 0
        },
        {
          "name": "us.icr.io/birds/grebe:crested",
          "created_time": 1546305670,
          "status": "UNSUPPORTED",
          "scan_time": 1594389126,
          "issue_count": 0,
          "exempt_issue_count": 0,
          "vulnerability_count": 0,
          "exempt_vulnerability_count": 0,
          "configuration_issue_count": 0,
          "exempt_configuration_issue_count": 0
        }
      ]
    }
  • {
      "images": [
        {
          "name": "us.icr.io/birds/woodpecker:green",
          "created_time": 1515532258,
          "status": "FAIL",
          "scan_time": 1594031816,
          "issue_count": 2,
          "exempt_issue_count": 1,
          "vulnerability_count": 2,
          "exempt_vulnerability_count": 1,
          "configuration_issue_count": 0,
          "exempt_configuration_issue_count": 0
        },
        {
          "name": "us.icr.io/birds/grebe:crested",
          "created_time": 1546305670,
          "status": "UNSUPPORTED",
          "scan_time": 1594389126,
          "issue_count": 0,
          "exempt_issue_count": 0,
          "vulnerability_count": 0,
          "exempt_vulnerability_count": 0,
          "configuration_issue_count": 0,
          "exempt_configuration_issue_count": 0
        }
      ]
    }

Get vulnerability assessment

Get the vulnerability assessment for a registry image.

Get the vulnerability assessment for a registry image.

Get the vulnerability assessment for a registry image.

Get the vulnerability assessment for a registry image.

Get the vulnerability assessment for a registry image.

GET /va/api/v3/report/image/{name}
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) ImageReportQueryPath(imageReportQueryPathOptions *ImageReportQueryPathOptions) (result *ScanReport, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) ImageReportQueryPathWithContext(ctx context.Context, imageReportQueryPathOptions *ImageReportQueryPathOptions) (result *ScanReport, response *core.DetailedResponse, err error)
imageReportQueryPath(params)
image_report_query_path(self,
        name: str,
        **kwargs
    ) -> DetailedResponse
ServiceCall<ScanReport> imageReportQueryPath(ImageReportQueryPathOptions imageReportQueryPathOptions)

Request

Instantiate the ImageReportQueryPathOptions struct and set the fields to provide parameter values for the ImageReportQueryPath method.

Use the ImageReportQueryPathOptions.Builder to create a ImageReportQueryPathOptions object that contains the parameter values for the imageReportQueryPath method.

Custom Headers

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

Path Parameters

  • The name of the image. For example, us.icr.io/namespace/repository:tag.

    Possible values: Value must match regular expression .*

WithContext method only

The ImageReportQueryPath options.

parameters

  • The name of the image. For example, us.icr.io/namespace/repository:tag.

    Possible values: Value must match regular expression /.*/

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

parameters

  • The name of the image. For example, us.icr.io/namespace/repository:tag.

    Possible values: Value must match regular expression /.*/

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

The imageReportQueryPath options.

  • imageReportQueryPathOptions := vulnerabilityAdvisorService.NewImageReportQueryPathOptions(
      "image name",
    )
    
    scanReport, response, err := vulnerabilityAdvisorService.ImageReportQueryPath(imageReportQueryPathOptions)
    if err != nil {
      panic(err)
    }
    b, _ := json.MarshalIndent(scanReport, "", "  ")
    fmt.Println(string(b))
  • const params = {
      name: 'image name',
    };
    
    vulnerabilityAdvisorService.imageReportQueryPath(params)
      .then(res => {
        console.log(JSON.stringify(res.result, null, 2));
      })
      .catch(err => {
        console.warn(err)
      });
  • scan_report = vulnerability_advisor_service.image_report_query_path(
      name='image name'
    ).get_result()
    
    print(json.dumps(scan_report, indent=2))
  • ImageReportQueryPathOptions imageReportQueryPathOptions = new ImageReportQueryPathOptions.Builder()
      .name("image name")
      .build();
    
    Response<ScanReport> response = service.imageReportQueryPath(imageReportQueryPathOptions).execute();
    ScanReport scanReport = response.getResult();
    
    System.out.println(scanReport);
  • curl -X 'GET'   'https://us.icr.io/va/api/v3/report/image/us.icr.io%2Fbirds%2Fwoodpecker%3Agreen'   -H 'Authorization: Bearer <bearer_token>'   -H 'accept: application/json'   -H 'Account: <account_ID>'

Response

Status Code

  • OK

  • A required header is missing. Add the header to the request and try again.

  • You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.

  • You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.

  • Your image hasn't been scanned yet. Try again later. If this issue persists, contact support for help; see https://cloud.ibm.com/docs/get-support?topic=get-support-using-avatar

  • An internal server error occurred

  • This service is unavailable at the moment. Try again later.

  • Unable to authenticate with IBM Cloud. Try again later.

Example responses
  • {
      "id": "12345678-130f-423f-a521-16f787654321",
      "scan_time": 1594148866,
      "status": "WARN",
      "vulnerabilities": [
        {
          "cve_id": "CVE-2019-99999",
          "summary": "This is a CVE.",
          "cve_exempt": true,
          "exempt_status": "exempt",
          "security_notice_count": 1,
          "exempt_security_notice_count": 0,
          "total_security_notice_count": 1,
          "security_notices": [
            {
              "notice_id": "ALPINE-CVE-2019-99999",
              "notice": "",
              "notice_exempt": false,
              "summary": "This is a summary.",
              "vulnerable_packages": [
                {
                  "description": "Description of vulnerability to package",
                  "corrective_action": "Upgrade the offending packahe",
                  "fix_version": "0.0.1",
                  "installed_version": "0.0.0",
                  "package_name": "package"
                }
              ]
            }
          ]
        }
      ],
      "configuration_issues": []
    }
  • {
      "id": "12345678-130f-423f-a521-16f787654321",
      "scan_time": 1594148866,
      "status": "WARN",
      "vulnerabilities": [
        {
          "cve_id": "CVE-2019-99999",
          "summary": "This is a CVE.",
          "cve_exempt": true,
          "exempt_status": "exempt",
          "security_notice_count": 1,
          "exempt_security_notice_count": 0,
          "total_security_notice_count": 1,
          "security_notices": [
            {
              "notice_id": "ALPINE-CVE-2019-99999",
              "notice": "",
              "notice_exempt": false,
              "summary": "This is a summary.",
              "vulnerable_packages": [
                {
                  "description": "Description of vulnerability to package",
                  "corrective_action": "Upgrade the offending packahe",
                  "fix_version": "0.0.1",
                  "installed_version": "0.0.0",
                  "package_name": "package"
                }
              ]
            }
          ]
        }
      ],
      "configuration_issues": []
    }

Get vulnerability status

Get the overall vulnerability status for a registry image.

Get the overall vulnerability status for a registry image.

Get the overall vulnerability status for a registry image.

Get the overall vulnerability status for a registry image.

Get the overall vulnerability status for a registry image.

GET /va/api/v3/report/image/status/{name}
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) ImageStatusQueryPath(imageStatusQueryPathOptions *ImageStatusQueryPathOptions) (result *ScanreportSummary, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) ImageStatusQueryPathWithContext(ctx context.Context, imageStatusQueryPathOptions *ImageStatusQueryPathOptions) (result *ScanreportSummary, response *core.DetailedResponse, err error)
imageStatusQueryPath(params)
image_status_query_path(self,
        name: str,
        **kwargs
    ) -> DetailedResponse
ServiceCall<ScanreportSummary> imageStatusQueryPath(ImageStatusQueryPathOptions imageStatusQueryPathOptions)

Request

Instantiate the ImageStatusQueryPathOptions struct and set the fields to provide parameter values for the ImageStatusQueryPath method.

Use the ImageStatusQueryPathOptions.Builder to create a ImageStatusQueryPathOptions object that contains the parameter values for the imageStatusQueryPath method.

Custom Headers

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

Path Parameters

  • The name of the image. For example, us.icr.io/namespace/repository:tag.

    Possible values: Value must match regular expression .*

WithContext method only

The ImageStatusQueryPath options.

parameters

  • The name of the image. For example, us.icr.io/namespace/repository:tag.

    Possible values: Value must match regular expression /.*/

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

parameters

  • The name of the image. For example, us.icr.io/namespace/repository:tag.

    Possible values: Value must match regular expression /.*/

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

The imageStatusQueryPath options.

  • imageStatusQueryPathOptions := vulnerabilityAdvisorService.NewImageStatusQueryPathOptions(
      "image name",
    )
    
    scanreportSummary, response, err := vulnerabilityAdvisorService.ImageStatusQueryPath(imageStatusQueryPathOptions)
    if err != nil {
      panic(err)
    }
    b, _ := json.MarshalIndent(scanreportSummary, "", "  ")
    fmt.Println(string(b))
  • const params = {
      name: 'image name',
    };
    
    vulnerabilityAdvisorService.imageStatusQueryPath(params)
      .then(res => {
        console.log(JSON.stringify(res.result, null, 2));
      })
      .catch(err => {
        console.warn(err)
      });
  • scanreport_summary = vulnerability_advisor_service.image_status_query_path(
      name='image name'
    ).get_result()
    
    print(json.dumps(scanreport_summary, indent=2))
  • ImageStatusQueryPathOptions imageStatusQueryPathOptions = new ImageStatusQueryPathOptions.Builder()
      .name("image name")
      .build();
    
    Response<ScanreportSummary> response = service.imageStatusQueryPath(imageStatusQueryPathOptions).execute();
    ScanreportSummary scanreportSummary = response.getResult();
    
    System.out.println(scanreportSummary);
  • curl -X 'GET'   'https://us.icr.io/va/api/v3/report/image/status/us.icr.io%2Fbirds%2Fwoodpecker%3Agreen'   -H 'Authorization: Bearer <bearer_token>'   -H 'accept: application/json'   -H 'Account: <account_ID>'

Response

Status Code

  • OK

  • A required header is missing. Add the header to the request and try again.

  • You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.

  • You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.

  • Your image hasn't been scanned yet. Try again later. If this issue persists, contact support for help; see https://cloud.ibm.com/docs/get-support?topic=get-support-using-avatar

  • An internal server error occurred

  • This service is unavailable at the moment. Try again later.

  • Unable to authenticate with IBM Cloud. Try again later.

Example responses
  • {
      "name": "us.icr.io/birds/woodpecker:green",
      "created_time": 1515532258,
      "status": "FAIL",
      "scan_time": 1594031816,
      "issue_count": 2,
      "exempt_issue_count": 1,
      "vulnerability_count": 2,
      "exempt_vulnerability_count": 1,
      "configuration_issue_count": 0,
      "exempt_configuration_issue_count": 0
    }
  • {
      "name": "us.icr.io/birds/woodpecker:green",
      "created_time": 1515532258,
      "status": "FAIL",
      "scan_time": 1594031816,
      "issue_count": 2,
      "exempt_issue_count": 1,
      "vulnerability_count": 2,
      "exempt_vulnerability_count": 1,
      "configuration_issue_count": 0,
      "exempt_configuration_issue_count": 0
    }

List account level exemptions

List the exemptions that are specified with account level scope.

List the exemptions that are specified with account level scope.

List the exemptions that are specified with account level scope.

List the exemptions that are specified with account level scope.

List the exemptions that are specified with account level scope.

GET /va/api/v3/exempt/image
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) ListExemptionAccount(listExemptionAccountOptions *ListExemptionAccountOptions) (result []Exemption, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) ListExemptionAccountWithContext(ctx context.Context, listExemptionAccountOptions *ListExemptionAccountOptions) (result []Exemption, response *core.DetailedResponse, err error)
listExemptionAccount(params)
list_exemption_account(self,
        **kwargs
    ) -> DetailedResponse
ServiceCall<List<Exemption>> listExemptionAccount(ListExemptionAccountOptions listExemptionAccountOptions)

Request

Instantiate the ListExemptionAccountOptions struct and set the fields to provide parameter values for the ListExemptionAccount method.

Use the ListExemptionAccountOptions.Builder to create a ListExemptionAccountOptions object that contains the parameter values for the listExemptionAccount method.

Custom Headers

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

WithContext method only

parameters

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

parameters

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

  • listExemptionAccountOptions := vulnerabilityAdvisorService.NewListExemptionAccountOptions()
    
    exemption, response, err := vulnerabilityAdvisorService.ListExemptionAccount(listExemptionAccountOptions)
    if err != nil {
      panic(err)
    }
    b, _ := json.MarshalIndent(exemption, "", "  ")
    fmt.Println(string(b))
  • vulnerabilityAdvisorService.listExemptionAccount({})
      .then(res => {
        console.log(JSON.stringify(res.result, null, 2));
      })
      .catch(err => {
        console.warn(err)
      });
  • list_exemption = vulnerability_advisor_service.list_exemption_account().get_result()
    
    print(json.dumps(list_exemption, indent=2))
  • ListExemptionAccountOptions listExemptionAccountOptions = new ListExemptionAccountOptions();
    
    Response<List<Exemption>> response = service.listExemptionAccount(listExemptionAccountOptions).execute();
    List<Exemption> listExemption = response.getResult();
    
    System.out.println(listExemption);
  • curl -X 'GET'   'https://us.icr.io/va/api/v3/exempt/image'   -H 'Authorization: Bearer <bearer_token>'   -H 'accept: application/json'   -H 'Account: <account_ID>'

Response

Response type: []Exemption

Response type: Exemption[]

Response type: List[Exemption]

Response type: List<Exemption>

Status Code

  • OK

  • A required header is missing. Add the header to the request and try again.

  • You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.

  • You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.

  • An internal server error occurred

  • This service is unavailable at the moment. Try again later.

  • Unable to authenticate with IBM Cloud. Try again later.

Example responses
  • [
      {
        "issue_type": "cve",
        "issue_id": "CVE-2019-99999",
        "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff",
        "scope": {
          "scope_type": "image",
          "namespace": "",
          "repository": "",
          "tag": ""
        }
      }
    ]
  • [
      {
        "issue_type": "cve",
        "issue_id": "CVE-2019-99999",
        "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff",
        "scope": {
          "scope_type": "image",
          "namespace": "",
          "repository": "",
          "tag": ""
        }
      }
    ]

Get an account level exemption

Get details of an exemption that is specified with account level scope.

Get details of an exemption that is specified with account level scope.

Get details of an exemption that is specified with account level scope.

Get details of an exemption that is specified with account level scope.

Get details of an exemption that is specified with account level scope.

GET /va/api/v3/exempt/image/issue/{issueType}/{issueID}
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) GetExemptionAccount(getExemptionAccountOptions *GetExemptionAccountOptions) (result *Exemption, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) GetExemptionAccountWithContext(ctx context.Context, getExemptionAccountOptions *GetExemptionAccountOptions) (result *Exemption, response *core.DetailedResponse, err error)
getExemptionAccount(params)
get_exemption_account(self,
        issue_type: str,
        issue_id: str,
        **kwargs
    ) -> DetailedResponse
ServiceCall<Exemption> getExemptionAccount(GetExemptionAccountOptions getExemptionAccountOptions)

Request

Instantiate the GetExemptionAccountOptions struct and set the fields to provide parameter values for the GetExemptionAccount method.

Use the GetExemptionAccountOptions.Builder to create a GetExemptionAccountOptions object that contains the parameter values for the getExemptionAccount method.

Custom Headers

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

Path Parameters

  • Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v3/exempt/types for more details.

  • Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v3/exempt/types for more details.

    Possible values: Value must match regular expression .*

WithContext method only

The GetExemptionAccount options.

parameters

  • Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v3/exempt/types for more details.

  • Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v3/exempt/types for more details.

    Possible values: Value must match regular expression /.*/

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

parameters

  • Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v3/exempt/types for more details.

  • Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v3/exempt/types for more details.

    Possible values: Value must match regular expression /.*/

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

The getExemptionAccount options.

  • getExemptionAccountOptions := vulnerabilityAdvisorService.NewGetExemptionAccountOptions(
      "cve",
      "CVE-2020-0001",
    )
    
    exemption, response, err := vulnerabilityAdvisorService.GetExemptionAccount(getExemptionAccountOptions)
    if err != nil {
      panic(err)
    }
    b, _ := json.MarshalIndent(exemption, "", "  ")
    fmt.Println(string(b))
  • const params = {
      issueType: 'cve',
      issueId: 'CVE-2020-0001',
    };
    
    vulnerabilityAdvisorService.getExemptionAccount(params)
      .then(res => {
        console.log(JSON.stringify(res.result, null, 2));
      })
      .catch(err => {
        console.warn(err)
      });
  • exemption = vulnerability_advisor_service.get_exemption_account(
      issue_type='cve',
      issue_id='CVE-2020-0001'
    ).get_result()
    
    print(json.dumps(exemption, indent=2))
  • GetExemptionAccountOptions getExemptionAccountOptions = new GetExemptionAccountOptions.Builder()
      .issueType("cve")
      .issueId("CVE-2020-0001")
      .build();
    
    Response<Exemption> response = service.getExemptionAccount(getExemptionAccountOptions).execute();
    Exemption exemption = response.getResult();
    
    System.out.println(exemption);
  • curl -X 'GET'   'https://us.icr.io/va/api/v3/exempt/image/issue/cve/CVE-2019-99999'   -H 'Authorization: Bearer <bearer_token>'   -H 'accept: application/json'   -H 'Account: <account_ID>'

Response

Status Code

  • OK

  • A required header is missing. Add the header to the request and try again.

  • You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.

  • You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.

  • An internal server error occurred

  • This service is unavailable at the moment. Try again later.

  • Unable to authenticate with IBM Cloud. Try again later.

Example responses
  • {
      "issue_type": "cve",
      "issue_id": "CVE-2019-99999",
      "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff",
      "scope": {
        "scope_type": "image",
        "namespace": "",
        "repository": "",
        "tag": ""
      }
    }
  • {
      "issue_type": "cve",
      "issue_id": "CVE-2019-99999",
      "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff",
      "scope": {
        "scope_type": "image",
        "namespace": "",
        "repository": "",
        "tag": ""
      }
    }

Create or update an account level exemption

Create or update an exemption that is specified with account level scope.

Create or update an exemption that is specified with account level scope.

Create or update an exemption that is specified with account level scope.

Create or update an exemption that is specified with account level scope.

Create or update an exemption that is specified with account level scope.

POST /va/api/v3/exempt/image/issue/{issueType}/{issueID}
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) CreateExemptionAccount(createExemptionAccountOptions *CreateExemptionAccountOptions) (result *Exemption, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) CreateExemptionAccountWithContext(ctx context.Context, createExemptionAccountOptions *CreateExemptionAccountOptions) (result *Exemption, response *core.DetailedResponse, err error)
createExemptionAccount(params)
create_exemption_account(self,
        issue_type: str,
        issue_id: str,
        **kwargs
    ) -> DetailedResponse
ServiceCall<Exemption> createExemptionAccount(CreateExemptionAccountOptions createExemptionAccountOptions)

Request

Instantiate the CreateExemptionAccountOptions struct and set the fields to provide parameter values for the CreateExemptionAccount method.

Use the CreateExemptionAccountOptions.Builder to create a CreateExemptionAccountOptions object that contains the parameter values for the createExemptionAccount method.

Custom Headers

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

Path Parameters

  • Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v3/exempt/types for more details.

  • Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v3/exempt/types for more details.

    Possible values: Value must match regular expression .*

WithContext method only

The CreateExemptionAccount options.

parameters

  • Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v3/exempt/types for more details.

  • Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v3/exempt/types for more details.

    Possible values: Value must match regular expression /.*/

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

parameters

  • Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v3/exempt/types for more details.

  • Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v3/exempt/types for more details.

    Possible values: Value must match regular expression /.*/

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

The createExemptionAccount options.

  • createExemptionAccountOptions := vulnerabilityAdvisorService.NewCreateExemptionAccountOptions(
      "cve",
      "CVE-2020-0001",
    )
    
    exemption, response, err := vulnerabilityAdvisorService.CreateExemptionAccount(createExemptionAccountOptions)
    if err != nil {
      panic(err)
    }
    b, _ := json.MarshalIndent(exemption, "", "  ")
    fmt.Println(string(b))
  • const params = {
      issueType: 'cve',
      issueId: 'CVE-2020-0001',
    };
    
    vulnerabilityAdvisorService.createExemptionAccount(params)
      .then(res => {
        console.log(JSON.stringify(res.result, null, 2));
      })
      .catch(err => {
        console.warn(err)
      });
  • exemption = vulnerability_advisor_service.create_exemption_account(
      issue_type='cve',
      issue_id='CVE-2020-0001'
    ).get_result()
    
    print(json.dumps(exemption, indent=2))
  • CreateExemptionAccountOptions createExemptionAccountOptions = new CreateExemptionAccountOptions.Builder()
      .issueType("cve")
      .issueId("CVE-2020-0001")
      .build();
    
    Response<Exemption> response = service.createExemptionAccount(createExemptionAccountOptions).execute();
    Exemption exemption = response.getResult();
    
    System.out.println(exemption);
  • curl -X 'POST'   'https://us.icr.io/va/api/v3/exempt/image/issue/cve/CVE-2019-99999'   -H 'Authorization: Bearer <bearer_token>'   -H 'accept: application/json'   -H 'Account: <account_ID>'

Response

Status Code

  • Created

  • A required header is missing. Add the header to the request and try again.

  • You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.

  • You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.

  • An internal server error occurred

  • This service is unavailable at the moment. Try again later.

  • Unable to authenticate with IBM Cloud. Try again later.

Example responses
  • {
      "issue_type": "cve",
      "issue_id": "CVE-2019-99999",
      "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff",
      "scope": {
        "scope_type": "image",
        "namespace": "",
        "repository": "",
        "tag": ""
      }
    }
  • {
      "issue_type": "cve",
      "issue_id": "CVE-2019-99999",
      "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff",
      "scope": {
        "scope_type": "image",
        "namespace": "",
        "repository": "",
        "tag": ""
      }
    }

Delete an account level exemption

Delete an exemption that is specified with account level scope.

Delete an exemption that is specified with account level scope.

Delete an exemption that is specified with account level scope.

Delete an exemption that is specified with account level scope.

Delete an exemption that is specified with account level scope.

DELETE /va/api/v3/exempt/image/issue/{issueType}/{issueID}
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) DeleteExemptionAccount(deleteExemptionAccountOptions *DeleteExemptionAccountOptions) (response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) DeleteExemptionAccountWithContext(ctx context.Context, deleteExemptionAccountOptions *DeleteExemptionAccountOptions) (response *core.DetailedResponse, err error)
deleteExemptionAccount(params)
delete_exemption_account(self,
        issue_type: str,
        issue_id: str,
        **kwargs
    ) -> DetailedResponse
ServiceCall<Void> deleteExemptionAccount(DeleteExemptionAccountOptions deleteExemptionAccountOptions)

Request

Instantiate the DeleteExemptionAccountOptions struct and set the fields to provide parameter values for the DeleteExemptionAccount method.

Use the DeleteExemptionAccountOptions.Builder to create a DeleteExemptionAccountOptions object that contains the parameter values for the deleteExemptionAccount method.

Custom Headers

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

Path Parameters

  • Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v3/exempt/types for more details.

  • Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v3/exempt/types for more details.

    Possible values: Value must match regular expression .*

WithContext method only

The DeleteExemptionAccount options.

parameters

  • Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v3/exempt/types for more details.

  • Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v3/exempt/types for more details.

    Possible values: Value must match regular expression /.*/

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

parameters

  • Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v3/exempt/types for more details.

  • Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v3/exempt/types for more details.

    Possible values: Value must match regular expression /.*/

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

The deleteExemptionAccount options.

  • deleteExemptionAccountOptions := vulnerabilityAdvisorService.NewDeleteExemptionAccountOptions(
      "cve",
      "CVE-2020-0001",
    )
    
    response, err := vulnerabilityAdvisorService.DeleteExemptionAccount(deleteExemptionAccountOptions)
    if err != nil {
      panic(err)
    }
  • const params = {
      issueType: 'cve',
      issueId: 'CVE-2020-0001',
    };
    
    vulnerabilityAdvisorService.deleteExemptionAccount(params)
      .then(res => {
        console.log(JSON.stringify(res.result, null, 2));
      })
      .catch(err => {
        console.warn(err)
      });
  • response = vulnerability_advisor_service.delete_exemption_account(
      issue_type='cve',
      issue_id='CVE-2020-0001'
    ).get_result()
    
    print(json.dumps(response, indent=2))
  • DeleteExemptionAccountOptions deleteExemptionAccountOptions = new DeleteExemptionAccountOptions.Builder()
      .issueType("cve")
      .issueId("CVE-2020-0001")
      .build();
    
    service.deleteExemptionAccount(deleteExemptionAccountOptions).execute();
  • curl -X 'DELETE'   'https://us.icr.io/va/api/v3/exempt/image/issue/cve/CVE-2019-99999'   -H 'Authorization: Bearer <bearer_token>'   -H 'Account: <account_ID>'

Response

Status Code

  • OK

  • A required header is missing. Add the header to the request and try again.

  • You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.

  • You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.

  • Exemption not found.

  • An internal server error occurred

  • This service is unavailable at the moment. Try again later.

  • Unable to authenticate with IBM Cloud. Try again later.

No Sample Response

This method does not specify any sample responses.

List resource exemptions

List the exemptions that are specified for a resource (account, registry namespace, repository, or image).

List the exemptions that are specified for a resource (account, registry namespace, repository, or image).

List the exemptions that are specified for a resource (account, registry namespace, repository, or image).

List the exemptions that are specified for a resource (account, registry namespace, repository, or image).

List the exemptions that are specified for a resource (account, registry namespace, repository, or image).

GET /va/api/v3/exempt/image/{resource}
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) ListExemptionResource(listExemptionResourceOptions *ListExemptionResourceOptions) (result []Exemption, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) ListExemptionResourceWithContext(ctx context.Context, listExemptionResourceOptions *ListExemptionResourceOptions) (result []Exemption, response *core.DetailedResponse, err error)
listExemptionResource(params)
list_exemption_resource(self,
        resource: str,
        **kwargs
    ) -> DetailedResponse
ServiceCall<List<Exemption>> listExemptionResource(ListExemptionResourceOptions listExemptionResourceOptions)

Request

Instantiate the ListExemptionResourceOptions struct and set the fields to provide parameter values for the ListExemptionResource method.

Use the ListExemptionResourceOptions.Builder to create a ListExemptionResourceOptions object that contains the parameter values for the listExemptionResource method.

Custom Headers

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

Path Parameters

  • IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash)

    Possible values: Value must match regular expression .*

WithContext method only

The ListExemptionResource options.

parameters

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).

    Possible values: Value must match regular expression /.*/

  • The preferred language code for this request.

parameters

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).

    Possible values: Value must match regular expression /.*/

  • The preferred language code for this request.

The listExemptionResource options.

  • listExemptionResourceOptions := vulnerabilityAdvisorService.NewListExemptionResourceOptions(
      "image name",
    )
    
    exemption, response, err := vulnerabilityAdvisorService.ListExemptionResource(listExemptionResourceOptions)
    if err != nil {
      panic(err)
    }
    b, _ := json.MarshalIndent(exemption, "", "  ")
    fmt.Println(string(b))
  • const params = {
      resource: 'image name',
    };
    
    vulnerabilityAdvisorService.listExemptionResource(params)
      .then(res => {
        console.log(JSON.stringify(res.result, null, 2));
      })
      .catch(err => {
        console.warn(err)
      });
  • list_exemption = vulnerability_advisor_service.list_exemption_resource(
      resource='image name'
    ).get_result()
    
    print(json.dumps(list_exemption, indent=2))
  • ListExemptionResourceOptions listExemptionResourceOptions = new ListExemptionResourceOptions.Builder()
      .resource("image name")
      .build();
    
    Response<List<Exemption>> response = service.listExemptionResource(listExemptionResourceOptions).execute();
    List<Exemption> listExemption = response.getResult();
    
    System.out.println(listExemption);
  • curl -X 'GET'   'https://us.icr.io/va/api/v3/exempt/image/birds'   -H 'Authorization: Bearer <bearer_token>'   -H 'accept: application/json'   -H 'Account: <account_ID>'

Response

Response type: []Exemption

Response type: Exemption[]

Response type: List[Exemption]

Response type: List<Exemption>

Status Code

  • OK

  • A required header is missing. Add the header to the request and try again.

  • You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.

  • You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.

  • An internal server error occurred

  • This service is unavailable at the moment. Try again later.

  • Unable to authenticate with IBM Cloud. Try again later.

Example responses
  • [
      {
        "issue_type": "cve",
        "issue_id": "CVE-2019-99999",
        "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff",
        "scope": {
          "scope_type": "image",
          "namespace": "birds",
          "repository": "",
          "tag": ""
        }
      }
    ]
  • [
      {
        "issue_type": "cve",
        "issue_id": "CVE-2019-99999",
        "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff",
        "scope": {
          "scope_type": "image",
          "namespace": "birds",
          "repository": "",
          "tag": ""
        }
      }
    ]

Get details of a resource exemption

Get an exemption that is specified for a resource (account, registry namespace, repository, or image).

Get an exemption that is specified for a resource (account, registry namespace, repository, or image).

Get an exemption that is specified for a resource (account, registry namespace, repository, or image).

Get an exemption that is specified for a resource (account, registry namespace, repository, or image).

Get an exemption that is specified for a resource (account, registry namespace, repository, or image).

GET /va/api/v3/exempt/image/{resource}/issue/{issueType}/{issueID}
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) GetExemptionResource(getExemptionResourceOptions *GetExemptionResourceOptions) (result *Exemption, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) GetExemptionResourceWithContext(ctx context.Context, getExemptionResourceOptions *GetExemptionResourceOptions) (result *Exemption, response *core.DetailedResponse, err error)
getExemptionResource(params)
get_exemption_resource(self,
        resource: str,
        issue_type: str,
        issue_id: str,
        **kwargs
    ) -> DetailedResponse
ServiceCall<Exemption> getExemptionResource(GetExemptionResourceOptions getExemptionResourceOptions)

Request

Instantiate the GetExemptionResourceOptions struct and set the fields to provide parameter values for the GetExemptionResource method.

Use the GetExemptionResourceOptions.Builder to create a GetExemptionResourceOptions object that contains the parameter values for the getExemptionResource method.

Custom Headers

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

Path Parameters

  • IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash)

    Possible values: Value must match regular expression .*

  • Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v3/exempt/types for more details.

  • Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v3/exempt/types for more details.

    Possible values: Value must match regular expression .*

WithContext method only

The GetExemptionResource options.

parameters

  • IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).

    Possible values: Value must match regular expression /.*/

  • Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v3/exempt/types for more details.

  • Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v3/exempt/types for more details.

    Possible values: Value must match regular expression /.*/

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

parameters

  • IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).

    Possible values: Value must match regular expression /.*/

  • Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v3/exempt/types for more details.

  • Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v3/exempt/types for more details.

    Possible values: Value must match regular expression /.*/

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

The getExemptionResource options.

  • getExemptionResourceOptions := vulnerabilityAdvisorService.NewGetExemptionResourceOptions(
      "cve",
      "CVE-2020-0001",
      "image name",
    )
    
    exemption, response, err := vulnerabilityAdvisorService.GetExemptionResource(getExemptionResourceOptions)
    if err != nil {
      panic(err)
    }
    b, _ := json.MarshalIndent(exemption, "", "  ")
    fmt.Println(string(b))
  • const params = {
      resource: 'image name',
      issueType: 'cve',
      issueId: 'CVE-2020-0001',
    };
    
    vulnerabilityAdvisorService.getExemptionResource(params)
      .then(res => {
        console.log(JSON.stringify(res.result, null, 2));
      })
      .catch(err => {
        console.warn(err)
      });
  • exemption = vulnerability_advisor_service.get_exemption_resource(
      resource='image name',
      issue_type='cve',
      issue_id='CVE-2020-0001'
    ).get_result()
    
    print(json.dumps(exemption, indent=2))
  • GetExemptionResourceOptions getExemptionResourceOptions = new GetExemptionResourceOptions.Builder()
      .resource("image name")
      .issueType("cve")
      .issueId("CVE-2020-0001")
      .build();
    
    Response<Exemption> response = service.getExemptionResource(getExemptionResourceOptions).execute();
    Exemption exemption = response.getResult();
    
    System.out.println(exemption);
  • curl -X 'GET'   'https://us.icr.io/va/api/v3/exempt/image/birds/issue/cve/CVE-2019-99999'   -H 'Authorization: Bearer <bearer_token>'   -H 'accept: application/json'   -H 'Account: <account_ID>'

Response

Status Code

  • OK

  • A required header is missing. Add the header to the request and try again.

  • You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.

  • You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.

  • An internal server error occurred

  • This service is unavailable at the moment. Try again later.

  • Unable to authenticate with IBM Cloud. Try again later.

Example responses
  • {
      "issue_type": "cve",
      "issue_id": "CVE-2019-99999",
      "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff",
      "scope": {
        "scope_type": "image",
        "namespace": "birds",
        "repository": "",
        "tag": ""
      }
    }
  • {
      "issue_type": "cve",
      "issue_id": "CVE-2019-99999",
      "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff",
      "scope": {
        "scope_type": "image",
        "namespace": "birds",
        "repository": "",
        "tag": ""
      }
    }

Create or update a resource exemption

Create or update an exemption that is specified for a resource (account, registry namespace, repository, or image).

Create or update an exemption that is specified for a resource (account, registry namespace, repository, or image).

Create or update an exemption that is specified for a resource (account, registry namespace, repository, or image).

Create or update an exemption that is specified for a resource (account, registry namespace, repository, or image).

Create or update an exemption that is specified for a resource (account, registry namespace, repository, or image).

POST /va/api/v3/exempt/image/{resource}/issue/{issueType}/{issueID}
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) CreateExemptionResource(createExemptionResourceOptions *CreateExemptionResourceOptions) (result *Exemption, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) CreateExemptionResourceWithContext(ctx context.Context, createExemptionResourceOptions *CreateExemptionResourceOptions) (result *Exemption, response *core.DetailedResponse, err error)
createExemptionResource(params)
create_exemption_resource(self,
        resource: str,
        issue_type: str,
        issue_id: str,
        **kwargs
    ) -> DetailedResponse
ServiceCall<Exemption> createExemptionResource(CreateExemptionResourceOptions createExemptionResourceOptions)

Request

Instantiate the CreateExemptionResourceOptions struct and set the fields to provide parameter values for the CreateExemptionResource method.

Use the CreateExemptionResourceOptions.Builder to create a CreateExemptionResourceOptions object that contains the parameter values for the createExemptionResource method.

Custom Headers

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

Path Parameters

  • IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash)

    Possible values: Value must match regular expression .*

  • Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v3/exempt/types for more details.

  • Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v3/exempt/types for more details.

    Possible values: Value must match regular expression .*

WithContext method only

The CreateExemptionResource options.

parameters

  • IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).

    Possible values: Value must match regular expression /.*/

  • Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v3/exempt/types for more details.

  • Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v3/exempt/types for more details.

    Possible values: Value must match regular expression /.*/

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

parameters

  • IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).

    Possible values: Value must match regular expression /.*/

  • Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v3/exempt/types for more details.

  • Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v3/exempt/types for more details.

    Possible values: Value must match regular expression /.*/

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

The createExemptionResource options.

  • createExemptionResourceOptions := vulnerabilityAdvisorService.NewCreateExemptionResourceOptions(
      "cve",
      "CVE-2020-0001",
      "image name",
    )
    
    exemption, response, err := vulnerabilityAdvisorService.CreateExemptionResource(createExemptionResourceOptions)
    if err != nil {
      panic(err)
    }
    b, _ := json.MarshalIndent(exemption, "", "  ")
    fmt.Println(string(b))
  • const params = {
      resource: 'image name',
      issueType: 'cve',
      issueId: 'CVE-2020-0001',
    };
    
    vulnerabilityAdvisorService.createExemptionResource(params)
      .then(res => {
        console.log(JSON.stringify(res.result, null, 2));
      })
      .catch(err => {
        console.warn(err)
      });
  • exemption = vulnerability_advisor_service.create_exemption_resource(
      resource='image name',
      issue_type='cve',
      issue_id='CVE-2020-0001'
    ).get_result()
    
    print(json.dumps(exemption, indent=2))
  • CreateExemptionResourceOptions createExemptionResourceOptions = new CreateExemptionResourceOptions.Builder()
      .resource("image name")
      .issueType("cve")
      .issueId("CVE-2020-0001")
      .build();
    
    Response<Exemption> response = service.createExemptionResource(createExemptionResourceOptions).execute();
    Exemption exemption = response.getResult();
    
    System.out.println(exemption);
  • curl -X 'POST'   'https://us.icr.io/va/api/v3/exempt/image/birds/issue/cve/CVE-2019-99999'   -H 'Authorization: Bearer <bearer_token>'   -H 'accept: application/json'   -H 'Account: <account_ID>'

Response

Status Code

  • Created

  • A required header is missing. Add the header to the request and try again.

  • You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.

  • You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.

  • An internal server error occurred

  • This service is unavailable at the moment. Try again later.

  • Unable to authenticate with IBM Cloud. Try again later.

Example responses
  • {
      "issue_type": "cve",
      "issue_id": "CVE-2019-99999",
      "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff",
      "scope": {
        "scope_type": "image",
        "namespace": "birds",
        "repository": "",
        "tag": ""
      }
    }
  • {
      "issue_type": "cve",
      "issue_id": "CVE-2019-99999",
      "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff",
      "scope": {
        "scope_type": "image",
        "namespace": "birds",
        "repository": "",
        "tag": ""
      }
    }

Delete a resource exemption

Delete an exemption that is specified for a resource (account, registry namespace, repository, or image).

Delete an exemption that is specified for a resource (account, registry namespace, repository, or image).

Delete an exemption that is specified for a resource (account, registry namespace, repository, or image).

Delete an exemption that is specified for a resource (account, registry namespace, repository, or image).

Delete an exemption that is specified for a resource (account, registry namespace, repository, or image).

DELETE /va/api/v3/exempt/image/{resource}/issue/{issueType}/{issueID}
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) DeleteExemptionResource(deleteExemptionResourceOptions *DeleteExemptionResourceOptions) (response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) DeleteExemptionResourceWithContext(ctx context.Context, deleteExemptionResourceOptions *DeleteExemptionResourceOptions) (response *core.DetailedResponse, err error)
deleteExemptionResource(params)
delete_exemption_resource(self,
        resource: str,
        issue_type: str,
        issue_id: str,
        **kwargs
    ) -> DetailedResponse
ServiceCall<Void> deleteExemptionResource(DeleteExemptionResourceOptions deleteExemptionResourceOptions)

Request

Instantiate the DeleteExemptionResourceOptions struct and set the fields to provide parameter values for the DeleteExemptionResource method.

Use the DeleteExemptionResourceOptions.Builder to create a DeleteExemptionResourceOptions object that contains the parameter values for the deleteExemptionResource method.

Custom Headers

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

Path Parameters

  • IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash)

    Possible values: Value must match regular expression .*

  • Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v3/exempt/types for more details.

  • Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v3/exempt/types for more details.

    Possible values: Value must match regular expression .*

WithContext method only

The DeleteExemptionResource options.

parameters

  • IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).

    Possible values: Value must match regular expression /.*/

  • Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v3/exempt/types for more details.

  • Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v3/exempt/types for more details.

    Possible values: Value must match regular expression /.*/

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

parameters

  • IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).

    Possible values: Value must match regular expression /.*/

  • Exemption type, e.g. 'cve' or 'sn' or 'configuration'. See /va/api/v3/exempt/types for more details.

  • Exemption ID, e.g. 'CVE-2018-9999'. See /va/api/v3/exempt/types for more details.

    Possible values: Value must match regular expression /.*/

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

The deleteExemptionResource options.

  • deleteExemptionResourceOptions := vulnerabilityAdvisorService.NewDeleteExemptionResourceOptions(
      "cve",
      "CVE-2020-0001",
      "image name",
    )
    
    response, err := vulnerabilityAdvisorService.DeleteExemptionResource(deleteExemptionResourceOptions)
    if err != nil {
      panic(err)
    }
  • const params = {
      resource: 'image name',
      issueType: 'cve',
      issueId: 'CVE-2020-0001',
    };
    
    vulnerabilityAdvisorService.deleteExemptionResource(params)
      .then(res => {
        console.log(JSON.stringify(res.result, null, 2));
      })
      .catch(err => {
        console.warn(err)
      });
  • response = vulnerability_advisor_service.delete_exemption_resource(
      resource='image name',
      issue_type='cve',
      issue_id='CVE-2020-0001'
    ).get_result()
    
    print(json.dumps(response, indent=2))
  • DeleteExemptionResourceOptions deleteExemptionResourceOptions = new DeleteExemptionResourceOptions.Builder()
      .resource("image name")
      .issueType("cve")
      .issueId("CVE-2020-0001")
      .build();
    
    service.deleteExemptionResource(deleteExemptionResourceOptions).execute();
  • curl -X 'DELETE'   'https://us.icr.io/va/api/v3/exempt/image/birds/issue/cve/CVE-2019-99999'   -H 'Authorization: Bearer <bearer_token>'   -H 'Account: <account_ID>'

Response

Status Code

  • OK

  • A required header is missing. Add the header to the request and try again.

  • You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.

  • You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.

  • Exemption not found.

  • An internal server error occurred

  • This service is unavailable at the moment. Try again later.

  • Unable to authenticate with IBM Cloud. Try again later.

No Sample Response

This method does not specify any sample responses.

List the types of exemption

List the types of exemption.

List the types of exemption.

List the types of exemption.

List the types of exemption.

List the types of exemption.

GET /va/api/v3/exempt/types
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) ExemptHandler(exemptHandlerOptions *ExemptHandlerOptions) (result []ExemptionTypeInfo, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) ExemptHandlerWithContext(ctx context.Context, exemptHandlerOptions *ExemptHandlerOptions) (result []ExemptionTypeInfo, response *core.DetailedResponse, err error)
exemptHandler(params)
exempt_handler(self,
        **kwargs
    ) -> DetailedResponse
ServiceCall<List<ExemptionTypeInfo>> exemptHandler(ExemptHandlerOptions exemptHandlerOptions)

Request

Instantiate the ExemptHandlerOptions struct and set the fields to provide parameter values for the ExemptHandler method.

Use the ExemptHandlerOptions.Builder to create a ExemptHandlerOptions object that contains the parameter values for the exemptHandler method.

Custom Headers

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

WithContext method only

parameters

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

parameters

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

  • exemptHandlerOptions := vulnerabilityAdvisorService.NewExemptHandlerOptions()
    
    exemptionTypeInfo, response, err := vulnerabilityAdvisorService.ExemptHandler(exemptHandlerOptions)
    if err != nil {
      panic(err)
    }
    b, _ := json.MarshalIndent(exemptionTypeInfo, "", "  ")
    fmt.Println(string(b))
  • vulnerabilityAdvisorService.exemptHandler({})
      .then(res => {
        console.log(JSON.stringify(res.result, null, 2));
      })
      .catch(err => {
        console.warn(err)
      });
  • list_exemption_type_info = vulnerability_advisor_service.exempt_handler().get_result()
    
    print(json.dumps(list_exemption_type_info, indent=2))
  • ExemptHandlerOptions exemptHandlerOptions = new ExemptHandlerOptions();
    
    Response<List<ExemptionTypeInfo>> response = service.exemptHandler(exemptHandlerOptions).execute();
    List<ExemptionTypeInfo> listExemptionTypeInfo = response.getResult();
    
    System.out.println(listExemptionTypeInfo);
  • curl -X 'GET'   'https://us.icr.io/va/api/v3/exempt/types'   -H 'Authorization: Bearer <bearer_token>'   -H 'accept: application/json'   -H 'Account: <account_ID>'

Response

Response type: []ExemptionTypeInfo

Response type: ExemptionTypeInfo[]

Response type: List[ExemptionTypeInfo]

Response type: List<ExemptionTypeInfo>

Status Code

  • OK

  • A required header is missing. Add the header to the request and try again.

  • You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.

  • You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.

  • An internal server error occurred

  • This service is unavailable at the moment. Try again later.

  • Unable to authenticate with IBM Cloud. Try again later.

Example responses
  • [
      {
        "identifier": "cve",
        "display_name": "CVE",
        "validation_regex": "^(?:CVE-(?:\\d){4}-(?:\\d){4,})$"
      },
      {
        "identifier": "sn",
        "display_name": "Security Notice",
        "validation_regex": "^(?:(?:RHSA-(?:\\d){4}:(?:\\d){4})|(?:DSA-(?:\\d){3,}-(?:\\d){1,})|(?:usn-(?:\\d){1,}-(?:\\d){1,})|(?:ALPINE-(?:CVE-(?:\\d){4}-(?:\\d){4,})))$"
      },
      {
        "identifier": "configuration",
        "display_name": "Configuration Issue",
        "validation_regex": "^(?:(?:system_configuration:Linux\\.(?:\\d){1,2}-\\d-[a-z])|(?:application_configuration:(?:(?:[a-zA-Z/](?:(?:(?:[a-zA-Z0-9-_/])+)?[a-zA-Z0-9])?)(?:\\.(?:[a-zA-Z/](?:(?:(?:[a-zA-Z0-9-_/])+)?[a-zA-Z0-9])?))+)))$"
      }
    ]
  • [
      {
        "identifier": "cve",
        "display_name": "CVE",
        "validation_regex": "^(?:CVE-(?:\\d){4}-(?:\\d){4,})$"
      },
      {
        "identifier": "sn",
        "display_name": "Security Notice",
        "validation_regex": "^(?:(?:RHSA-(?:\\d){4}:(?:\\d){4})|(?:DSA-(?:\\d){3,}-(?:\\d){1,})|(?:usn-(?:\\d){1,}-(?:\\d){1,})|(?:ALPINE-(?:CVE-(?:\\d){4}-(?:\\d){4,})))$"
      },
      {
        "identifier": "configuration",
        "display_name": "Configuration Issue",
        "validation_regex": "^(?:(?:system_configuration:Linux\\.(?:\\d){1,2}-\\d-[a-z])|(?:application_configuration:(?:(?:[a-zA-Z/](?:(?:(?:[a-zA-Z0-9-_/])+)?[a-zA-Z0-9])?)(?:\\.(?:[a-zA-Z/](?:(?:(?:[a-zA-Z0-9-_/])+)?[a-zA-Z0-9])?))+)))$"
      }
    ]

List all exemptions

List all of the exemptions in the given account.

List all of the exemptions in the given account.

List all of the exemptions in the given account.

List all of the exemptions in the given account.

List all of the exemptions in the given account.

GET /va/api/v3/exemptions/account
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) ListAccountExemptions(listAccountExemptionsOptions *ListAccountExemptionsOptions) (result []Exemption, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) ListAccountExemptionsWithContext(ctx context.Context, listAccountExemptionsOptions *ListAccountExemptionsOptions) (result []Exemption, response *core.DetailedResponse, err error)
listAccountExemptions(params)
list_account_exemptions(self,
        **kwargs
    ) -> DetailedResponse
ServiceCall<List<Exemption>> listAccountExemptions(ListAccountExemptionsOptions listAccountExemptionsOptions)

Request

Instantiate the ListAccountExemptionsOptions struct and set the fields to provide parameter values for the ListAccountExemptions method.

Use the ListAccountExemptionsOptions.Builder to create a ListAccountExemptionsOptions object that contains the parameter values for the listAccountExemptions method.

Custom Headers

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

WithContext method only

parameters

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

parameters

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

  • listAccountExemptionsOptions := vulnerabilityAdvisorService.NewListAccountExemptionsOptions()
    
    exemption, response, err := vulnerabilityAdvisorService.ListAccountExemptions(listAccountExemptionsOptions)
    if err != nil {
      panic(err)
    }
    b, _ := json.MarshalIndent(exemption, "", "  ")
    fmt.Println(string(b))
  • vulnerabilityAdvisorService.listAccountExemptions({})
      .then(res => {
        console.log(JSON.stringify(res.result, null, 2));
      })
      .catch(err => {
        console.warn(err)
      });
  • list_exemption = vulnerability_advisor_service.list_account_exemptions().get_result()
    
    print(json.dumps(list_exemption, indent=2))
  • ListAccountExemptionsOptions listAccountExemptionsOptions = new ListAccountExemptionsOptions();
    
    Response<List<Exemption>> response = service.listAccountExemptions(listAccountExemptionsOptions).execute();
    List<Exemption> listExemption = response.getResult();
    
    System.out.println(listExemption);
  • curl -X 'GET'   'https://us.icr.io/va/api/v3/exemptions/account'   -H 'Authorization: Bearer <bearer_token>'   -H 'accept: application/json'   -H 'Account: <account_ID>'

Response

Response type: []Exemption

Response type: Exemption[]

Response type: List[Exemption]

Response type: List<Exemption>

Status Code

  • OK

  • A required header is missing. Add the header to the request and try again.

  • You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.

  • You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.

  • An internal server error occurred

  • This service is unavailable at the moment. Try again later.

  • Unable to authenticate with IBM Cloud. Try again later.

Example responses
  • [
      {
        "issue_type": "cve",
        "issue_id": "CVE-2019-99999",
        "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff",
        "scope": {
          "scope_type": "image",
          "namespace": "",
          "repository": "",
          "tag": ""
        }
      },
      {
        "issue_type": "cve",
        "issue_id": "CVE-2019-11111",
        "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff",
        "scope": {
          "scope_type": "image",
          "namespace": "birds",
          "repository": "",
          "tag": ""
        }
      }
    ]
  • [
      {
        "issue_type": "cve",
        "issue_id": "CVE-2019-99999",
        "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff",
        "scope": {
          "scope_type": "image",
          "namespace": "",
          "repository": "",
          "tag": ""
        }
      },
      {
        "issue_type": "cve",
        "issue_id": "CVE-2019-11111",
        "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff",
        "scope": {
          "scope_type": "image",
          "namespace": "birds",
          "repository": "",
          "tag": ""
        }
      }
    ]

Delete all exemptions

Delete all of the exemptions in the given account.

Delete all of the exemptions in the given account.

Delete all of the exemptions in the given account.

Delete all of the exemptions in the given account.

Delete all of the exemptions in the given account.

POST /va/api/v3/exemptions/deleteAll
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) ExemptionsAccountDeleteHandler(exemptionsAccountDeleteHandlerOptions *ExemptionsAccountDeleteHandlerOptions) (result *ExemptionDeletionInfo, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) ExemptionsAccountDeleteHandlerWithContext(ctx context.Context, exemptionsAccountDeleteHandlerOptions *ExemptionsAccountDeleteHandlerOptions) (result *ExemptionDeletionInfo, response *core.DetailedResponse, err error)
exemptionsAccountDeleteHandler(params)
exemptions_account_delete_handler(self,
        **kwargs
    ) -> DetailedResponse
ServiceCall<ExemptionDeletionInfo> exemptionsAccountDeleteHandler(ExemptionsAccountDeleteHandlerOptions exemptionsAccountDeleteHandlerOptions)

Request

Instantiate the ExemptionsAccountDeleteHandlerOptions struct and set the fields to provide parameter values for the ExemptionsAccountDeleteHandler method.

Use the ExemptionsAccountDeleteHandlerOptions.Builder to create a ExemptionsAccountDeleteHandlerOptions object that contains the parameter values for the exemptionsAccountDeleteHandler method.

Custom Headers

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

WithContext method only

parameters

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

parameters

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

  • exemptionsAccountDeleteHandlerOptions := vulnerabilityAdvisorService.NewExemptionsAccountDeleteHandlerOptions()
    
    exemptionDeletionInfo, response, err := vulnerabilityAdvisorService.ExemptionsAccountDeleteHandler(exemptionsAccountDeleteHandlerOptions)
    if err != nil {
      panic(err)
    }
    b, _ := json.MarshalIndent(exemptionDeletionInfo, "", "  ")
    fmt.Println(string(b))
  • vulnerabilityAdvisorService.exemptionsAccountDeleteHandler({})
      .then(res => {
        console.log(JSON.stringify(res.result, null, 2));
      })
      .catch(err => {
        console.warn(err)
      });
  • exemption_deletion_info = vulnerability_advisor_service.exemptions_account_delete_handler().get_result()
    
    print(json.dumps(exemption_deletion_info, indent=2))
  • ExemptionsAccountDeleteHandlerOptions exemptionsAccountDeleteHandlerOptions = new ExemptionsAccountDeleteHandlerOptions();
    
    Response<ExemptionDeletionInfo> response = service.exemptionsAccountDeleteHandler(exemptionsAccountDeleteHandlerOptions).execute();
    ExemptionDeletionInfo exemptionDeletionInfo = response.getResult();
    
    System.out.println(exemptionDeletionInfo);
  • curl -X 'POST'   'https://us.icr.io/va/api/v3/exemptions/deleteAll'   -H 'Authorization: Bearer <bearer_token>'   -H 'accept: application/json'   -H 'Account: <account_ID>'

Response

Status Code

  • OK

  • A required header is missing. Add the header to the request and try again.

  • You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.

  • You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.

  • An internal server error occurred

  • This service is unavailable at the moment. Try again later.

  • Unable to authenticate with IBM Cloud. Try again later.

Example responses
  • {
      "number_of_exemptions_deleted": 2
    }
  • {
      "number_of_exemptions_deleted": 2
    }

List image exemptions

List all of the exemptions for an image.

List all of the exemptions for an image.

List all of the exemptions for an image.

List all of the exemptions for an image.

List all of the exemptions for an image.

GET /va/api/v3/exemptions/image/{resource}
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) ListImageExemptions(listImageExemptionsOptions *ListImageExemptionsOptions) (result []Exemption, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) ListImageExemptionsWithContext(ctx context.Context, listImageExemptionsOptions *ListImageExemptionsOptions) (result []Exemption, response *core.DetailedResponse, err error)
listImageExemptions(params)
list_image_exemptions(self,
        resource: str,
        *,
        include_scope: bool = None,
        **kwargs
    ) -> DetailedResponse
ServiceCall<List<Exemption>> listImageExemptions(ListImageExemptionsOptions listImageExemptionsOptions)

Request

Instantiate the ListImageExemptionsOptions struct and set the fields to provide parameter values for the ListImageExemptions method.

Use the ListImageExemptionsOptions.Builder to create a ListImageExemptionsOptions object that contains the parameter values for the listImageExemptions method.

Custom Headers

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

Path Parameters

  • IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash)

    Possible values: Value must match regular expression .*

Query Parameters

  • Include scope on returned exemptions

    Default: false

WithContext method only

The ListImageExemptions options.

parameters

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).

    Possible values: Value must match regular expression /.*/

  • The preferred language code for this request.

  • Include scope on returned exemptions.

    Default: false

parameters

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • IBM Cloud Registry resource (namespace, namespace/repository, namespace/repository:tag, or namespace/repository@sha256:hash).

    Possible values: Value must match regular expression /.*/

  • The preferred language code for this request.

  • Include scope on returned exemptions.

    Default: false

The listImageExemptions options.

  • listImageExemptionsOptions := vulnerabilityAdvisorService.NewListImageExemptionsOptions(
      "image name",
    )
    
    exemption, response, err := vulnerabilityAdvisorService.ListImageExemptions(listImageExemptionsOptions)
    if err != nil {
      panic(err)
    }
    b, _ := json.MarshalIndent(exemption, "", "  ")
    fmt.Println(string(b))
  • const params = {
      resource: 'image name',
    };
    
    vulnerabilityAdvisorService.listImageExemptions(params)
      .then(res => {
        console.log(JSON.stringify(res.result, null, 2));
      })
      .catch(err => {
        console.warn(err)
      });
  • list_exemption = vulnerability_advisor_service.list_image_exemptions(
      resource='image name'
    ).get_result()
    
    print(json.dumps(list_exemption, indent=2))
  • ListImageExemptionsOptions listImageExemptionsOptions = new ListImageExemptionsOptions.Builder()
      .resource("image name")
      .build();
    
    Response<List<Exemption>> response = service.listImageExemptions(listImageExemptionsOptions).execute();
    List<Exemption> listExemption = response.getResult();
    
    System.out.println(listExemption);
  • curl -X 'GET'   'https://us.icr.io/va/api/v3/exemptions/image/birds?includeScope=false'   -H 'Authorization: Bearer <bearer_token>'   -H 'accept: application/json'   -H 'Account: <account_ID>'

Response

Response type: []Exemption

Response type: Exemption[]

Response type: List[Exemption]

Response type: List<Exemption>

Status Code

  • OK. If the includeScope query parameter is set to true this endpoint will return a list of exemptions that have an additional field 'scope' that describes the level at which the exemption is set (namespace, repository, tag)

  • A required header is missing. Add the header to the request and try again.

  • You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.

  • You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.

  • An internal server error occurred

  • This service is unavailable at the moment. Try again later.

  • Unable to authenticate with IBM Cloud. Try again later.

Example responses
  • [
      {
        "issue_type": "cve",
        "issue_id": "CVE-2019-99999",
        "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff"
      }
    ]
  • [
      {
        "issue_type": "cve",
        "issue_id": "CVE-2019-99999",
        "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff"
      }
    ]

List exemptions for images

List the exemptions for the given list of images.

List the exemptions for the given list of images.

List the exemptions for the given list of images.

List the exemptions for the given list of images.

List the exemptions for the given list of images.

POST /va/api/v3/exemptions/images
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) ListBulkImageExemptions(listBulkImageExemptionsOptions *ListBulkImageExemptionsOptions) (result map[string][]Exemption, response *core.DetailedResponse, err error)
(vulnerabilityAdvisor *VulnerabilityAdvisorV3) ListBulkImageExemptionsWithContext(ctx context.Context, listBulkImageExemptionsOptions *ListBulkImageExemptionsOptions) (result map[string][]Exemption, response *core.DetailedResponse, err error)
listBulkImageExemptions(params)
list_bulk_image_exemptions(self,
        body: List[str],
        **kwargs
    ) -> DetailedResponse
ServiceCall<Map<String, List<Exemption>>> listBulkImageExemptions(ListBulkImageExemptionsOptions listBulkImageExemptionsOptions)

Request

Instantiate the ListBulkImageExemptionsOptions struct and set the fields to provide parameter values for the ListBulkImageExemptions method.

Use the ListBulkImageExemptionsOptions.Builder to create a ListBulkImageExemptionsOptions object that contains the parameter values for the listBulkImageExemptions method.

Custom Headers

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • The preferred language code for this request.

List of images

Examples:
View

WithContext method only

The ListBulkImageExemptions options.

parameters

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • List of images.

    Examples:
    value
    _source
    _lines
    _html
  • The preferred language code for this request.

parameters

  • The unique ID for your IBM Cloud account. Run 'ibmcloud cr info' to get the ID of the target account.

  • List of images.

    Examples:
    value
    _source
    _lines
    _html
  • The preferred language code for this request.

The listBulkImageExemptions options.

  • listBulkImageExemptionsOptions := vulnerabilityAdvisorService.NewListBulkImageExemptionsOptions(
      []string{"image name"},
    )
    
    mapStringExemption, response, err := vulnerabilityAdvisorService.ListBulkImageExemptions(listBulkImageExemptionsOptions)
    if err != nil {
      panic(err)
    }
    b, _ := json.MarshalIndent(mapStringExemption, "", "  ")
    fmt.Println(string(b))
  • const params = {
      body: ['image name'],
    };
    
    vulnerabilityAdvisorService.listBulkImageExemptions(params)
      .then(res => {
        console.log(JSON.stringify(res.result, null, 2));
      })
      .catch(err => {
        console.warn(err)
      });
  • exemptions_map = vulnerability_advisor_service.list_bulk_image_exemptions(
      body=['image name']
    ).get_result()
    
    print(json.dumps(exemptions_map, indent=2))
  • ListBulkImageExemptionsOptions listBulkImageExemptionsOptions = new ListBulkImageExemptionsOptions.Builder()
      .body(new java.util.ArrayList<String>(java.util.Arrays.asList("image name")))
      .build();
    
    Response<Map<String, List<Exemption>>> response = service.listBulkImageExemptions(listBulkImageExemptionsOptions).execute();
    Map<String, List<Exemption>> mapStringListExemption = response.getResult();
    
    System.out.println(mapStringListExemption);
  • curl -X 'POST'   'https://us.icr.io/va/api/v3/exemptions/images'   -H 'Authorization: Bearer <bearer_token>'   -H 'accept: application/json'   -H 'Account: <account_ID>'   -H 'Content-Type: application/json'   -d '[
      "us.icr.io/birds/woodpecker:green",
      "us.icr.io/birds/grebe:crested"
    ]'

Response

Response type: map[string][]Exemption

Response type: JsonObject

Response type: dict

Response type: Map<String, List<Exemption>>

Status Code

  • OK

  • A required header is missing. Add the header to the request and try again.

  • You are not authorized to view the requested resource, or your IBM Cloud bearer token is invalid. Run 'ibmcloud iam oauth-tokens' to retrieve your access token and try again. If this issue persists, contact your administrator to confirm that you have access to this resource.

  • You don't have authorization to access the specified namespace. Run 'ibmcloud cr namespaces' to list your namespaces. Check that your image is in one of your namespaces.

  • An internal server error occurred

  • This service is unavailable at the moment. Try again later.

  • Unable to authenticate with IBM Cloud. Try again later.

Example responses
  • {
      "us.icr.io/birds/woodpecker:green": [
        {
          "issue_type": "cve",
          "issue_id": "CVE-2019-99999",
          "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff"
        }
      ],
      "us.icr.io/birds/grebe:crested": [
        {
          "issue_type": "cve",
          "issue_id": "CVE-2019-11111",
          "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff"
        }
      ]
    }
  • {
      "us.icr.io/birds/woodpecker:green": [
        {
          "issue_type": "cve",
          "issue_id": "CVE-2019-99999",
          "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff"
        }
      ],
      "us.icr.io/birds/grebe:crested": [
        {
          "issue_type": "cve",
          "issue_id": "CVE-2019-11111",
          "account_id": "79c6d1c71fb1cbedc38ffc251ba2ffff"
        }
      ]
    }