org
Create an org
- Blog
- FAQ
- Product Demos
- API Guide
- GETGet an agent by name
- DELDelete an agent by name
- PATCHPerform a Patch on an agent by name
- GETQuery agent health
- GETGet all agents
- POSTCreate an agent
- POSTGet all agents based on a query
- GETGet the access report for an agent by name
- GETGet available permissions for an agent
- GETGet an audit context by name
- PATCHPerform a Patch on an audit context by name
- GETGet all audit contexts
- POSTCreate an audit context
- POSTGet all audit contexts based on a query
- GETGet the access report for an audit context by name
- GETGet available permissions for an audit context
- GETGet a cloud account by name
- DELDelete an cloud account by name
- PATCHPerform a Patch on a cloud account by name
- GETGet all cloud accounts
- POSTCreate a cloud account
- POSTGet all cloud accounts based on a query
- GETGet the access report for a cloud account by name
- GETGet available permissions for a cloud account resource type
- GETGet a domain by name
- DELDelete a domain by name
- PATCHPerform a Patch on a domain by name
- GETGet all domains
- POSTCreate a domain
- POSTGet all domains based on a query
- GETGet the access report for a domain by name
- GETGet available permissions for a domain resource type
- GETGet a group by name
- DELDelete a group by name
- PATCHPerform a Patch on a group by name
- GETGet all groups
- POSTCreate a group
- POSTGet all groups based on a query
- GETGet the access report for a group by name
- GETGet available permissions for a group resource type
- GETGet a GVC by name
- DELDelete a GVC by name
- PATCHPerform a Patch on a GVC by name
- GETGet all GVCs
- POSTCreate a GVC
- POSTGet all GVCs based on a query
- GETGet the access report for a GVC by name
- GETGet available permissions for a GVC resource type
- GETGet an identity by GVC and name
- DELDelete an identity by GVC and name
- PATCHPerform a Patch on an identity by name
- GETGet all identities in a GVC
- POSTCreate an identity
- GETGet all identities from all GVCs
- POSTGet all GVC identities based on a query
- GETGet the access report for an identity by GVC and name
- GETGet available permissions for an identity
- GETGet a image by name
- DELDelete an image by name
- PATCHPerform a Patch on an image by name
- GETGet all images
- POSTGet all images based on a query
- GETGet the access report for an image by name
- GETGet available permissions for an image resource type
- GETGet a location by name
- PATCHPerform a Patch on a location by name
- GETGet all locations
- POSTGet all locations based on a query
- GETGet the access report for a location by name
- GETGet available permissions for a location resource type
- GETGet an org by name
- PATCHPerform a Patch on an org by name
- GETGet all orgs
- POSTCreate an org
- POSTGet all orgs based on a query
- GETGet the access report for an org by name
- GETGet available permissions for an org resource type
- GETGet a policy by name
- DELDelete a policy by name
- PATCHPerform a Patch on a policy by name
- GETGet all policies
- POSTCreate a policy
- POSTGet all policies based on a query
- GETGet the access report for a policy by name
- GETGet available permissions for a policy resource type
- GETGet a quota by ID
- GETGet all quotas
- POSTGet all quotas based on a query
- GETGet available permissions for a quota resource type
- GETGet a secret by name
- DELDelete a secret by name
- PATCHPerform a Patch on a secret by name
- GETGet all secrets
- POSTCreate a secret
- GETGet the sensitive content of a secret by name
- POSTGet all secrets based on a query
- GETGet the access report for a secret by name
- GETGet available permissions for a secret resource type
- GETGet a service account by name
- DELDelete a service account by name
- PATCHPerform a Patch on a service account by name
- GETGet all service accounts
- POSTCreate a service account
- POSTGet all service accounts based on a query
- GETGet the access report for a service account by name
- POSTAdd a key to a service account
- GETGet available permissions for a service account resource type
- GETList tasks that you can accept to refuse
- GETList tasks that you can accept to refuse in a specific org
- GETGet a task by ID
- POSTPost
- DELDelete/Cancel a task by ID
- GETGet all tasks
- POSTGet all tasks based on a query
- GETGet available permissions for a task resource type
- GETGet a user by name
- DELDelete a user by name
- PATCHPerform a Patch on a user by name
- GETGet all users
- POSTGet all users based on a query
- POSTInvite users to this org
- GETGet the access report for a user by name
- GETGet available permissions for a user resource type
- GETGet a volumeset by GVC and name
- DELDelete a volumeset by name
- PATCHPerform a Patch on a volumeset by name
- GETList volumesets in a GVC you are authorized to view
- POSTCreate a volumeset
- GETGet all volumesets
- POSTGet all volumesets based on a query
- GETGet the access report for a volumeset by GVC and name
- GETGet available permissions for a volumeset resource type
- GETGet a workload by GVC and name
- DELDelete a workload by name
- PATCHPerform a Patch on a workload by name
- GETGet a deployment by GVC, workload and name
- GETList workloads in a GVC you are authorized to view
- POSTCreate a workload
- GETGet all workloads
- GETList deployments in a workload
- POSTGet all workloads based on a query
- GETGet the access report for a workload by GVC and name
- GETGet available permissions for a workload resource type
Overview
agent
auditctx
cloudaccount
domain
group
gvc
identity
image
location
org
policy
quota
secret
serviceaccount
task
user
volumeset
workload
org
Create an org
POST
/
org
Authorization
string
*
Authorization
Required
string
Service account key can be used as API keys
object
description
string
description
string
tags
object
tags
object
spec
object
spec
object
logging
object
logging
object
s3
object
s3
object
bucket
string
bucket
string
region
string
region
string
prefix
string
prefix
string
credentials
string
credentials
string
coralogix
object
coralogix
object
cluster
enum<string>
cluster
enum<string>
credentials
string
credentials
string
app
string
app
string
subsystem
string
subsystem
string
datadog
object
datadog
object
host
enum<string>
host
enum<string>
credentials
string
credentials
string
logzio
object
logzio
object
listenerHost
enum<string>
listenerHost
enum<string>
credentials
string
credentials
string
elastic
object
elastic
object
aws
object
aws
object
host
string
host
string
port
integer
port
integer
index
string
index
string
type
string
type
string
credentials
string
credentials
string
region
string
region
string
elasticCloud
object
elasticCloud
object
index
string
index
string
type
string
type
string
credentials
string
credentials
string
cloudId
string
cloudId
string
generic
object
generic
object
host
string
host
string
port
integer
port
integer
path
string
path
string
index
string
index
string
type
string
type
string
credentials
string
credentials
string
username
string
username
string
password
string
password
string
cloudWatch
object
cloudWatch
object
region
enum<string>
region
enum<string>
credentials
string
credentials
string
retentionDays
integer
retentionDays
integer
groupName
string
groupName
string
streamName
string
streamName
string
extractFields
object
extractFields
object
fluentd
object
fluentd
object
host
string
host
string
port
integer
port
integer
stackdriver
object
stackdriver
object
credentials
string
credentials
string
location
enum<string>
location
enum<string>
syslog
object
syslog
object
host
string
host
string
port
integer
port
integer
mode
enum<string>
mode
enum<string>
format
enum<string>
format
enum<string>
severity
number
severity
number
Emergency (EMERG) (severity level 0): System is unusable.
Alert (ALERT) (severity level 1): Action must be taken immediately.
Critical (CRIT) (severity level 2): Critical conditions.
Error (ERR) (severity level 3): Error conditions.
Warning (WARNING) (severity level 4): Warning conditions.
Notice (NOTICE) (severity level 5): Normal but significant conditions.
Informational (INFO) (severity level 6): Informational messages.
Debug (DEBUG) (severity level 7): Debug-level messages.
extraLogging
array
extraLogging
array
tracing
object
tracing
object
sampling
number
sampling
number
lightstep
object
lightstep
object
endpoint
string
endpoint
string
credentials
string
credentials
string
customTags
object
customTags
object
provider
object
provider
object
otel
object
otel
object
endpoint
string
endpoint
string
lightstep
object
lightstep
object
endpoint
string
endpoint
string
credentials
string
credentials
string
controlplane
object
controlplane
object
sessionTimeoutSeconds
number
sessionTimeoutSeconds
number
authConfig
object
authConfig
object
domainAutoMembers
array
domainAutoMembers
array
samlOnly
boolean
samlOnly
boolean
observability
object
observability
object
logsRetentionDays
integer
logsRetentionDays
integer
metricsRetentionDays
integer
metricsRetentionDays
integer
tracesRetentionDays
integer
tracesRetentionDays
integer
security
object
security
object
threatDetection
object
threatDetection
object
configure detected threats to be forwarded using a specified protocol
enabled
boolean
enabled
boolean
whether or not detected threats should be forwarded
minimumSeverity
enum<string>
minimumSeverity
enum<string>
any threats with this severity and more severe will be sent. Others will be ignored
syslog
object
syslog
object
configuration for syslog forwarding
transport
enum<string>
transport
enum<string>
the transport-layer protocol to send the syslog messages over. If TCP is chosen, messages will be sent with TLS.
host
string
host
string
the hostname to send syslog messages to
port
integer
port
integer
the port to send syslog messages to
Authorizations
Authorization
string
headerrequiredService account key can be used as API keys
Body
application/json
description
string
tags
object
spec
object
spec.logging
object
spec.logging.s3
object
spec.logging.s3.bucket
string
spec.logging.s3.region
string
spec.logging.s3.prefix
string
default: /spec.logging.s3.credentials
string
spec.logging.coralogix
object
spec.logging.coralogix.cluster
enum<string>
Available options:
coralogix.com, coralogix.us, app.coralogix.in, app.eu2.coralogix.com, app.coralogixsg.com spec.logging.coralogix.credentials
string
spec.logging.coralogix.app
string
spec.logging.coralogix.subsystem
string
spec.logging.datadog
object
spec.logging.datadog.host
enum<string>
Available options:
http-intake.logs.datadoghq.com, http-intake.logs.us3.datadoghq.com, http-intake.logs.us5.datadoghq.com, http-intake.logs.datadoghq.eu spec.logging.datadog.credentials
string
spec.logging.logzio
object
spec.logging.logzio.listenerHost
enum<string>
Available options:
listener.logz.io, listener-nl.logz.io spec.logging.logzio.credentials
string
spec.logging.elastic
object
spec.logging.elastic.aws
object
spec.logging.elastic.aws.host
string
spec.logging.elastic.aws.port
integer
spec.logging.elastic.aws.index
string
spec.logging.elastic.aws.type
string
spec.logging.elastic.aws.credentials
string
spec.logging.elastic.aws.region
string
spec.logging.elastic.elasticCloud
object
spec.logging.elastic.elasticCloud.index
string
spec.logging.elastic.elasticCloud.type
string
spec.logging.elastic.elasticCloud.credentials
string
spec.logging.elastic.elasticCloud.cloudId
string
spec.logging.elastic.generic
object
spec.logging.elastic.generic.host
string
spec.logging.elastic.generic.port
integer
spec.logging.elastic.generic.path
string
spec.logging.elastic.generic.index
string
spec.logging.elastic.generic.type
string
spec.logging.elastic.generic.credentials
string
spec.logging.elastic.generic.username
string
spec.logging.elastic.generic.password
string
spec.logging.cloudWatch
object
spec.logging.cloudWatch.region
enum<string>
Available options:
us-east-1, us-east-2, us-west-1, us-west-2, ap-south-1, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, eu-central-1, eu-west-1, eu-west-2, eu-south-1, eu-west-3, eu-north-1, me-south-1, sa-east-1, af-south-1 spec.logging.cloudWatch.credentials
string
spec.logging.cloudWatch.retentionDays
integer
spec.logging.cloudWatch.groupName
string
spec.logging.cloudWatch.streamName
string
spec.logging.cloudWatch.extractFields
object
spec.logging.fluentd
object
spec.logging.fluentd.host
string
spec.logging.fluentd.port
integer
spec.logging.stackdriver
object
spec.logging.stackdriver.credentials
string
spec.logging.stackdriver.location
enum<string>
Available options:
us-east1, us-east4, us-central1, us-west1, europe-west4, europe-west1, europe-west3, europe-west2, asia-east1, asia-southeast1, asia-northeast1, asia-south1, australia-southeast1, southamerica-east1, africa-south1, asia-east2, asia-northeast2, asia-northeast3, asia-south2, asia-southeast2, australia-southeast2, europe-central2, europe-north1, europe-southwest1, europe-west10, europe-west12, europe-west6, europe-west8, europe-west9, me-central1, me-central2, me-west1, northamerica-northeast1, northamerica-northeast2, southamerica-west1, us-east5, us-south1, us-west2, us-west3, us-west4 spec.logging.syslog
object
spec.logging.syslog.host
string
spec.logging.syslog.port
integer
spec.logging.syslog.mode
enum<string>
default: tcpAvailable options:
tcp, udp, tls spec.logging.syslog.format
enum<string>
default: rfc5424Available options:
rfc3164, rfc5424 spec.logging.syslog.severity
number
Emergency (EMERG) (severity level 0): System is unusable.
Alert (ALERT) (severity level 1): Action must be taken immediately.
Critical (CRIT) (severity level 2): Critical conditions.
Error (ERR) (severity level 3): Error conditions.
Warning (WARNING) (severity level 4): Warning conditions.
Notice (NOTICE) (severity level 5): Normal but significant conditions.
Informational (INFO) (severity level 6): Informational messages.
Debug (DEBUG) (severity level 7): Debug-level messages.
spec.extraLogging
object[]
spec.extraLogging.s3
object
spec.extraLogging.s3.bucket
string
spec.extraLogging.s3.region
string
spec.extraLogging.s3.prefix
string
default: /spec.extraLogging.s3.credentials
string
spec.extraLogging.coralogix
object
spec.extraLogging.coralogix.cluster
enum<string>
Available options:
coralogix.com, coralogix.us, app.coralogix.in, app.eu2.coralogix.com, app.coralogixsg.com spec.extraLogging.coralogix.credentials
string
spec.extraLogging.coralogix.app
string
spec.extraLogging.coralogix.subsystem
string
spec.extraLogging.datadog
object
spec.extraLogging.datadog.host
enum<string>
Available options:
http-intake.logs.datadoghq.com, http-intake.logs.us3.datadoghq.com, http-intake.logs.us5.datadoghq.com, http-intake.logs.datadoghq.eu spec.extraLogging.datadog.credentials
string
spec.extraLogging.logzio
object
spec.extraLogging.logzio.listenerHost
enum<string>
Available options:
listener.logz.io, listener-nl.logz.io spec.extraLogging.logzio.credentials
string
spec.extraLogging.elastic
object
spec.extraLogging.elastic.aws
object
spec.extraLogging.elastic.aws.host
string
spec.extraLogging.elastic.aws.port
integer
spec.extraLogging.elastic.aws.index
string
spec.extraLogging.elastic.aws.type
string
spec.extraLogging.elastic.aws.credentials
string
spec.extraLogging.elastic.aws.region
string
spec.extraLogging.elastic.elasticCloud
object
spec.extraLogging.elastic.elasticCloud.index
string
spec.extraLogging.elastic.elasticCloud.type
string
spec.extraLogging.elastic.elasticCloud.credentials
string
spec.extraLogging.elastic.elasticCloud.cloudId
string
spec.extraLogging.elastic.generic
object
spec.extraLogging.elastic.generic.host
string
spec.extraLogging.elastic.generic.port
integer
spec.extraLogging.elastic.generic.path
string
spec.extraLogging.elastic.generic.index
string
spec.extraLogging.elastic.generic.type
string
spec.extraLogging.elastic.generic.credentials
string
spec.extraLogging.elastic.generic.username
string
spec.extraLogging.elastic.generic.password
string
spec.extraLogging.cloudWatch
object
spec.extraLogging.cloudWatch.region
enum<string>
Available options:
us-east-1, us-east-2, us-west-1, us-west-2, ap-south-1, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, eu-central-1, eu-west-1, eu-west-2, eu-south-1, eu-west-3, eu-north-1, me-south-1, sa-east-1, af-south-1 spec.extraLogging.cloudWatch.credentials
string
spec.extraLogging.cloudWatch.retentionDays
integer
spec.extraLogging.cloudWatch.groupName
string
spec.extraLogging.cloudWatch.streamName
string
spec.extraLogging.cloudWatch.extractFields
object
spec.extraLogging.fluentd
object
spec.extraLogging.fluentd.host
string
spec.extraLogging.fluentd.port
integer
spec.extraLogging.stackdriver
object
spec.extraLogging.stackdriver.credentials
string
spec.extraLogging.stackdriver.location
enum<string>
Available options:
us-east1, us-east4, us-central1, us-west1, europe-west4, europe-west1, europe-west3, europe-west2, asia-east1, asia-southeast1, asia-northeast1, asia-south1, australia-southeast1, southamerica-east1, africa-south1, asia-east2, asia-northeast2, asia-northeast3, asia-south2, asia-southeast2, australia-southeast2, europe-central2, europe-north1, europe-southwest1, europe-west10, europe-west12, europe-west6, europe-west8, europe-west9, me-central1, me-central2, me-west1, northamerica-northeast1, northamerica-northeast2, southamerica-west1, us-east5, us-south1, us-west2, us-west3, us-west4 spec.extraLogging.syslog
object
spec.extraLogging.syslog.host
string
spec.extraLogging.syslog.port
integer
spec.extraLogging.syslog.mode
enum<string>
default: tcpAvailable options:
tcp, udp, tls spec.extraLogging.syslog.format
enum<string>
default: rfc5424Available options:
rfc3164, rfc5424 spec.extraLogging.syslog.severity
number
Emergency (EMERG) (severity level 0): System is unusable.
Alert (ALERT) (severity level 1): Action must be taken immediately.
Critical (CRIT) (severity level 2): Critical conditions.
Error (ERR) (severity level 3): Error conditions.
Warning (WARNING) (severity level 4): Warning conditions.
Notice (NOTICE) (severity level 5): Normal but significant conditions.
Informational (INFO) (severity level 6): Informational messages.
Debug (DEBUG) (severity level 7): Debug-level messages.
spec.tracing
object
spec.tracing.sampling
number
spec.tracing.lightstep
object
spec.tracing.lightstep.endpoint
string
spec.tracing.lightstep.credentials
string
spec.tracing.customTags
object
spec.tracing.provider
object
spec.tracing.provider.otel
object
spec.tracing.provider.otel.endpoint
string
spec.tracing.provider.lightstep
object
spec.tracing.provider.lightstep.endpoint
string
spec.tracing.provider.lightstep.credentials
string
spec.tracing.provider.controlplane
object
spec.sessionTimeoutSeconds
number
spec.authConfig
object
spec.authConfig.domainAutoMembers
string[]
spec.authConfig.samlOnly
boolean
spec.observability
object
spec.observability.logsRetentionDays
integer
spec.observability.metricsRetentionDays
integer
spec.observability.tracesRetentionDays
integer
spec.security
object
spec.security.threatDetection
object
configure detected threats to be forwarded using a specified protocol
spec.security.threatDetection.enabled
boolean
whether or not detected threats should be forwarded
spec.security.threatDetection.minimumSeverity
enum<string>
any threats with this severity and more severe will be sent. Others will be ignored
Available options:
warning, error, critical spec.security.threatDetection.syslog
object
configuration for syslog forwarding
spec.security.threatDetection.syslog.transport
enum<string>
default: tcpthe transport-layer protocol to send the syslog messages over. If TCP is chosen, messages will be sent with TLS.
Available options:
tcp, udp spec.security.threatDetection.syslog.host
string
the hostname to send syslog messages to
spec.security.threatDetection.syslog.port
integer
the port to send syslog messages to
Response
201 - application/json
The response is of type any.