Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
...
}
×
ClustersService
DeleteCluster
GetCluster
GetClusterDefaultValues
GetClusters
GetKernelSupportAvailable
PostCluster
PutCluster
Common object reference
ClusterHealthStatusHealthStatusLabel
-
UNAVAILABLE: Only collector can have unavailable status
| Enum Values |
|---|
UNINITIALIZED |
UNAVAILABLE |
UNHEALTHY |
DEGRADED |
HEALTHY |
ClusterUpgradeStatusUpgradability
-
SENSOR_VERSION_HIGHER: SENSOR_VERSION_HIGHER occurs when we detect that the sensor is running a newer version than this Central. This is unexpected, but can occur depending on the patches a customer does. In this case, we will NOT automatically "upgrade" the sensor, since that would be a downgrade, even if the autoupgrade setting is on. The user will be allowed to manually trigger the upgrade, but they are strongly discouraged from doing so without upgrading Central first, since this is an unsupported configuration.
| Enum Values |
|---|
UNSET |
UP_TO_DATE |
MANUAL_UPGRADE_REQUIRED |
AUTO_UPGRADE_POSSIBLE |
SENSOR_VERSION_HIGHER |
ClusterUpgradeStatusUpgradeProcessStatus
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
active |
Boolean |
||||
id |
String |
||||
targetVersion |
String |
||||
upgraderImage |
String |
||||
initiatedAt |
Date |
date-time |
|||
progress |
|||||
type |
UPGRADE, CERT_ROTATION, |
ProtobufAny
Any contains an arbitrary serialized protocol buffer message along with a
URL that describes the type of the serialized message.
Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.
Example 1: Pack and unpack a message in C++.
Example 2: Pack and unpack a message in Java.
Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
foo = any.unpack(Foo.getDefaultInstance());
}
Example 3: Pack and unpack a message in Python.
foo = Foo(...) any = Any() any.Pack(foo) ... if any.Is(Foo.DESCRIPTOR): any.Unpack(foo) ...
Example 4: Pack and unpack a message in Go
foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
...
}
The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example "foo.bar.com/x/y.z" will yield type name "y.z".
JSON representation
The JSON representation of an Any value uses the regular
representation of the deserialized, embedded message, with an
additional field @type which contains the type URL. Example:
package google.profile;
message Person {
string first_name = 1;
string last_name = 2;
}
{
"@type": "type.googleapis.com/google.profile.Person",
"firstName": <string>,
"lastName": <string>
}
If the embedded message type is well-known and has a custom JSON
representation, that representation will be embedded adding a field
value which holds the custom JSON in addition to the @type
field. Example (for message [google.protobuf.Duration][]):
{
"@type": "type.googleapis.com/google.protobuf.Duration",
"value": "1.212s"
}
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
typeUrl |
String |
A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in |
|||
value |
byte[] |
Must be a valid serialized protocol buffer of the above specified type. |
byte |
RuntimeError
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
error |
String |
||||
code |
Integer |
int32 |
|||
message |
String |
||||
details |
List of ProtobufAny |
StorageAdmissionControlHealthInfo
AdmissionControlHealthInfo carries data about admission control deployment but does not include admission control health status derived from this data. Aggregated admission control health status is not included because it is derived in central and not in the component that first reports AdmissionControlHealthInfo (sensor).
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
totalDesiredPods |
Integer |
int32 |
|||
totalReadyPods |
Integer |
int32 |
|||
statusErrors |
List of |
Collection of errors that occurred while trying to obtain admission control health info. |
StorageAdmissionControllerConfig
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
enabled |
Boolean |
||||
timeoutSeconds |
Integer |
int32 |
|||
scanInline |
Boolean |
||||
disableBypass |
Boolean |
||||
enforceOnUpdates |
Boolean |
StorageAuditLogFileState
AuditLogFileState tracks the last audit log event timestamp and ID that was collected by Compliance For internal use only
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
collectLogsSince |
Date |
date-time |
|||
lastAuditId |
String |
StorageAzureProviderMetadata
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
subscriptionId |
String |
StorageCluster
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
id |
String |
||||
name |
String |
||||
type |
GENERIC_CLUSTER, KUBERNETES_CLUSTER, OPENSHIFT_CLUSTER, OPENSHIFT4_CLUSTER, |
||||
labels |
Map of |
||||
mainImage |
String |
||||
collectorImage |
String |
||||
centralApiEndpoint |
String |
||||
runtimeSupport |
Boolean |
||||
collectionMethod |
UNSET_COLLECTION, NO_COLLECTION, KERNEL_MODULE, EBPF, CORE_BPF, |
||||
admissionController |
Boolean |
||||
admissionControllerUpdates |
Boolean |
||||
admissionControllerEvents |
Boolean |
||||
status |
|||||
dynamicConfig |
|||||
tolerationsConfig |
|||||
priority |
String |
int64 |
|||
healthStatus |
|||||
slimCollector |
Boolean |
||||
helmConfig |
|||||
mostRecentSensorId |
|||||
auditLogState |
Map of StorageAuditLogFileState |
For internal use only. |
|||
initBundleId |
String |
||||
managedBy |
MANAGER_TYPE_UNKNOWN, MANAGER_TYPE_MANUAL, MANAGER_TYPE_HELM_CHART, MANAGER_TYPE_KUBERNETES_OPERATOR, |
StorageClusterCertExpiryStatus
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
sensorCertExpiry |
Date |
date-time |
|||
sensorCertNotBefore |
Date |
date-time |
StorageClusterHealthStatus
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
id |
String |
||||
collectorHealthInfo |
|||||
admissionControlHealthInfo |
|||||
scannerHealthInfo |
|||||
sensorHealthStatus |
UNINITIALIZED, UNAVAILABLE, UNHEALTHY, DEGRADED, HEALTHY, |
||||
collectorHealthStatus |
UNINITIALIZED, UNAVAILABLE, UNHEALTHY, DEGRADED, HEALTHY, |
||||
overallHealthStatus |
UNINITIALIZED, UNAVAILABLE, UNHEALTHY, DEGRADED, HEALTHY, |
||||
admissionControlHealthStatus |
UNINITIALIZED, UNAVAILABLE, UNHEALTHY, DEGRADED, HEALTHY, |
||||
scannerHealthStatus |
UNINITIALIZED, UNAVAILABLE, UNHEALTHY, DEGRADED, HEALTHY, |
||||
lastContact |
Date |
date-time |
|||
healthInfoComplete |
Boolean |
StorageClusterMetadata
ClusterMetadata contains metadata information about the cluster infrastructure.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
type |
UNSPECIFIED, AKS, ARO, EKS, GKE, OCP, OSD, ROSA, |
||||
name |
String |
Name represents the name under which the cluster is registered with the cloud provider. In case of self managed OpenShift it is the name chosen by the OpenShift installer. |
|||
id |
String |
Id represents a unique ID under which the cluster is registered with the cloud provider. Not all cluster types have an id. For all OpenShift clusters, this is the Red Hat |
StorageClusterStatus
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
sensorVersion |
String |
||||
DEPRECATEDLastContact |
Date |
This field has been deprecated starting release 49.0. Use healthStatus.lastContact instead. |
date-time |
||
providerMetadata |
|||||
orchestratorMetadata |
|||||
upgradeStatus |
|||||
certExpiryStatus |
StorageClusterType
| Enum Values |
|---|
GENERIC_CLUSTER |
KUBERNETES_CLUSTER |
OPENSHIFT_CLUSTER |
OPENSHIFT4_CLUSTER |
StorageClusterUpgradeStatus
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
upgradability |
UNSET, UP_TO_DATE, MANUAL_UPGRADE_REQUIRED, AUTO_UPGRADE_POSSIBLE, SENSOR_VERSION_HIGHER, |
||||
upgradabilityStatusReason |
String |
||||
mostRecentProcess |
StorageCollectorHealthInfo
CollectorHealthInfo carries data about collector deployment but does not include collector health status derived from this data. Aggregated collector health status is not included because it is derived in central and not in the component that first reports CollectorHealthInfo (sensor).
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
version |
String |
||||
totalDesiredPods |
Integer |
int32 |
|||
totalReadyPods |
Integer |
int32 |
|||
totalRegisteredNodes |
Integer |
int32 |
|||
statusErrors |
List of |
Collection of errors that occurred while trying to obtain collector health info. |
StorageCompleteClusterConfig
Encodes a complete cluster configuration minus ID/Name identifiers including static and dynamic settings.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
dynamicConfig |
|||||
staticConfig |
|||||
configFingerprint |
String |
||||
clusterLabels |
Map of |
StorageDynamicClusterConfig
The difference between Static and Dynamic cluster config is that Dynamic values are sent over the Central to Sensor gRPC connection. This has the benefit of allowing for "hot reloading" of values without restarting Secured cluster components.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
admissionControllerConfig |
|||||
registryOverride |
String |
||||
disableAuditLogs |
Boolean |
StorageGoogleProviderMetadata
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
project |
String |
||||
clusterName |
String |
Deprecated in favor of providerMetadata.cluster.name. |
StorageManagerType
| Enum Values |
|---|
MANAGER_TYPE_UNKNOWN |
MANAGER_TYPE_MANUAL |
MANAGER_TYPE_HELM_CHART |
MANAGER_TYPE_KUBERNETES_OPERATOR |
StorageOrchestratorMetadata
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
version |
String |
||||
openshiftVersion |
String |
||||
buildDate |
Date |
date-time |
|||
apiVersions |
List of |
StorageProviderMetadata
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
region |
String |
||||
zone |
String |
||||
aws |
|||||
azure |
|||||
verified |
Boolean |
||||
cluster |
StorageScannerHealthInfo
ScannerHealthInfo represents health info of a scanner instance that is deployed on a secured cluster (so called "local scanner"). When the scanner is deployed on a central cluster, the following message is NOT used. ScannerHealthInfo carries data about scanner deployment but does not include scanner health status derived from this data. Aggregated scanner health status is not included because it is derived in central and not in the component that first reports ScannerHealthInfo (sensor).
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
totalDesiredAnalyzerPods |
Integer |
int32 |
|||
totalReadyAnalyzerPods |
Integer |
int32 |
|||
totalDesiredDbPods |
Integer |
int32 |
|||
totalReadyDbPods |
Integer |
int32 |
|||
statusErrors |
List of |
Collection of errors that occurred while trying to obtain scanner health info. |
StorageSensorDeploymentIdentification
StackRoxDeploymentIdentification aims at uniquely identifying a StackRox Sensor deployment. It is used to determine whether a sensor connection comes from a sensor pod that has restarted or was recreated (possibly after a network partition), or from a deployment in a different namespace or cluster.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
systemNamespaceId |
String |
||||
defaultNamespaceId |
String |
||||
appNamespace |
String |
||||
appNamespaceId |
String |
||||
appServiceaccountId |
String |
||||
k8sNodeName |
String |
StorageStaticClusterConfig
The difference between Static and Dynamic cluster config is that Static values are not sent over the Central to Sensor gRPC connection. They are used, for example, to generate manifests that can be used to set up the Secured Cluster’s k8s components. They are not dynamically reloaded.
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
type |
GENERIC_CLUSTER, KUBERNETES_CLUSTER, OPENSHIFT_CLUSTER, OPENSHIFT4_CLUSTER, |
||||
mainImage |
String |
||||
centralApiEndpoint |
String |
||||
collectionMethod |
UNSET_COLLECTION, NO_COLLECTION, KERNEL_MODULE, EBPF, CORE_BPF, |
||||
collectorImage |
String |
||||
admissionController |
Boolean |
||||
admissionControllerUpdates |
Boolean |
||||
tolerationsConfig |
|||||
slimCollector |
Boolean |
||||
admissionControllerEvents |
Boolean |
StorageUpgradeProgress
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
upgradeState |
UPGRADE_INITIALIZING, UPGRADER_LAUNCHING, UPGRADER_LAUNCHED, PRE_FLIGHT_CHECKS_COMPLETE, UPGRADE_OPERATIONS_DONE, UPGRADE_COMPLETE, UPGRADE_INITIALIZATION_ERROR, PRE_FLIGHT_CHECKS_FAILED, UPGRADE_ERROR_ROLLING_BACK, UPGRADE_ERROR_ROLLED_BACK, UPGRADE_ERROR_ROLLBACK_FAILED, UPGRADE_ERROR_UNKNOWN, UPGRADE_TIMED_OUT, |
||||
upgradeStatusDetail |
String |
||||
since |
Date |
date-time |
UpgradeProcessStatusUpgradeProcessType
-
UPGRADE: UPGRADE represents a sensor version upgrade.
-
CERT_ROTATION: CERT_ROTATION represents an upgrade process that only rotates the TLS certs used by the cluster, without changing anything else.
| Enum Values |
|---|
UPGRADE |
CERT_ROTATION |
UpgradeProgressUpgradeState
-
UPGRADER_LAUNCHING: In-progress states.
-
UPGRADE_COMPLETE: The success state. PLEASE NUMBER ALL IN-PROGRESS STATES ABOVE THIS AND ALL ERROR STATES BELOW THIS.
-
UPGRADE_INITIALIZATION_ERROR: Error states.
| Enum Values |
|---|
UPGRADE_INITIALIZING |
UPGRADER_LAUNCHING |
UPGRADER_LAUNCHED |
PRE_FLIGHT_CHECKS_COMPLETE |
UPGRADE_OPERATIONS_DONE |
UPGRADE_COMPLETE |
UPGRADE_INITIALIZATION_ERROR |
PRE_FLIGHT_CHECKS_FAILED |
UPGRADE_ERROR_ROLLING_BACK |
UPGRADE_ERROR_ROLLED_BACK |
UPGRADE_ERROR_ROLLBACK_FAILED |
UPGRADE_ERROR_UNKNOWN |
UPGRADE_TIMED_OUT |
V1ClusterDefaultsResponse
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
mainImageRepository |
String |
||||
collectorImageRepository |
String |
||||
kernelSupportAvailable |
Boolean |
V1ClustersList
| Field Name | Required | Nullable | Type | Description | Format |
|---|---|---|---|---|---|
clusters |
List of StorageCluster |
||||
clusterIdToRetentionInfo |