Illumio Core Protection

illumio core protection provides segmentation to secure on premises and cloud data center workloads illumio core secure reduces the impact of breaches this connector integrates illumio core with turbine prerequisites this connector can be authenticated in one of two ways using email and password for pce account using api authentication username and api key secret capabilities this connector provides the following capabilities get a workload by id get firewall policies get ransomware details for a workload get security policy versions get ven instance details get workloads settings get workloads asset setup to create api keys in the pce web console, follow the following instructions in the drop down user menu, select my api keys a list of configured api keys is displayed if no api keys are configured, the message "no api keys" is displayed to add a new api key, click add in the create api key pop up window, enter a name for the api key in the name field optionally, enter a description in the description field click save to save your api key or click cancel to close the pop up window without saving your changes when the api key created window appears, click the > button next to "show credentials" to display the credentials for your api key the following information is displayed key id the unique id of the api key authentication username the username that authenticates the api calls secret the password for the api key click download credentials to download the credentials as a text file make sure that you have saved the credential information before clicking done after you click done , the api keys page displays a summary of your new api key, including the following information name description key id authentication username created on notes https //docs illumio com/core/23 3/api reference/index html configurations api key authentication authenticates using api key configuration parameters parameter description type required url a url to the target host string required auth username api authentication username string required api secret api key secret string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional email and password authentication authenticates using email and password configuration parameters parameter description type required url a url to the target host string required email email address used to create your pce account string required password password for your pce account string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional pce fqdn fully qualified domain name for pce string required one time password one time password string optional actions get a workload by id get a workload by id endpoint url /api/v2/orgs/{{org id}}/workloads/{{workload id}} method get input argument name type required description path parameters workload id string required parameters for the get a workload by id action path parameters org id string required parameters for the get a workload by id action input example {"path parameters" {"workload id" "string","org id" "string"}} output parameter type description status code number http status code of the response reason string response reason phrase href string output field href deleted boolean output field deleted delete type string type of the resource name string name of the resource description string output field description managed boolean output field managed hostname string name of the resource service principal name string name of the resource agent to pce certificate authentication id object unique identifier distinguished name string name of the resource public ip string output field public ip external data set object response data external data reference object response data interfaces object output field interfaces interfaces name string name of the resource interfaces link state object output field interfaces link state interfaces address string output field interfaces address interfaces cidr block object unique identifier interfaces default gateway address object output field interfaces default gateway address interfaces network object output field interfaces network interfaces network href string output field interfaces network href interfaces network name object name of the resource interfaces network detection mode object output field interfaces network detection mode output example {"status code" 200,"response headers" {"date" "mon, 23 oct 2023 18 35 52 gmt","content type" "application/json; charset=utf 8","content length" "270","connection" "keep alive","access control max age" "604800","vary" "accept encoding","content encoding" "gzip","x correlation id" "ebc917c8ac68fc9bfb2c05b7abf10577, 491270c0187293672c0ad339c6678cec","strict transport security" "max age=31536000; includesubdomains, max age=31536000; includesubdomains","x frame options" "deny, deny","x rate limit lim get firewall policies get firewall policies endpoint url /api/v2/orgs/{{org id}}/sec policy/{{pversion}}/firewall settings method get input argument name type required description path parameters pversion string required parameters for the get firewall policies action path parameters org id string required parameters for the get firewall policies action input example {"path parameters" {"pversion" "string","org id" "string"}} output parameter type description status code number http status code of the response reason string response reason phrase static policy scopes array output field static policy scopes static policy scopes 0 object output field static policy scopes 0 static policy scopes 0 exclusion boolean output field static policy scopes 0 exclusion static policy scopes 0 label object output field static policy scopes 0 label static policy scopes 0 label href string output field static policy scopes 0 label href static policy scopes 0 label key string output field static policy scopes 0 label key static policy scopes 0 label value string value for the parameter static policy scopes 0 label group object output field static policy scopes 0 label group static policy scopes 0 label group href string output field static policy scopes 0 label group href static policy scopes 0 label group key string output field static policy scopes 0 label group key static policy scopes 0 label group name string name of the resource ike authentication type string type of the resource firewall coexistence object output field firewall coexistence allow captive portal outbound boolean output field allow captive portal outbound containers inherit host policy scopes array output field containers inherit host policy scopes containers inherit host policy scopes 0 object output field containers inherit host policy scopes 0 containers inherit host policy scopes 0 exclusion boolean output field containers inherit host policy scopes 0 exclusion containers inherit host policy scopes 0 label object output field containers inherit host policy scopes 0 label containers inherit host policy scopes 0 label href string output field containers inherit host policy scopes 0 label href containers inherit host policy scopes 0 label key string output field containers inherit host policy scopes 0 label key containers inherit host policy scopes 0 label value string value for the parameter containers inherit host policy scopes 0 label group object output field containers inherit host policy scopes 0 label group containers inherit host policy scopes 0 label group href string output field containers inherit host policy scopes 0 label group href output example {"status code" 200,"response headers" {"date" "mon, 23 oct 2023 18 35 52 gmt","content type" "application/json; charset=utf 8","content length" "270","connection" "keep alive","access control max age" "604800","vary" "accept encoding","content encoding" "gzip","x correlation id" "ebc917c8ac68fc9bfb2c05b7abf10577, 491270c0187293672c0ad339c6678cec","strict transport security" "max age=31536000; includesubdomains, max age=31536000; includesubdomains","x frame options" "deny, deny","x rate limit lim get ransomware details for a workload get ransomware details for a workload endpoint url /api/v2/orgs/{{org id}}/workloads/{{workload id}}/risk details method get input argument name type required description path parameters workload id string required parameters for the get ransomware details for a workload action path parameters org id string required parameters for the get ransomware details for a workload action input example {"path parameters" {"workload id" "string","org id" "string"}} output parameter type description status code number http status code of the response reason string response reason phrase risk details object output field risk details output example {"status code" 200,"response headers" {"date" "mon, 23 oct 2023 18 35 52 gmt","content type" "application/json; charset=utf 8","content length" "270","connection" "keep alive","access control max age" "604800","vary" "accept encoding","content encoding" "gzip","x correlation id" "ebc917c8ac68fc9bfb2c05b7abf10577, 491270c0187293672c0ad339c6678cec","strict transport security" "max age=31536000; includesubdomains, max age=31536000; includesubdomains","x frame options" "deny, deny","x rate limit lim get security policy versions get security policy versions endpoint url /api/v2/orgs/{{org id}}/sec policy method get input argument name type required description path parameters org id string required parameters for the get security policy versions action input example {"path parameters" {"org id" "string"}} output parameter type description status code number http status code of the response reason string response reason phrase href string output field href version number output field version workloads affected object output field workloads affected commit message object response message object counts object output field object counts object counts rule sets number output field object counts rule sets object counts ip lists number output field object counts ip lists object counts services number output field object counts services object counts virtual services number output field object counts virtual services object counts label groups number output field object counts label groups object counts virtual servers number output field object counts virtual servers object counts firewall settings number output field object counts firewall settings object counts secure connect gateways number output field object counts secure connect gateways object counts enforcement boundaries number output field object counts enforcement boundaries created at string output field created at created by object output field created by created by href string output field created by href output example {"status code" 200,"response headers" {"date" "mon, 23 oct 2023 18 35 52 gmt","content type" "application/json; charset=utf 8","content length" "270","connection" "keep alive","access control max age" "604800","vary" "accept encoding","content encoding" "gzip","x correlation id" "ebc917c8ac68fc9bfb2c05b7abf10577, 491270c0187293672c0ad339c6678cec","strict transport security" "max age=31536000; includesubdomains, max age=31536000; includesubdomains","x frame options" "deny, deny","x rate limit lim get ven instance details get details on a ven instance endpoint url /api/v2/orgs/{{org id}}/vens/{{ven id}} method get input argument name type required description path parameters ven id string required parameters for the get ven instance details action path parameters org id string required parameters for the get ven instance details action input example {"path parameters" {"ven id" "string","org id" "string"}} output parameter type description status code number http status code of the response reason string response reason phrase href string output field href name object name of the resource description object output field description hostname string name of the resource uid object unique identifier os id object unique identifier os detail object output field os detail os platform object output field os platform version string output field version status string status value activation type string type of the resource active pce fqdn object output field active pce fqdn target pce fqdn object output field target pce fqdn labels array output field labels labels href string output field labels href labels key string output field labels key labels value string value for the parameter interfaces array output field interfaces interfaces name string name of the resource interfaces link state object output field interfaces link state interfaces address string output field interfaces address interfaces cidr block object unique identifier interfaces default gateway address object output field interfaces default gateway address output example {"status code" 200,"response headers" {"date" "mon, 23 oct 2023 18 35 52 gmt","content type" "application/json; charset=utf 8","content length" "270","connection" "keep alive","access control max age" "604800","vary" "accept encoding","content encoding" "gzip","x correlation id" "ebc917c8ac68fc9bfb2c05b7abf10577, 491270c0187293672c0ad339c6678cec","strict transport security" "max age=31536000; includesubdomains, max age=31536000; includesubdomains","x frame options" "deny, deny","x rate limit lim get workloads get all workloads endpoint url /api/v2/orgs/{{org id}}/workloads method get input argument name type required description path parameters org id string required parameters for the get workloads action parameters agent active pce fqdn string optional parameters for the get workloads action parameters container clusters string optional parameters for the get workloads action parameters description string optional parameters for the get workloads action parameters enforcement mode string optional parameters for the get workloads action parameters external data reference string optional parameters for the get workloads action parameters external data set string optional parameters for the get workloads action parameters hostname string optional parameters for the get workloads action parameters include deleted boolean optional parameters for the get workloads action parameters ip address string optional parameters for the get workloads action parameters labels string optional parameters for the get workloads action parameters last heartbeat on\[gte] string optional parameters for the get workloads action parameters last heartbeat on\[lte] string optional parameters for the get workloads action parameters log traffic boolean optional parameters for the get workloads action parameters managed boolean optional parameters for the get workloads action parameters max results number optional parameters for the get workloads action parameters mode string optional parameters for the get workloads action parameters name string optional parameters for the get workloads action parameters online boolean optional parameters for the get workloads action parameters os id string optional parameters for the get workloads action parameters policy health string optional parameters for the get workloads action parameters security policy sync state string optional parameters for the get workloads action parameters security policy update mode string optional parameters for the get workloads action parameters soft deleted boolean optional parameters for the get workloads action parameters ven string optional parameters for the get workloads action input example {"path parameters" {"org id" "string"},"parameters" {"agent active pce fqdn" "string","container clusters" "string","description" "string","enforcement mode" "string","external data reference" "string","external data set" "string","hostname" "example name","include deleted"\ true,"ip address" "string","labels" "string","last heartbeat on\[gte]" "string","last heartbeat on\[lte]" "string","log traffic"\ true,"managed"\ true,"max results" 123,"mode" "string","name" "example name","online"\ true,"os id" "string","policy health" "string","security policy sync state" "string","security policy update mode" "string","soft deleted"\ true,"ven" "string","ven ven type" "string","visibility level" "string","vulnerability summary vulnerability exposure score\[gte]" 123,"vulnerability summary vulnerability exposure score\[lte]" 123}} output parameter type description status code number http status code of the response reason string response reason phrase href string output field href deleted boolean output field deleted delete type string type of the resource name string name of the resource description string output field description managed boolean output field managed hostname string name of the resource service principal name string name of the resource agent to pce certificate authentication id object unique identifier distinguished name string name of the resource public ip string output field public ip external data set object response data external data reference object response data interfaces object output field interfaces interfaces name string name of the resource interfaces link state object output field interfaces link state interfaces address string output field interfaces address interfaces cidr block object unique identifier interfaces default gateway address object output field interfaces default gateway address interfaces network object output field interfaces network interfaces network href string output field interfaces network href interfaces network name object name of the resource interfaces network detection mode object output field interfaces network detection mode output example {"status code" 200,"response headers" {"date" "mon, 23 oct 2023 18 35 52 gmt","content type" "application/json; charset=utf 8","content length" "270","connection" "keep alive","access control max age" "604800","vary" "accept encoding","content encoding" "gzip","x correlation id" "ebc917c8ac68fc9bfb2c05b7abf10577, 491270c0187293672c0ad339c6678cec","strict transport security" "max age=31536000; includesubdomains, max age=31536000; includesubdomains","x frame options" "deny, deny","x rate limit lim get workloads settings get workloads settings endpoint url /api/v2/orgs/{{org id}}/settings/workloads method get input argument name type required description path parameters org id string required parameters for the get workloads settings action input example {"path parameters" {"org id" "string"}} output parameter type description status code number http status code of the response reason string response reason phrase workload disconnected timeout seconds array output field workload disconnected timeout seconds workload disconnected timeout seconds scope array output field workload disconnected timeout seconds scope workload disconnected timeout seconds scope href string output field workload disconnected timeout seconds scope href workload disconnected timeout seconds value number value for the parameter workload disconnected timeout seconds ven type string type of the resource workload goodbye timeout seconds array output field workload goodbye timeout seconds workload goodbye timeout seconds scope array output field workload goodbye timeout seconds scope workload goodbye timeout seconds scope href string output field workload goodbye timeout seconds scope href workload goodbye timeout seconds value number value for the parameter workload goodbye timeout seconds ven type string type of the resource workload disconnected notification seconds array output field workload disconnected notification seconds workload disconnected notification seconds scope array output field workload disconnected notification seconds scope workload disconnected notification seconds scope href string output field workload disconnected notification seconds scope href workload disconnected notification seconds warning number output field workload disconnected notification seconds warning workload disconnected notification seconds ven type string type of the resource ven uninstall timeout hours array output field ven uninstall timeout hours ven uninstall timeout hours scope array output field ven uninstall timeout hours scope ven uninstall timeout hours scope href string output field ven uninstall timeout hours scope href ven uninstall timeout hours value number value for the parameter output example {"status code" 200,"response headers" {"date" "mon, 23 oct 2023 18 35 52 gmt","content type" "application/json; charset=utf 8","content length" "270","connection" "keep alive","access control max age" "604800","vary" "accept encoding","content encoding" "gzip","x correlation id" "ebc917c8ac68fc9bfb2c05b7abf10577, 491270c0187293672c0ad339c6678cec","strict transport security" "max age=31536000; includesubdomains, max age=31536000; includesubdomains","x frame options" "deny, deny","x rate limit lim response headers header description example access control allow headers http response header access control allow headers authorization, x verify credentials authorization, x auth service provider, x twitter client version, content type access control allow methods http response header access control allow methods get,post,put,delete,patch access control allow origin http response header access control allow origin access control max age http response header access control max age 604800 connection http response header connection keep alive content encoding http response header content encoding gzip content length the length of the response body in bytes 270 content type the media type of the resource application/json; charset=utf 8 date the date and time at which the message was originated mon, 23 oct 2023 18 35 52 gmt strict transport security http response header strict transport security max age=31536000; includesubdomains, max age=31536000; includesubdomains vary http response header vary accept encoding x correlation id a unique identifier for correlating requests ebc917c8ac68fc9bfb2c05b7abf10577, 491270c0187293672c0ad339c6678cec x frame options http response header x frame options deny, deny x rate limit limit http response header x rate limit limit 60 x rate limit remain http response header x rate limit remain 59 x rate limit reset http response header x rate limit reset 1698086751362