Fetch Container Details
Shows details of a container.
Input ParametersInput Parameters
|
Parameter |
Mandatory/Optional |
Data Type |
Description |
|---|---|---|---|
|
containerSha |
Mandatory |
string |
Specify the SHA value of a specific container in the user’s scope. |
SampleSample
API request
curl -X "GET"
"<qualys_base_url>/csapi/v1.3/containers/647ae732d98e1bcceb7b02356bd7e873eef13c5916c3a1e9d95700ab893cc09f"
-H "accept: application/json"
-H "Authorization: Bearer <token>"
Response
{
"portMapping": null,
"imageId": "a6c0cb5dbd21",
"created": "1683279176000",
"updated": "1683622183866",
"label": [
{
"key": "io.kubernetes.container.name",
"value": "kube-flannel"
},
{
"key": "io.kubernetes.sandbox.id",
"value":
"48a021247b1d3bf3a2d269c2ff71604f54f4e827ca47584844870ed5591950c4"
},
{
"key": "io.kubernetes.pod.uid",
"value": "5a737762-77c2-4763-9c1c-84c15a2684f0"
}
],
"uuid": "a90b7cb5-c704-3343-b538-74c7807807a2",
"sha":
"647ae732d98e1bcceb7b02356bd7e873eef13c5916c3a1e9d95700ab893cc09f",
"privileged": false,
"path": "/opt/bin/flanneld",
"imageSha":
"a6c0cb5dbd21197123942b3469a881f936fd7735f2dc9a22763b6f777f24345e",
"macAddress": "",
"customerUuid": "6a849349-****-****-****-e****e3a0019",
"ipv4": null,
"ipv6": null,
"name": "k8s_kube-flannel_kube-flannel-ds-mpmq6_kubeflannel_5a737762-77c2-4763-9c1c-84c15a2684f0_0",
"host": {
"sensorUuid": "dae76860-22f7-4ef1-9a67-aef07944d92c",
"hostname": "ip-10-**-9-***",
"ipAddress": "10.**.9.***",
"uuid": "86e028bd-f283-4468-a099-953a6a033728",
"lastUpdated": "2023-05-09T08:47:15.854Z"
},
"hostArchitecture": [
"x86_64"
],
"state": "RUNNING",
"imageUuid": "9baf9f85-f3bf-3259-b8d5-3cd51967d34a",
"containerId": "647ae732d98e",
"stateChanged": "1683528203674",
"services": null,
"users": [
"root"
],
"operatingSystem": "Alpine Linux 3.17.3",
"lastScanned": "1683575890303",
"source": "GENERAL",
"isInstrumented": null,
"environment": [
"POD_NAME=kube-flannel-ds-mpmq6",
"POD_NAMESPACE=kube-flannel",
"KUBERNETES_SERVICE_HOST=10.96.0.1",
"FLANNEL_ARCH=amd64",
"KUBERNETES_PORT_443_TCP_PORT=xxx",
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"EVENT_QUEUE_DEPTH=5000",
"KUBERNETES_SERVICE_PORT=xxx"
],
"arguments": [
"--kube-subnet-mgr",
"--ip-masq"
],
"command": "--ip-masq --kube-subnet-mgr",
"drift": {
"category": [],
"reason": [],
"software": [],
"vulnerability": []
},
"vulnerabilities": [],
"softwares": [
{
"name": "nghttp2-libs",
"version": "1.51.0-r0",
"scanType": null,
"packagePath": null,
"fixVersion": null,
"vulnerabilities": null
},
{
"name": "iproute2-minimal",
"version": "6.0.0-r1",
"scanType": null,
"packagePath": null,
"fixVersion": null,
"vulnerabilities": null
},
],
"isDrift": false,
"isRoot": true,
"lastComplianceScanned": "1683622183866",
"cluster": {
"type": "KUBERNETES",
"k8s": {
"project": null,
"pod": {
"name": "kube-flannel-ds-mpmq6",
"uuid": "5a737762-77c2-4763-9c1c-84c15a2684f0",
"namespace": "kube-flannel",
"namespaceMetadata": {
"labels": [
"label127:value127",
"label117:value117",
"label125:value125",
"label35:value35",
"kubernetes.io/metadata.name:kube-flannel",
"label165:value165",
"label247:value247",
"pod-security.kubernetes.io/enforce:privileged",
"label227:value227"
],
"annotations": [
"kubectl.kubernetes.io/last-appliedconfiguration:{\"apiVersion\":\"v1\",\"kind\":\"Namespace\",\"metadata\":{\"annotations\":{},\"labels\":{\"k8s-app\":\"flannel\",\"podsecurity.kubernetes.io/enforce\":\"privileged\"},\"name\":\"kubeflannel\"}}\n"
]
},
"label": [
{
"key": "tier",
"value": "node"
},
{
"key": "pod-template-generation",
"value": "1"
}
],
"controller": [
{
"uuid": "3224eb6a-9040-4450-bfcf-6c969702bf79",
"name": "kube-flannel-ds",
"type": "DaemonSet"
}
]
},
"node": {
"name": "ip-10-**-9-***",
"isMaster": false
}
},
"version": "v1.26.3"
},
"cloudProvider": {
"aws.ecs.container.subnetId": null,
"aws.ec2.instanceId": "i-0ab8d3318979f529c",
"aws.ecs.clusterName": null,
"aws.ecs.container.macAddress": null,
"aws.ecs.region.code": null,
"aws.ecs.container.id": null,
"aws.ecs.accountId": null
}
"exceptions": [
{
"uuid": "624efd86-6172-4851-beb1-75cb9b1634fb",
"assignmentType": "CASCADE"
},
{
"uuid": "c0b4ec8d-a186-4f2c-9a6d-3adc3dfb3cff",
"assignmentType": "CASCADE"
},
{
"uuid": "d7b11c61-dcf2-4cf5-b369-8877f1b619c6",
"assignmentType": "MANUAL"
}
{"riskScore": 258,
"riskScoreCalculatedDate": "1722355883371",
"formulaUsed": "MIN (1000 , 2 * ( 1.0 * 64.70 * Pow(10,0.01) + 0.6 *60.04 * Pow(26,0.01) + 0.4 * 44.35 * Pow(147,0.01) + 0.2 *36.20*Pow(5,0.01) ))",
"maxQdsScore": 87,
"qdsSeverity": "CRITICAL"
"criticality": 3,
"criticalityUpdated": 1717098843553,
}
]
}
Error Response
The following error response is seen when the sub-users don't have permission to the specified containerSha.
{
"errorCode": "403 FORBIDDEN",
"message": "Request Forbidden",
"timestamp": 1700721586546
}
Sample for AWS FargateSample for AWS Fargate
This sample includes container details for AWS Fargate. Therefore, you’ll see the source value as “SERVERLESS_FARGATE” and the AWS ECS cloudProvider fields in the response.
API request
curl -X "GET"
"<qualys_base_url>/csapi/v1.3/containers/e39c5d55eb8638699f1099c5bd1527df1268aeef3628124e5a9ed6133fb03bba"
-H "accept: application/json"
-H "Authorization: Bearer <token>"
Response
{
"portMapping": null,
"imageId": "544d56423393",
"created": "1685526156673",
"updated": "1685526276307",
"label": null,
"uuid": "8946efb6-9f63-3b24-a4eb-1bb1285db496",
"sha": "e39c5d55eb8638699f1099c5bd1527df1268aeef3628124e5a9ed6133fb03bba",
"privileged": false,
"path": null,
"imageSha": "544d56423393b9eceacb196ea0a043f5940689269a6a6fcc9387a8b9b14f3fcc",
"macAddress": null,
"customerUuid": "6a849349-679f-ef25-8296-e51d4e3a0019",
"ipv4": null,
"ipv6": null,
"name": "wordpress_php80",
"host": null,
"hostArchitecture": null,
"state": "STOPPED",
"imageUuid": "eb82a38d-5ed1-3852-a092-58b24380d011",
"containerId": "e39c5d55eb86",
"stateChanged": "1685526157920",
"services": null,
"users": null,
"operatingSystem": null,
"lastScanned": null,
"source": "SERVERLESS_FARGATE",
"isInstrumented": null,
"environment": null,
"arguments": null,
"command": null,
"drift": null,
"vulnerabilities": [],
"softwares": null,
"isDrift": false,
"isRoot": null,
"lastComplianceScanned": null,
"cluster":{
"type": "KUBERNETES",
"k8s": {
"project": null,
"pod": {
"name": "spring-1",
"uuid": "4a7d3fc3-de97-44eb-85d3-5f661a175337",
"namespace": "default",
"namespaceMetadata": {
"labels": [
"kubernetes.io/metadata.name:default"
],
"annotations": [
"kubernetes.io/metadata.name:test",
"kubernetes.io/metadata.name:default"
]
},
"cloudProvider": {
"aws.ecs.container.subnetId": "subnet-073576bdd0261adda",
"aws.ecs.clusterName": "jack-explore",
"aws.ecs.container.macAddress": "06:**:4*:*0:**:45",
"aws.ecs.region.code": "us-west-2",
"aws.ecs.container.id": "1292cfce-301f-4817-a86f-8da65d431e3b",
"aws.ecs.accountId": "36******0442"
}
"exceptions": [
{
"uuid": "624efd86-6172-4851-beb1-75cb9b1634fb",
"assignmentType": "CASCADE"
},
{
"riskScore": 258,
"riskScoreCalculatedDate": "1722355883371",
"formulaUsed": "MIN (1000 , 2 * ( 1.0 * 64.70 * Pow(10,0.01) + 0.6 *60.04 * Pow(26,0.01) + 0.4 * 44.35 * Pow(147,0.01) + 0.2 *36.20*Pow(5,0.01) ))",
"maxQdsScore": 87,
"qdsSeverity": "CRITICAL"
"criticality": 3,
"criticalityUpdated": 1717098843553,
}
]
}
Error Response
The following error response will be seen when the sub-users don't have permission to the specified containerSha.
{
"errorCode": "403 FORBIDDEN",
"message": "Request Forbidden",
"timestamp": 1700721586546
}