Shows details of a container.
|
Parameter |
Mandatory/Optional |
Data Type |
Description |
|---|---|---|---|
|
containerSha |
Mandatory |
string |
Specify the SHA value of a specific container in the user’s scope. |
API request
curl -X "GET"
"<qualys_base_url>/csapi/v1.3/containers/647ae732d98e1bcceb7b02356bd7e873eef13c5916c3a1e9d95700ab893cc09f"
-H "accept: application/json"
-H "Authorization: Bearer <token>"
Response
{
"portMapping": null,
"imageId": "a6c0cb5dbd21",
"created": "1683279176000",
"updated": "1683622183866",
"label": [
{
"key": "io.kubernetes.container.name",
"value": "kube-flannel"
},
{
"key": "annotation.io.kubernetes.container.terminationMessagePath",
"value": "/dev/termination-log"
},
{
"key": "annotation.io.kubernetes.container.hash",
"value": "8f3412d9"
},
{
"key": "io.kubernetes.pod.namespace",
"value": "kube-flannel"
},
{
"key": "annotation.io.kubernetes.pod.terminationGracePeriod",
"value": "30"
},
{
"key": "io.kubernetes.container.logpath",
"value": "/var/log/pods/kube-flannel_kube-flannel-ds-mpmq6_5a737762-77c2-4763-9c1c-84c15a2684f0/kube-flannel/0.log"
},
{
"key": "io.kubernetes.sandbox.id",
"value": "48a021247b1d3bf3a2d269c2ff71604f54f4e827ca47584844870ed5591950c4"
},
{
"key": "annotation.io.kubernetes.container.restartCount",
"value": "0"
},
{
"key": "annotation.io.kubernetes.container.terminationMessagePolicy",
"value": "File"
},
{
"key": "io.kubernetes.pod.name",
"value": "kube-flannel-ds-mpmq6"
},
{
"key": "io.kubernetes.docker.type",
"value": "container"
},
{
"key": "io.kubernetes.pod.uid",
"value": "5a737762-77c2-4763-9c1c-84c15a2684f0"
}
],
"uuid": "a90b7cb5-c704-3343-b538-74c7807807a2",
"sha": "647ae732d98e1bcceb7b02356bd7e873eef13c5916c3a1e9d95700ab893cc09f",
"privileged": false,
"path": "/opt/bin/flanneld",
"imageSha": "a6c0cb5dbd21197123942b3469a881f936fd7735f2dc9a22763b6f777f24345e",
"macAddress": "",
"customerUuid": "6a849349-679f-ef25-8296-e51d4e3a0019",
"ipv4": null,
"ipv6": null,
"name": "k8s_kube-flannel_kube-flannel-ds-mpmq6_kube-flannel_5a737762-77c2-4763-9c1c-84c15a2684f0_0",
"host": {
"sensorUuid": "dae76860-22f7-4ef1-9a67-aef07944d92c",
"hostname": "ip-10-82-9-150",
"ipAddress": "10.82.9.150",
"uuid": "86e028bd-f283-4468-a099-953a6a033728",
"lastUpdated": "2023-05-09T08:47:15.854Z"
},
"hostArchitecture": [
"x86_64"
],
"state": "RUNNING",
"imageUuid": "9baf9f85-f3bf-3259-b8d5-3cd51967d34a",
"containerId": "647ae732d98e",
"stateChanged": "1683528203674",
"services": null,
"users": [
"root"
],
"operatingSystem": "Alpine Linux 3.17.3",
"lastScanned": "1683575890303",
"source": "GENERAL",
"isInstrumented": null,
"environment": [
"KUBERNETES_PORT_443_TCP_PROTO=tcp",
"KUBERNETES_PORT_443_TCP_ADDR=10.96.0.1",
"KUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443",
"KUBERNETES_PORT=tcp://10.96.0.1:443",
"KUBERNETES_SERVICE_PORT_HTTPS=443",
"POD_NAME=kube-flannel-ds-mpmq6",
"POD_NAMESPACE=kube-flannel",
"KUBERNETES_SERVICE_HOST=10.96.0.1",
"FLANNEL_ARCH=amd64",
"KUBERNETES_PORT_443_TCP_PORT=443",
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"EVENT_QUEUE_DEPTH=5000",
"KUBERNETES_SERVICE_PORT=443"
],
"arguments": [
"--kube-subnet-mgr",
"--ip-masq"
],
"command": "--ip-masq --kube-subnet-mgr",
"drift": {
"category": [],
"reason": [],
"software": [],
"vulnerability": []
},
"vulnerabilities": [],
"softwares": [
{
"name": "nghttp2-libs",
"version": "1.51.0-r0",
"scanType": null,
"packagePath": null,
"fixVersion": null,
"vulnerabilities": null
},
{
"name": "readline",
"version": "8.2.0-r0",
"scanType": null,
"packagePath": null,
"fixVersion": null,
"vulnerabilities": null
},
{
"name": "libcap2",
"version": "2.66-r0",
"scanType": null,
"packagePath": null,
"fixVersion": null,
"vulnerabilities": null
},
{
"name": "ca-certificates",
"version": "20220614-r4",
"scanType": null,
"packagePath": null,
"fixVersion": null,
"vulnerabilities": null
},
{
"name": "iproute2-minimal",
"version": "6.0.0-r1",
"scanType": null,
"packagePath": null,
"fixVersion": null,
"vulnerabilities": null
},
{
"name": "musl-fts",
"version": "1.2.7-r3",
"scanType": null,
"packagePath": null,
"fixVersion": null,
"vulnerabilities": null
},
{
"name": "brotli-libs",
"version": "1.0.9-r9",
"scanType": null,
"packagePath": null,
"fixVersion": null,
"vulnerabilities": null
},
{
"name": "libssl3",
"version": "3.0.8-r4",
"scanType": null,
"packagePath": null,
"fixVersion": null,
"vulnerabilities": null
},
{
"name": "apk-tools",
"version": "2.12.10-r1",
"scanType": null,
"packagePath": null,
"fixVersion": null,
"vulnerabilities": null
}
],
"isDrift": false,
"isRoot": true,
"lastComplianceScanned": "1683622183866",
"cluster": {
"type": "KUBERNETES",
"k8s": {
"project": null,
"pod": {
"name": "kube-flannel-ds-mpmq6",
"uuid": "5a737762-77c2-4763-9c1c-84c15a2684f0",
"namespace": "kube-flannel",
"namespaceMetadata": {
"labels": [
"label127:value127",
"label117:value117",
"label104:value104",
"label24:value24",
"label170:value170",
"label125:value125",
"label35:value35",
"kubernetes.io/metadata.name:kube-flannel",
"label165:value165",
"label155:value155",
"label228:value228",
"label145:value145",
"label218:value218",
"label58:value58",
"label184:value184",
"label136:value136",
"label247:value247",
"pod-security.kubernetes.io/enforce:privileged",
"label164:value164",
"label110:value110",
"label221:value221",
"label116:value116",
"label227:value227"
],
"annotations": [
"kubectl.kubernetes.io/last-applied-configuration:{\"apiVersion\":\"v1\",\"kind\":\"Namespace\",\"metadata\":{\"annotations\":{},\"labels\":{\"k8s-app\":\"flannel\",\"pod-security.kubernetes.io/enforce\":\"privileged\"},\"name\":\"kube-flannel\"}}\n"
]
},
"label": [
{
"key": "tier",
"value": "node"
},
{
"key": "controller-revision-hash",
"value": "5f95689cf6"
},
{
"key": "app",
"value": "flannel"
},
{
"key": "pod-template-generation",
"value": "1"
}
],
"controller": [
{
"uuid": "3224eb6a-9040-4450-bfcf-6c969702bf79",
"name": "kube-flannel-ds",
"type": "DaemonSet"
}
]
},
"node": {
"name": "ip-10-82-9-150",
"isMaster": false
}
},
"version": "v1.26.3"
},
"cloudProvider": {
"aws.ecs.container.subnetId": null,
"aws.ec2.instanceId": "i-0ab8d3318979f529c",
"aws.ecs.clusterName": null,
"aws.ecs.container.macAddress": null,
"aws.ecs.region.code": null,
"aws.ecs.container.id": null,
"aws.ecs.accountId": null
}
"exceptions": [
{
"uuid": "624efd86-6172-4851-beb1-75cb9b1634fb",
"assignmentType": "CASCADE"
},
{
"uuid": "c0b4ec8d-a186-4f2c-9a6d-3adc3dfb3cff",
"assignmentType": "CASCADE"
},
{
"uuid": "d7b11c61-dcf2-4cf5-b369-8877f1b619c6",
"assignmentType": "MANUAL"
}
]
}
Error Response
The following error response is seen when the sub-users don't have permission to the specified containerSha.
{
"errorCode": "403 FORBIDDEN",
"message": "Request Forbidden",
"timestamp": 1700721586546
}
This sample includes container details for AWS Fargate. Therefore, you’ll see the source value as “SERVERLESS_FARGATE” and the AWS ECS cloudProvider fields in the response.
API request
curl -X "GET"
"<qualys_base_url>/csapi/v1.3/containers/e39c5d55eb8638699f1099c5bd1527df1268aeef3628124e5a9ed6133fb03bba"
-H "accept: application/json"
-H "Authorization: Bearer <token>"
Response
{
"portMapping": null,
"imageId": "544d56423393",
"created": "1685526156673",
"updated": "1685526276307",
"label": null,
"uuid": "8946efb6-9f63-3b24-a4eb-1bb1285db496",
"sha": "e39c5d55eb8638699f1099c5bd1527df1268aeef3628124e5a9ed6133fb03bba",
"privileged": false,
"path": null,
"imageSha": "544d56423393b9eceacb196ea0a043f5940689269a6a6fcc9387a8b9b14f3fcc",
"macAddress": null,
"customerUuid": "6a849349-679f-ef25-8296-e51d4e3a0019",
"ipv4": null,
"ipv6": null,
"name": "wordpress_php80",
"host": null,
"hostArchitecture": null,
"state": "STOPPED",
"imageUuid": "eb82a38d-5ed1-3852-a092-58b24380d011",
"containerId": "e39c5d55eb86",
"stateChanged": "1685526157920",
"services": null,
"users": null,
"operatingSystem": null,
"lastScanned": null,
"source": "SERVERLESS_FARGATE",
"isInstrumented": null,
"environment": null,
"arguments": null,
"command": null,
"drift": null,
"vulnerabilities": [],
"softwares": null,
"isDrift": false,
"isRoot": null,
"lastComplianceScanned": null,
"cluster": null,
"cloudProvider": {
"aws.ecs.container.subnetId": "subnet-073576bdd0261adda",
"aws.ecs.clusterName": "prachi-explore",
"aws.ecs.container.macAddress": "06:37:49:70:f2:45",
"aws.ecs.region.code": "us-west-2",
"aws.ecs.container.id": "1292cfce-301f-4817-a86f-8da65d431e3b",
"aws.ecs.accountId": "362990800442"
}
"exceptions": null
}
Error Response
The following error response will be seen when the sub-users don't have permission to the specified containerSha.
{
"errorCode": "403 FORBIDDEN",
"message": "Request Forbidden",
"timestamp": 1700721586546
}