Definitions Update remediations

alsdkdefs/apis/remediations/assets_query.v1.yaml

@@ -875,6 +875,24 @@ paths:
         * `ip_address`
         * `network`
 
+        To get details of an asset by `user_id`, specify the following query parameters:
+
+        * `user_id` (note that this query will execute an exact match and will not normalize the input while searching)
+
+        To get details of an asset by `deployment` and `user_id`, specify the following query parameters:
+
+        * `deployment`
+        * `user_id` (note that this query will execute an exact match and will not normalize the input while searching)
+
+        To get details of an asset by `user_name`, specify the following query parameters:
+
+        * `user_name` (note that this query will execute an exact match and will not normalize the input while searching)
+
+        To get details of an asset by `deployment` and `user_id`, specify the following query parameters:
+
+        * `deployment`
+        * `user_name` (note that this query will execute an exact match and will not normalize the input while searching)
+
         Note that when calling this endpoint with query options `deployment`, `network` and `ip_address` set, if a host is found,
         any subnet that the host isn't related to but it could be (the IP address matches the subnet mask) the additional unrelated
         subnet(s) will be returned under the `subnet` key in the response.
@@ -921,6 +939,26 @@ paths:
           source: |-
             curl "ttps://api.cloudinsight.alertlogic.com/assets_query/v1/12345678/details?uuid=8EB3C34C-4889-4BA1-B615-BAC3FD5138FC&type=remote-source" \
                  -H "x-aims-auth-token: $TOKEN" -H "accept: application/json"
+        - lang: Shell
+          label: User ID
+          source: |-
+            curl "ttps://api.cloudinsight.alertlogic.com/assets_query/v1/12345678/details?user_id=AIDAI2INU2Y52FB2B7JOM" \
+                 -H "x-aims-auth-token: $TOKEN" -H "accept: application/json"
+        - lang: Shell
+          label: User Name
+          source: |-
+            curl "ttps://api.cloudinsight.alertlogic.com/assets_query/v1/12345678/details?user_name=username-5cf2df986ad9411d" \
+                 -H "x-aims-auth-token: $TOKEN" -H "accept: application/json"
+        - lang: Shell
+          label: Deployment, User ID
+          source: |-
+            curl "ttps://api.cloudinsight.alertlogic.com/assets_query/v1/12345678/details?deployment=id:33CB4E47-8FBA-4502-A8F2-F9EE1B566454&user_id=AIDAI2INU2Y52FB2B7JOM" \
+                 -H "x-aims-auth-token: $TOKEN" -H "accept: application/json"
+        - lang: Shell
+          label: Deployment, User Name
+          source: |-
+            curl "ttps://api.cloudinsight.alertlogic.com/assets_query/v1/12345678/details?deployment=id:33CB4E47-8FBA-4502-A8F2-F9EE1B566454&user_name=username-5cf2df986ad9411d" \
+                 -H "x-aims-auth-token: $TOKEN" -H "accept: application/json"
       parameters:
         - $ref: 'parameters.yaml#/UrlParamAccountId'
         - schema:
@@ -1009,6 +1047,18 @@ paths:
           description: |-
             The UUID of the asset `type` being elaborated. The host UUID for a `host` is the UUID
             issued to its associated agent or appliance, and contained in its agent certificate.
+        - schema:
+            type: string
+          in: query
+          name: user_id
+          description: |-
+            The user ID of the user asset being elaborated.
+        - schema:
+            type: string
+          in: query
+          name: user_name
+          description: |-
+            The user name of the user asset being elaborated.
       responses:
         "200":
           description: OK
@@ -1027,6 +1077,8 @@ paths:
                   $ref: 'examples.yaml#/AssetDetailsHostByDeploymentIPNetworkExample'
                 Remote Source Details Success Response:
                   $ref: 'examples.yaml#/AssetDetailsRemoteSource'
+                User by ID/name Details Success Response:
+                  $ref: 'examples.yaml#/AssetDetailsUser'
         "400":
           $ref: 'responses.yaml#/AssetDetailsBadRequest'
         "401":
@@ -1078,6 +1130,24 @@ paths:
         * `ip_address`
         * `network`
 
+        To get details of an asset by `user_id`, specify the following request body fields:
+
+        * `user_id` (note that this query will execute an exact match and will not normalize the input while searching)
+
+        To get details of an asset by `deployment` and `user_id`, specify the following request body fields:
+
+        * `deployment`
+        * `user_id` (note that this query will execute an exact match and will not normalize the input while searching)
+
+        To get details of an asset by `user_name`, specify the following request body fields:
+
+        * `user_name` (note that this query will execute an exact match and will not normalize the input while searching)
+
+        To get details of an asset by `deployment` and `user_id`, specify the following request body fields:
+
+        * `deployment`
+        * `user_name` (note that this query will execute an exact match and will not normalize the input while searching)
+
         Note that when calling this endpoint with query options `deployment`, `network` and `ip_address` set, if a host is found,
         any subnet that the host isn't related to but it could be (the IP address matches the subnet mask) the additional unrelated
         subnet(s) will be returned under the `subnet` key in the response.
@@ -1170,7 +1240,7 @@ paths:
             }
             EOF
         - lang: Shell
-          label: Remote Source
+          label: 'Remote Source'
           source: |-
             curl "https://api.cloudinsight.alertlogic.com/assets_query/v1/12345678/details" \
                  -X POST -H "x-aims-auth-token: $TOKEN" -H "accept: application/json" -d@- << EOF
@@ -1179,6 +1249,45 @@ paths:
               "type": "remote-source"
             }
             EOF
+        - lang: Shell
+          label: 'User ID'
+          source: |-
+            curl "https://api.cloudinsight.alertlogic.com/assets_query/v1/12345678/details" \
+                 -X POST -H "x-aims-auth-token: $TOKEN" -H "accept: application/json" -d@- << EOF
+            {
+              "user_id": "AIDAI2INU2Y52FB2B7JOM"
+            }
+            EOF     
+        - lang: Shell
+          label: 'User Name'
+          source: |-
+            curl "https://api.cloudinsight.alertlogic.com/assets_query/v1/12345678/details" \
+                 -X POST -H "x-aims-auth-token: $TOKEN" -H "accept: application/json" -d@- << EOF
+            {
+              "user_name": "username-5cf2df986ad941"
+            }
+            EOF
+        - lang: Shell
+          label: 'Deployment, User ID'
+          source: |-
+            curl "https://api.cloudinsight.alertlogic.com/assets_query/v1/12345678/details" \
+                 -X POST -H "x-aims-auth-token: $TOKEN" -H "accept: application/json" -d@- << EOF
+            {
+              "deployment": "id:33CB4E47-8FBA-4502-A8F2-F9EE1B566454"
+              "user_id": "AIDAI2INU2Y52FB2B7JOM"
+            }
+            EOF
+        - lang: Shell
+          label: 'Deployment, User Name'
+          source: |-
+            curl "https://api.cloudinsight.alertlogic.com/assets_query/v1/12345678/details" \
+                 -X POST -H "x-aims-auth-token: $TOKEN" -H "accept: application/json" -d@- << EOF
+            {
+              "deployment": "id:33CB4E47-8FBA-4502-A8F2-F9EE1B566454"
+              "user_naem": "username-5cf2df986ad9411"
+            }
+            EOF
+
       parameters:
         - $ref: parameters.yaml#/UrlParamAccountId
       responses:
@@ -1199,6 +1308,8 @@ paths:
                   $ref: examples.yaml#/AssetDetailsHostByDeploymentIPNetworkExample
                 Remote Source Details Success Response:
                   $ref: examples.yaml#/AssetDetailsRemoteSource
+                User by ID/name Details Success Response:
+                  $ref: 'examples.yaml#/AssetDetailsUser'
         '400':
           $ref: responses.yaml#/AssetDetailsBadRequest
         '401':

alsdkdefs/apis/remediations/examples.yaml

@@ -1280,7 +1280,58 @@ AssetDetailsRemoteSource:
       declared: true
       created_on: 1599744832188
       account_id: '12345678'
-
+AssetDetailsUser:
+  value:
+    deployment:
+      account_id: '12345678'
+      created_on: 1525784980749
+      declared: true
+      deleted_on: 0
+      deployment_id: 33CB4E47-8FBA-4502-A8F2-F9EE1B566454
+      in_scope: false
+      key: "/al/12345678/deployment/aws/33CB4E47-8FBA-4502-A8F2-F9EE1B566454"
+      modified_on: 1525784980749
+      native_account_id: '01000002'
+      native_type: deployment
+      path:
+      - deployment:33CB4E47-8FBA-4502-A8F2-F9EE1B566454
+      scope_aws_native_account_id: '01000002'
+      tag_keys: {}
+      tags: {}
+      threat_level: 0
+      threatiness: 0
+      type: deployment
+      version: 1
+    key: "/aws/12345678/user/user_name-5cf2df986ad9411d"
+    type: user
+    user:
+      "/aws/12345678/user/user_name-5cf2df986ad9411d":
+        asset:
+          account_id: '68780934'
+          created_on: 1627996065231
+          declared: true
+          deleted_on: 0
+          deployment_id: 33CB4E47-8FBA-4502-A8F2-F9EE1B566454
+          has_password: false
+          in_scope: false
+          key: "/aws/12345678/user/user_name-5cf2df986ad9411d"
+          modified_on: 1627996065231
+          name: user_name-5cf2df986ad9411d
+          native_type: user
+          path:
+          - deployment:33CB4E47-8FBA-4502-A8F2-F9EE1B566454
+          scope_aws_has_password: false
+          scope_aws_user_id: AIDAI2INU2Y52FB2B7JOM
+          scope_aws_user_name: user_name-5cf2df986ad9411d
+          tag_keys: {}
+          tags: {}
+          threat_level: 0
+          threatiness: 0
+          type: user
+          user_id: AIDAI2INU2Y52FB2B7JOM
+          user_name: user_name-5cf2df986ad9411d
+          version: 1
+        related: {}
 
 AgentCollectionHealthNoDeploymentExample:
   value: