Summary

This article explains how to create and delete Enforcer groups using API commands


Environment

Aqua Enterprise


Solution

 

Deployment Task

Fully manage Enforcer groups in your original deployment through API. (You will probably do this for automation purposes.)  

  

Deployment Steps  

In order to create an Enforcer Group, you will need to use POST /api/v1/hostsbatch
If you will not provide a “token” value it will automatically be recognised as the default Enforcer Group. Check this Request payload:
 

{  

    "id": "enforcer-group-test",  

    "logicalname": "enforcer-group-test",  

    "hostname": "enforcer-group-test",  

    "token": "",  

    "enforce": false,  

    "container_activity_protection": true,  

    "network_protection": true,  

    "user_access_control": true,  

    "image_assurance": true,  

    "host_protection": true,  

    "audit_failed_login": true,  

    "audit_success_login": true,  

    "allowed_labels": [],  

    "allowed_registries": [],  

    "gateways": [  

         "aqua-gateway-79898d9bfd-hkw97_gateway"  

    ],  

    "type": "agent",  

    "orchestrator": {  

        "type": "kubernetes",  

        "service_account": "aqua",  

        "namespace": "aqua-security"  

    },  

    "host_os": "Linux",  

    "syscall_enabled": true,  

    "runtime_type": "docker",  

    "sync_host_images": true  

}  

  

In order to remove an Enforcer Group, take the following steps:

  

  1. Be sure that no Enforcer still belongs to this group. Delete the following Enforcers:   
     
    GET /api/v1/hosts (to get the {host id})  
    DELETE /api/v1/hosts/{host id}  

  

  1. Obtain the actual Enforcer group name from the GUI and use this call:   
     
    DELETE /api/v1/hosts/{Enforcer Group Name}  
     
      

Related information