diff --git a/.apigentools-info b/.apigentools-info index ee3b5d1a41dfa..5229d8c0c2b56 100644 --- a/.apigentools-info +++ b/.apigentools-info @@ -4,13 +4,13 @@ "spec_versions": { "v1": { "apigentools_version": "1.6.6", - "regenerated": "2025-06-17 18:24:17.637707", - "spec_repo_commit": "b1a1c000" + "regenerated": "2025-06-18 09:44:54.032445", + "spec_repo_commit": "b6151f30" }, "v2": { "apigentools_version": "1.6.6", - "regenerated": "2025-06-17 18:24:26.946951", - "spec_repo_commit": "b1a1c000" + "regenerated": "2025-06-18 09:45:03.480594", + "spec_repo_commit": "b6151f30" } } } \ No newline at end of file diff --git a/content/en/api/v2/csm-threats/examples.json b/content/en/api/v2/csm-threats/examples.json index 74300d238f531..5e54749afff10 100644 --- a/content/en/api/v2/csm-threats/examples.json +++ b/content/en/api/v2/csm-threats/examples.json @@ -9,6 +9,7 @@ "actions": [ { "filter": "string", + "hash": {}, "kill": { "signal": "string" }, @@ -60,7 +61,7 @@ } ] }, - "html": "
data
\n[object]
A list of Agent rules objects
attributes
\nobject
A Cloud Workload Security Agent rule returned by the API
actions
\n[object]
The array of actions the rule can perform if triggered
filter
\nstring
SECL expression used to target the container to apply the action on
kill
\nobject
Kill system call applied on the container matching the rule
signal
\nstring
Supported signals for the kill system call
metadata
\nobject
The metadata action applied on the scope matching the rule
image_tag
\nstring
The image tag of the metadata action
service
\nstring
The service of the metadata action
short_image
\nstring
The short image of the metadata action
set
\nobject
The set action applied on the scope matching the rule
append
\nboolean
Whether the value should be appended to the field
field
\nstring
The field of the set action
name
\nstring
The name of the set action
scope
\nstring
The scope of the set action
size
\nint64
The size of the set action
ttl
\nint64
The time to live of the set action
value
\nstring
The value of the set action
agentConstraint
\nstring
The version of the Agent
blocking
\n[string]
The blocking policies that the rule belongs to
category
\nstring
The category of the Agent rule
creationAuthorUuId
\nstring
The ID of the user who created the rule
creationDate
\nint64
When the Agent rule was created, timestamp in milliseconds
creator
\nobject
The attributes of the user who created the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
defaultRule
\nboolean
Whether the rule is included by default
description
\nstring
The description of the Agent rule
disabled
\n[string]
The disabled policies that the rule belongs to
enabled
\nboolean
Whether the Agent rule is enabled
expression
\nstring
The SECL expression of the Agent rule
filters
\n[string]
The platforms the Agent rule is supported on
monitoring
\n[string]
The monitoring policies that the rule belongs to
name
\nstring
The name of the Agent rule
product_tags
\n[string]
The list of product tags associated with the rule
updateAuthorUuId
\nstring
The ID of the user who updated the rule
updateDate
\nint64
Timestamp in milliseconds when the Agent rule was last updated
updatedAt
\nint64
When the Agent rule was last updated, timestamp in milliseconds
updater
\nobject
The attributes of the user who last updated the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
version
\nint64
The version of the Agent rule
id
\nstring
The ID of the Agent rule
type
\nenum
The type of the resource, must always be agent_rule
\nAllowed enum values: agent_rule
default: agent_rule
data
\n[object]
A list of Agent rules objects
attributes
\nobject
A Cloud Workload Security Agent rule returned by the API
actions
\n[object]
The array of actions the rule can perform if triggered
filter
\nstring
SECL expression used to target the container to apply the action on
hash
\nobject
An empty object indicating the hash action
kill
\nobject
Kill system call applied on the container matching the rule
signal
\nstring
Supported signals for the kill system call
metadata
\nobject
The metadata action applied on the scope matching the rule
image_tag
\nstring
The image tag of the metadata action
service
\nstring
The service of the metadata action
short_image
\nstring
The short image of the metadata action
set
\nobject
The set action applied on the scope matching the rule
append
\nboolean
Whether the value should be appended to the field
field
\nstring
The field of the set action
name
\nstring
The name of the set action
scope
\nstring
The scope of the set action
size
\nint64
The size of the set action
ttl
\nint64
The time to live of the set action
value
\nstring
The value of the set action
agentConstraint
\nstring
The version of the Agent
blocking
\n[string]
The blocking policies that the rule belongs to
category
\nstring
The category of the Agent rule
creationAuthorUuId
\nstring
The ID of the user who created the rule
creationDate
\nint64
When the Agent rule was created, timestamp in milliseconds
creator
\nobject
The attributes of the user who created the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
defaultRule
\nboolean
Whether the rule is included by default
description
\nstring
The description of the Agent rule
disabled
\n[string]
The disabled policies that the rule belongs to
enabled
\nboolean
Whether the Agent rule is enabled
expression
\nstring
The SECL expression of the Agent rule
filters
\n[string]
The platforms the Agent rule is supported on
monitoring
\n[string]
The monitoring policies that the rule belongs to
name
\nstring
The name of the Agent rule
product_tags
\n[string]
The list of product tags associated with the rule
updateAuthorUuId
\nstring
The ID of the user who updated the rule
updateDate
\nint64
Timestamp in milliseconds when the Agent rule was last updated
updatedAt
\nint64
When the Agent rule was last updated, timestamp in milliseconds
updater
\nobject
The attributes of the user who last updated the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
version
\nint64
The version of the Agent rule
id
\nstring
The ID of the Agent rule
type
\nenum
The type of the resource, must always be agent_rule
\nAllowed enum values: agent_rule
default: agent_rule
data
\nobject
Object for a single Agent rule
attributes
\nobject
A Cloud Workload Security Agent rule returned by the API
actions
\n[object]
The array of actions the rule can perform if triggered
filter
\nstring
SECL expression used to target the container to apply the action on
kill
\nobject
Kill system call applied on the container matching the rule
signal
\nstring
Supported signals for the kill system call
metadata
\nobject
The metadata action applied on the scope matching the rule
image_tag
\nstring
The image tag of the metadata action
service
\nstring
The service of the metadata action
short_image
\nstring
The short image of the metadata action
set
\nobject
The set action applied on the scope matching the rule
append
\nboolean
Whether the value should be appended to the field
field
\nstring
The field of the set action
name
\nstring
The name of the set action
scope
\nstring
The scope of the set action
size
\nint64
The size of the set action
ttl
\nint64
The time to live of the set action
value
\nstring
The value of the set action
agentConstraint
\nstring
The version of the Agent
blocking
\n[string]
The blocking policies that the rule belongs to
category
\nstring
The category of the Agent rule
creationAuthorUuId
\nstring
The ID of the user who created the rule
creationDate
\nint64
When the Agent rule was created, timestamp in milliseconds
creator
\nobject
The attributes of the user who created the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
defaultRule
\nboolean
Whether the rule is included by default
description
\nstring
The description of the Agent rule
disabled
\n[string]
The disabled policies that the rule belongs to
enabled
\nboolean
Whether the Agent rule is enabled
expression
\nstring
The SECL expression of the Agent rule
filters
\n[string]
The platforms the Agent rule is supported on
monitoring
\n[string]
The monitoring policies that the rule belongs to
name
\nstring
The name of the Agent rule
product_tags
\n[string]
The list of product tags associated with the rule
updateAuthorUuId
\nstring
The ID of the user who updated the rule
updateDate
\nint64
Timestamp in milliseconds when the Agent rule was last updated
updatedAt
\nint64
When the Agent rule was last updated, timestamp in milliseconds
updater
\nobject
The attributes of the user who last updated the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
version
\nint64
The version of the Agent rule
id
\nstring
The ID of the Agent rule
type
\nenum
The type of the resource, must always be agent_rule
\nAllowed enum values: agent_rule
default: agent_rule
data
\nobject
Object for a single Agent rule
attributes
\nobject
A Cloud Workload Security Agent rule returned by the API
actions
\n[object]
The array of actions the rule can perform if triggered
filter
\nstring
SECL expression used to target the container to apply the action on
hash
\nobject
An empty object indicating the hash action
kill
\nobject
Kill system call applied on the container matching the rule
signal
\nstring
Supported signals for the kill system call
metadata
\nobject
The metadata action applied on the scope matching the rule
image_tag
\nstring
The image tag of the metadata action
service
\nstring
The service of the metadata action
short_image
\nstring
The short image of the metadata action
set
\nobject
The set action applied on the scope matching the rule
append
\nboolean
Whether the value should be appended to the field
field
\nstring
The field of the set action
name
\nstring
The name of the set action
scope
\nstring
The scope of the set action
size
\nint64
The size of the set action
ttl
\nint64
The time to live of the set action
value
\nstring
The value of the set action
agentConstraint
\nstring
The version of the Agent
blocking
\n[string]
The blocking policies that the rule belongs to
category
\nstring
The category of the Agent rule
creationAuthorUuId
\nstring
The ID of the user who created the rule
creationDate
\nint64
When the Agent rule was created, timestamp in milliseconds
creator
\nobject
The attributes of the user who created the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
defaultRule
\nboolean
Whether the rule is included by default
description
\nstring
The description of the Agent rule
disabled
\n[string]
The disabled policies that the rule belongs to
enabled
\nboolean
Whether the Agent rule is enabled
expression
\nstring
The SECL expression of the Agent rule
filters
\n[string]
The platforms the Agent rule is supported on
monitoring
\n[string]
The monitoring policies that the rule belongs to
name
\nstring
The name of the Agent rule
product_tags
\n[string]
The list of product tags associated with the rule
updateAuthorUuId
\nstring
The ID of the user who updated the rule
updateDate
\nint64
Timestamp in milliseconds when the Agent rule was last updated
updatedAt
\nint64
When the Agent rule was last updated, timestamp in milliseconds
updater
\nobject
The attributes of the user who last updated the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
version
\nint64
The version of the Agent rule
id
\nstring
The ID of the Agent rule
type
\nenum
The type of the resource, must always be agent_rule
\nAllowed enum values: agent_rule
default: agent_rule
data [required]
\nobject
Object for a single Agent rule
attributes [required]
\nobject
Create a new Cloud Workload Security Agent rule.
actions
\n[object]
The array of actions the rule can perform if triggered
filter
\nstring
SECL expression used to target the container to apply the action on
kill
\nobject
Kill system call applied on the container matching the rule
signal
\nstring
Supported signals for the kill system call
metadata
\nobject
The metadata action applied on the scope matching the rule
image_tag
\nstring
The image tag of the metadata action
service
\nstring
The service of the metadata action
short_image
\nstring
The short image of the metadata action
set
\nobject
The set action applied on the scope matching the rule
append
\nboolean
Whether the value should be appended to the field
field
\nstring
The field of the set action
name
\nstring
The name of the set action
scope
\nstring
The scope of the set action
size
\nint64
The size of the set action
ttl
\nint64
The time to live of the set action
value
\nstring
The value of the set action
blocking
\n[string]
The blocking policies that the rule belongs to
description
\nstring
The description of the Agent rule.
disabled
\n[string]
The disabled policies that the rule belongs to
enabled
\nboolean
Whether the Agent rule is enabled
expression [required]
\nstring
The SECL expression of the Agent rule.
filters
\n[string]
The platforms the Agent rule is supported on
monitoring
\n[string]
The monitoring policies that the rule belongs to
name [required]
\nstring
The name of the Agent rule.
policy_id
\nstring
The ID of the policy where the Agent rule is saved
product_tags
\n[string]
The list of product tags associated with the rule
type [required]
\nenum
The type of the resource, must always be agent_rule
\nAllowed enum values: agent_rule
default: agent_rule
data [required]
\nobject
Object for a single Agent rule
attributes [required]
\nobject
Create a new Cloud Workload Security Agent rule.
actions
\n[object]
The array of actions the rule can perform if triggered
filter
\nstring
SECL expression used to target the container to apply the action on
hash
\nobject
An empty object indicating the hash action
kill
\nobject
Kill system call applied on the container matching the rule
signal
\nstring
Supported signals for the kill system call
metadata
\nobject
The metadata action applied on the scope matching the rule
image_tag
\nstring
The image tag of the metadata action
service
\nstring
The service of the metadata action
short_image
\nstring
The short image of the metadata action
set
\nobject
The set action applied on the scope matching the rule
append
\nboolean
Whether the value should be appended to the field
field
\nstring
The field of the set action
name
\nstring
The name of the set action
scope
\nstring
The scope of the set action
size
\nint64
The size of the set action
ttl
\nint64
The time to live of the set action
value
\nstring
The value of the set action
blocking
\n[string]
The blocking policies that the rule belongs to
description
\nstring
The description of the Agent rule.
disabled
\n[string]
The disabled policies that the rule belongs to
enabled
\nboolean
Whether the Agent rule is enabled
expression [required]
\nstring
The SECL expression of the Agent rule.
filters
\n[string]
The platforms the Agent rule is supported on
monitoring
\n[string]
The monitoring policies that the rule belongs to
name [required]
\nstring
The name of the Agent rule.
policy_id
\nstring
The ID of the policy where the Agent rule is saved
product_tags
\n[string]
The list of product tags associated with the rule
type [required]
\nenum
The type of the resource, must always be agent_rule
\nAllowed enum values: agent_rule
default: agent_rule
data
\nobject
Object for a single Agent rule
attributes
\nobject
A Cloud Workload Security Agent rule returned by the API
actions
\n[object]
The array of actions the rule can perform if triggered
filter
\nstring
SECL expression used to target the container to apply the action on
kill
\nobject
Kill system call applied on the container matching the rule
signal
\nstring
Supported signals for the kill system call
metadata
\nobject
The metadata action applied on the scope matching the rule
image_tag
\nstring
The image tag of the metadata action
service
\nstring
The service of the metadata action
short_image
\nstring
The short image of the metadata action
set
\nobject
The set action applied on the scope matching the rule
append
\nboolean
Whether the value should be appended to the field
field
\nstring
The field of the set action
name
\nstring
The name of the set action
scope
\nstring
The scope of the set action
size
\nint64
The size of the set action
ttl
\nint64
The time to live of the set action
value
\nstring
The value of the set action
agentConstraint
\nstring
The version of the Agent
blocking
\n[string]
The blocking policies that the rule belongs to
category
\nstring
The category of the Agent rule
creationAuthorUuId
\nstring
The ID of the user who created the rule
creationDate
\nint64
When the Agent rule was created, timestamp in milliseconds
creator
\nobject
The attributes of the user who created the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
defaultRule
\nboolean
Whether the rule is included by default
description
\nstring
The description of the Agent rule
disabled
\n[string]
The disabled policies that the rule belongs to
enabled
\nboolean
Whether the Agent rule is enabled
expression
\nstring
The SECL expression of the Agent rule
filters
\n[string]
The platforms the Agent rule is supported on
monitoring
\n[string]
The monitoring policies that the rule belongs to
name
\nstring
The name of the Agent rule
product_tags
\n[string]
The list of product tags associated with the rule
updateAuthorUuId
\nstring
The ID of the user who updated the rule
updateDate
\nint64
Timestamp in milliseconds when the Agent rule was last updated
updatedAt
\nint64
When the Agent rule was last updated, timestamp in milliseconds
updater
\nobject
The attributes of the user who last updated the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
version
\nint64
The version of the Agent rule
id
\nstring
The ID of the Agent rule
type
\nenum
The type of the resource, must always be agent_rule
\nAllowed enum values: agent_rule
default: agent_rule
data
\nobject
Object for a single Agent rule
attributes
\nobject
A Cloud Workload Security Agent rule returned by the API
actions
\n[object]
The array of actions the rule can perform if triggered
filter
\nstring
SECL expression used to target the container to apply the action on
hash
\nobject
An empty object indicating the hash action
kill
\nobject
Kill system call applied on the container matching the rule
signal
\nstring
Supported signals for the kill system call
metadata
\nobject
The metadata action applied on the scope matching the rule
image_tag
\nstring
The image tag of the metadata action
service
\nstring
The service of the metadata action
short_image
\nstring
The short image of the metadata action
set
\nobject
The set action applied on the scope matching the rule
append
\nboolean
Whether the value should be appended to the field
field
\nstring
The field of the set action
name
\nstring
The name of the set action
scope
\nstring
The scope of the set action
size
\nint64
The size of the set action
ttl
\nint64
The time to live of the set action
value
\nstring
The value of the set action
agentConstraint
\nstring
The version of the Agent
blocking
\n[string]
The blocking policies that the rule belongs to
category
\nstring
The category of the Agent rule
creationAuthorUuId
\nstring
The ID of the user who created the rule
creationDate
\nint64
When the Agent rule was created, timestamp in milliseconds
creator
\nobject
The attributes of the user who created the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
defaultRule
\nboolean
Whether the rule is included by default
description
\nstring
The description of the Agent rule
disabled
\n[string]
The disabled policies that the rule belongs to
enabled
\nboolean
Whether the Agent rule is enabled
expression
\nstring
The SECL expression of the Agent rule
filters
\n[string]
The platforms the Agent rule is supported on
monitoring
\n[string]
The monitoring policies that the rule belongs to
name
\nstring
The name of the Agent rule
product_tags
\n[string]
The list of product tags associated with the rule
updateAuthorUuId
\nstring
The ID of the user who updated the rule
updateDate
\nint64
Timestamp in milliseconds when the Agent rule was last updated
updatedAt
\nint64
When the Agent rule was last updated, timestamp in milliseconds
updater
\nobject
The attributes of the user who last updated the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
version
\nint64
The version of the Agent rule
id
\nstring
The ID of the Agent rule
type
\nenum
The type of the resource, must always be agent_rule
\nAllowed enum values: agent_rule
default: agent_rule
data
\nobject
Object for a single Agent rule
attributes
\nobject
A Cloud Workload Security Agent rule returned by the API
actions
\n[object]
The array of actions the rule can perform if triggered
filter
\nstring
SECL expression used to target the container to apply the action on
kill
\nobject
Kill system call applied on the container matching the rule
signal
\nstring
Supported signals for the kill system call
metadata
\nobject
The metadata action applied on the scope matching the rule
image_tag
\nstring
The image tag of the metadata action
service
\nstring
The service of the metadata action
short_image
\nstring
The short image of the metadata action
set
\nobject
The set action applied on the scope matching the rule
append
\nboolean
Whether the value should be appended to the field
field
\nstring
The field of the set action
name
\nstring
The name of the set action
scope
\nstring
The scope of the set action
size
\nint64
The size of the set action
ttl
\nint64
The time to live of the set action
value
\nstring
The value of the set action
agentConstraint
\nstring
The version of the Agent
blocking
\n[string]
The blocking policies that the rule belongs to
category
\nstring
The category of the Agent rule
creationAuthorUuId
\nstring
The ID of the user who created the rule
creationDate
\nint64
When the Agent rule was created, timestamp in milliseconds
creator
\nobject
The attributes of the user who created the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
defaultRule
\nboolean
Whether the rule is included by default
description
\nstring
The description of the Agent rule
disabled
\n[string]
The disabled policies that the rule belongs to
enabled
\nboolean
Whether the Agent rule is enabled
expression
\nstring
The SECL expression of the Agent rule
filters
\n[string]
The platforms the Agent rule is supported on
monitoring
\n[string]
The monitoring policies that the rule belongs to
name
\nstring
The name of the Agent rule
product_tags
\n[string]
The list of product tags associated with the rule
updateAuthorUuId
\nstring
The ID of the user who updated the rule
updateDate
\nint64
Timestamp in milliseconds when the Agent rule was last updated
updatedAt
\nint64
When the Agent rule was last updated, timestamp in milliseconds
updater
\nobject
The attributes of the user who last updated the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
version
\nint64
The version of the Agent rule
id
\nstring
The ID of the Agent rule
type
\nenum
The type of the resource, must always be agent_rule
\nAllowed enum values: agent_rule
default: agent_rule
data
\nobject
Object for a single Agent rule
attributes
\nobject
A Cloud Workload Security Agent rule returned by the API
actions
\n[object]
The array of actions the rule can perform if triggered
filter
\nstring
SECL expression used to target the container to apply the action on
hash
\nobject
An empty object indicating the hash action
kill
\nobject
Kill system call applied on the container matching the rule
signal
\nstring
Supported signals for the kill system call
metadata
\nobject
The metadata action applied on the scope matching the rule
image_tag
\nstring
The image tag of the metadata action
service
\nstring
The service of the metadata action
short_image
\nstring
The short image of the metadata action
set
\nobject
The set action applied on the scope matching the rule
append
\nboolean
Whether the value should be appended to the field
field
\nstring
The field of the set action
name
\nstring
The name of the set action
scope
\nstring
The scope of the set action
size
\nint64
The size of the set action
ttl
\nint64
The time to live of the set action
value
\nstring
The value of the set action
agentConstraint
\nstring
The version of the Agent
blocking
\n[string]
The blocking policies that the rule belongs to
category
\nstring
The category of the Agent rule
creationAuthorUuId
\nstring
The ID of the user who created the rule
creationDate
\nint64
When the Agent rule was created, timestamp in milliseconds
creator
\nobject
The attributes of the user who created the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
defaultRule
\nboolean
Whether the rule is included by default
description
\nstring
The description of the Agent rule
disabled
\n[string]
The disabled policies that the rule belongs to
enabled
\nboolean
Whether the Agent rule is enabled
expression
\nstring
The SECL expression of the Agent rule
filters
\n[string]
The platforms the Agent rule is supported on
monitoring
\n[string]
The monitoring policies that the rule belongs to
name
\nstring
The name of the Agent rule
product_tags
\n[string]
The list of product tags associated with the rule
updateAuthorUuId
\nstring
The ID of the user who updated the rule
updateDate
\nint64
Timestamp in milliseconds when the Agent rule was last updated
updatedAt
\nint64
When the Agent rule was last updated, timestamp in milliseconds
updater
\nobject
The attributes of the user who last updated the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
version
\nint64
The version of the Agent rule
id
\nstring
The ID of the Agent rule
type
\nenum
The type of the resource, must always be agent_rule
\nAllowed enum values: agent_rule
default: agent_rule
data [required]
\nobject
Object for a single Agent rule
attributes [required]
\nobject
Update an existing Cloud Workload Security Agent rule
actions
\n[object]
The array of actions the rule can perform if triggered
filter
\nstring
SECL expression used to target the container to apply the action on
kill
\nobject
Kill system call applied on the container matching the rule
signal
\nstring
Supported signals for the kill system call
metadata
\nobject
The metadata action applied on the scope matching the rule
image_tag
\nstring
The image tag of the metadata action
service
\nstring
The service of the metadata action
short_image
\nstring
The short image of the metadata action
set
\nobject
The set action applied on the scope matching the rule
append
\nboolean
Whether the value should be appended to the field
field
\nstring
The field of the set action
name
\nstring
The name of the set action
scope
\nstring
The scope of the set action
size
\nint64
The size of the set action
ttl
\nint64
The time to live of the set action
value
\nstring
The value of the set action
blocking
\n[string]
The blocking policies that the rule belongs to
description
\nstring
The description of the Agent rule
disabled
\n[string]
The disabled policies that the rule belongs to
enabled
\nboolean
Whether the Agent rule is enabled
expression
\nstring
The SECL expression of the Agent rule
monitoring
\n[string]
The monitoring policies that the rule belongs to
policy_id
\nstring
The ID of the policy where the Agent rule is saved
product_tags
\n[string]
The list of product tags associated with the rule
id
\nstring
The ID of the Agent rule
type [required]
\nenum
The type of the resource, must always be agent_rule
\nAllowed enum values: agent_rule
default: agent_rule
data [required]
\nobject
Object for a single Agent rule
attributes [required]
\nobject
Update an existing Cloud Workload Security Agent rule
actions
\n[object]
The array of actions the rule can perform if triggered
filter
\nstring
SECL expression used to target the container to apply the action on
hash
\nobject
An empty object indicating the hash action
kill
\nobject
Kill system call applied on the container matching the rule
signal
\nstring
Supported signals for the kill system call
metadata
\nobject
The metadata action applied on the scope matching the rule
image_tag
\nstring
The image tag of the metadata action
service
\nstring
The service of the metadata action
short_image
\nstring
The short image of the metadata action
set
\nobject
The set action applied on the scope matching the rule
append
\nboolean
Whether the value should be appended to the field
field
\nstring
The field of the set action
name
\nstring
The name of the set action
scope
\nstring
The scope of the set action
size
\nint64
The size of the set action
ttl
\nint64
The time to live of the set action
value
\nstring
The value of the set action
blocking
\n[string]
The blocking policies that the rule belongs to
description
\nstring
The description of the Agent rule
disabled
\n[string]
The disabled policies that the rule belongs to
enabled
\nboolean
Whether the Agent rule is enabled
expression
\nstring
The SECL expression of the Agent rule
monitoring
\n[string]
The monitoring policies that the rule belongs to
policy_id
\nstring
The ID of the policy where the Agent rule is saved
product_tags
\n[string]
The list of product tags associated with the rule
id
\nstring
The ID of the Agent rule
type [required]
\nenum
The type of the resource, must always be agent_rule
\nAllowed enum values: agent_rule
default: agent_rule
data
\n[object]
A list of Agent rules objects
attributes
\nobject
A Cloud Workload Security Agent rule returned by the API
actions
\n[object]
The array of actions the rule can perform if triggered
filter
\nstring
SECL expression used to target the container to apply the action on
kill
\nobject
Kill system call applied on the container matching the rule
signal
\nstring
Supported signals for the kill system call
metadata
\nobject
The metadata action applied on the scope matching the rule
image_tag
\nstring
The image tag of the metadata action
service
\nstring
The service of the metadata action
short_image
\nstring
The short image of the metadata action
set
\nobject
The set action applied on the scope matching the rule
append
\nboolean
Whether the value should be appended to the field
field
\nstring
The field of the set action
name
\nstring
The name of the set action
scope
\nstring
The scope of the set action
size
\nint64
The size of the set action
ttl
\nint64
The time to live of the set action
value
\nstring
The value of the set action
agentConstraint
\nstring
The version of the Agent
blocking
\n[string]
The blocking policies that the rule belongs to
category
\nstring
The category of the Agent rule
creationAuthorUuId
\nstring
The ID of the user who created the rule
creationDate
\nint64
When the Agent rule was created, timestamp in milliseconds
creator
\nobject
The attributes of the user who created the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
defaultRule
\nboolean
Whether the rule is included by default
description
\nstring
The description of the Agent rule
disabled
\n[string]
The disabled policies that the rule belongs to
enabled
\nboolean
Whether the Agent rule is enabled
expression
\nstring
The SECL expression of the Agent rule
filters
\n[string]
The platforms the Agent rule is supported on
monitoring
\n[string]
The monitoring policies that the rule belongs to
name
\nstring
The name of the Agent rule
product_tags
\n[string]
The list of product tags associated with the rule
updateAuthorUuId
\nstring
The ID of the user who updated the rule
updateDate
\nint64
Timestamp in milliseconds when the Agent rule was last updated
updatedAt
\nint64
When the Agent rule was last updated, timestamp in milliseconds
updater
\nobject
The attributes of the user who last updated the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
version
\nint64
The version of the Agent rule
id
\nstring
The ID of the Agent rule
type
\nenum
The type of the resource, must always be agent_rule
\nAllowed enum values: agent_rule
default: agent_rule
data
\n[object]
A list of Agent rules objects
attributes
\nobject
A Cloud Workload Security Agent rule returned by the API
actions
\n[object]
The array of actions the rule can perform if triggered
filter
\nstring
SECL expression used to target the container to apply the action on
hash
\nobject
An empty object indicating the hash action
kill
\nobject
Kill system call applied on the container matching the rule
signal
\nstring
Supported signals for the kill system call
metadata
\nobject
The metadata action applied on the scope matching the rule
image_tag
\nstring
The image tag of the metadata action
service
\nstring
The service of the metadata action
short_image
\nstring
The short image of the metadata action
set
\nobject
The set action applied on the scope matching the rule
append
\nboolean
Whether the value should be appended to the field
field
\nstring
The field of the set action
name
\nstring
The name of the set action
scope
\nstring
The scope of the set action
size
\nint64
The size of the set action
ttl
\nint64
The time to live of the set action
value
\nstring
The value of the set action
agentConstraint
\nstring
The version of the Agent
blocking
\n[string]
The blocking policies that the rule belongs to
category
\nstring
The category of the Agent rule
creationAuthorUuId
\nstring
The ID of the user who created the rule
creationDate
\nint64
When the Agent rule was created, timestamp in milliseconds
creator
\nobject
The attributes of the user who created the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
defaultRule
\nboolean
Whether the rule is included by default
description
\nstring
The description of the Agent rule
disabled
\n[string]
The disabled policies that the rule belongs to
enabled
\nboolean
Whether the Agent rule is enabled
expression
\nstring
The SECL expression of the Agent rule
filters
\n[string]
The platforms the Agent rule is supported on
monitoring
\n[string]
The monitoring policies that the rule belongs to
name
\nstring
The name of the Agent rule
product_tags
\n[string]
The list of product tags associated with the rule
updateAuthorUuId
\nstring
The ID of the user who updated the rule
updateDate
\nint64
Timestamp in milliseconds when the Agent rule was last updated
updatedAt
\nint64
When the Agent rule was last updated, timestamp in milliseconds
updater
\nobject
The attributes of the user who last updated the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
version
\nint64
The version of the Agent rule
id
\nstring
The ID of the Agent rule
type
\nenum
The type of the resource, must always be agent_rule
\nAllowed enum values: agent_rule
default: agent_rule
data
\nobject
Object for a single Agent rule
attributes
\nobject
A Cloud Workload Security Agent rule returned by the API
actions
\n[object]
The array of actions the rule can perform if triggered
filter
\nstring
SECL expression used to target the container to apply the action on
kill
\nobject
Kill system call applied on the container matching the rule
signal
\nstring
Supported signals for the kill system call
metadata
\nobject
The metadata action applied on the scope matching the rule
image_tag
\nstring
The image tag of the metadata action
service
\nstring
The service of the metadata action
short_image
\nstring
The short image of the metadata action
set
\nobject
The set action applied on the scope matching the rule
append
\nboolean
Whether the value should be appended to the field
field
\nstring
The field of the set action
name
\nstring
The name of the set action
scope
\nstring
The scope of the set action
size
\nint64
The size of the set action
ttl
\nint64
The time to live of the set action
value
\nstring
The value of the set action
agentConstraint
\nstring
The version of the Agent
blocking
\n[string]
The blocking policies that the rule belongs to
category
\nstring
The category of the Agent rule
creationAuthorUuId
\nstring
The ID of the user who created the rule
creationDate
\nint64
When the Agent rule was created, timestamp in milliseconds
creator
\nobject
The attributes of the user who created the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
defaultRule
\nboolean
Whether the rule is included by default
description
\nstring
The description of the Agent rule
disabled
\n[string]
The disabled policies that the rule belongs to
enabled
\nboolean
Whether the Agent rule is enabled
expression
\nstring
The SECL expression of the Agent rule
filters
\n[string]
The platforms the Agent rule is supported on
monitoring
\n[string]
The monitoring policies that the rule belongs to
name
\nstring
The name of the Agent rule
product_tags
\n[string]
The list of product tags associated with the rule
updateAuthorUuId
\nstring
The ID of the user who updated the rule
updateDate
\nint64
Timestamp in milliseconds when the Agent rule was last updated
updatedAt
\nint64
When the Agent rule was last updated, timestamp in milliseconds
updater
\nobject
The attributes of the user who last updated the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
version
\nint64
The version of the Agent rule
id
\nstring
The ID of the Agent rule
type
\nenum
The type of the resource, must always be agent_rule
\nAllowed enum values: agent_rule
default: agent_rule
data
\nobject
Object for a single Agent rule
attributes
\nobject
A Cloud Workload Security Agent rule returned by the API
actions
\n[object]
The array of actions the rule can perform if triggered
filter
\nstring
SECL expression used to target the container to apply the action on
hash
\nobject
An empty object indicating the hash action
kill
\nobject
Kill system call applied on the container matching the rule
signal
\nstring
Supported signals for the kill system call
metadata
\nobject
The metadata action applied on the scope matching the rule
image_tag
\nstring
The image tag of the metadata action
service
\nstring
The service of the metadata action
short_image
\nstring
The short image of the metadata action
set
\nobject
The set action applied on the scope matching the rule
append
\nboolean
Whether the value should be appended to the field
field
\nstring
The field of the set action
name
\nstring
The name of the set action
scope
\nstring
The scope of the set action
size
\nint64
The size of the set action
ttl
\nint64
The time to live of the set action
value
\nstring
The value of the set action
agentConstraint
\nstring
The version of the Agent
blocking
\n[string]
The blocking policies that the rule belongs to
category
\nstring
The category of the Agent rule
creationAuthorUuId
\nstring
The ID of the user who created the rule
creationDate
\nint64
When the Agent rule was created, timestamp in milliseconds
creator
\nobject
The attributes of the user who created the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
defaultRule
\nboolean
Whether the rule is included by default
description
\nstring
The description of the Agent rule
disabled
\n[string]
The disabled policies that the rule belongs to
enabled
\nboolean
Whether the Agent rule is enabled
expression
\nstring
The SECL expression of the Agent rule
filters
\n[string]
The platforms the Agent rule is supported on
monitoring
\n[string]
The monitoring policies that the rule belongs to
name
\nstring
The name of the Agent rule
product_tags
\n[string]
The list of product tags associated with the rule
updateAuthorUuId
\nstring
The ID of the user who updated the rule
updateDate
\nint64
Timestamp in milliseconds when the Agent rule was last updated
updatedAt
\nint64
When the Agent rule was last updated, timestamp in milliseconds
updater
\nobject
The attributes of the user who last updated the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
version
\nint64
The version of the Agent rule
id
\nstring
The ID of the Agent rule
type
\nenum
The type of the resource, must always be agent_rule
\nAllowed enum values: agent_rule
default: agent_rule
data [required]
\nobject
Object for a single Agent rule
attributes [required]
\nobject
Create a new Cloud Workload Security Agent rule.
actions
\n[object]
The array of actions the rule can perform if triggered
filter
\nstring
SECL expression used to target the container to apply the action on
kill
\nobject
Kill system call applied on the container matching the rule
signal
\nstring
Supported signals for the kill system call
metadata
\nobject
The metadata action applied on the scope matching the rule
image_tag
\nstring
The image tag of the metadata action
service
\nstring
The service of the metadata action
short_image
\nstring
The short image of the metadata action
set
\nobject
The set action applied on the scope matching the rule
append
\nboolean
Whether the value should be appended to the field
field
\nstring
The field of the set action
name
\nstring
The name of the set action
scope
\nstring
The scope of the set action
size
\nint64
The size of the set action
ttl
\nint64
The time to live of the set action
value
\nstring
The value of the set action
blocking
\n[string]
The blocking policies that the rule belongs to
description
\nstring
The description of the Agent rule.
disabled
\n[string]
The disabled policies that the rule belongs to
enabled
\nboolean
Whether the Agent rule is enabled
expression [required]
\nstring
The SECL expression of the Agent rule.
filters
\n[string]
The platforms the Agent rule is supported on
monitoring
\n[string]
The monitoring policies that the rule belongs to
name [required]
\nstring
The name of the Agent rule.
policy_id
\nstring
The ID of the policy where the Agent rule is saved
product_tags
\n[string]
The list of product tags associated with the rule
type [required]
\nenum
The type of the resource, must always be agent_rule
\nAllowed enum values: agent_rule
default: agent_rule
data [required]
\nobject
Object for a single Agent rule
attributes [required]
\nobject
Create a new Cloud Workload Security Agent rule.
actions
\n[object]
The array of actions the rule can perform if triggered
filter
\nstring
SECL expression used to target the container to apply the action on
hash
\nobject
An empty object indicating the hash action
kill
\nobject
Kill system call applied on the container matching the rule
signal
\nstring
Supported signals for the kill system call
metadata
\nobject
The metadata action applied on the scope matching the rule
image_tag
\nstring
The image tag of the metadata action
service
\nstring
The service of the metadata action
short_image
\nstring
The short image of the metadata action
set
\nobject
The set action applied on the scope matching the rule
append
\nboolean
Whether the value should be appended to the field
field
\nstring
The field of the set action
name
\nstring
The name of the set action
scope
\nstring
The scope of the set action
size
\nint64
The size of the set action
ttl
\nint64
The time to live of the set action
value
\nstring
The value of the set action
blocking
\n[string]
The blocking policies that the rule belongs to
description
\nstring
The description of the Agent rule.
disabled
\n[string]
The disabled policies that the rule belongs to
enabled
\nboolean
Whether the Agent rule is enabled
expression [required]
\nstring
The SECL expression of the Agent rule.
filters
\n[string]
The platforms the Agent rule is supported on
monitoring
\n[string]
The monitoring policies that the rule belongs to
name [required]
\nstring
The name of the Agent rule.
policy_id
\nstring
The ID of the policy where the Agent rule is saved
product_tags
\n[string]
The list of product tags associated with the rule
type [required]
\nenum
The type of the resource, must always be agent_rule
\nAllowed enum values: agent_rule
default: agent_rule
data
\nobject
Object for a single Agent rule
attributes
\nobject
A Cloud Workload Security Agent rule returned by the API
actions
\n[object]
The array of actions the rule can perform if triggered
filter
\nstring
SECL expression used to target the container to apply the action on
kill
\nobject
Kill system call applied on the container matching the rule
signal
\nstring
Supported signals for the kill system call
metadata
\nobject
The metadata action applied on the scope matching the rule
image_tag
\nstring
The image tag of the metadata action
service
\nstring
The service of the metadata action
short_image
\nstring
The short image of the metadata action
set
\nobject
The set action applied on the scope matching the rule
append
\nboolean
Whether the value should be appended to the field
field
\nstring
The field of the set action
name
\nstring
The name of the set action
scope
\nstring
The scope of the set action
size
\nint64
The size of the set action
ttl
\nint64
The time to live of the set action
value
\nstring
The value of the set action
agentConstraint
\nstring
The version of the Agent
blocking
\n[string]
The blocking policies that the rule belongs to
category
\nstring
The category of the Agent rule
creationAuthorUuId
\nstring
The ID of the user who created the rule
creationDate
\nint64
When the Agent rule was created, timestamp in milliseconds
creator
\nobject
The attributes of the user who created the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
defaultRule
\nboolean
Whether the rule is included by default
description
\nstring
The description of the Agent rule
disabled
\n[string]
The disabled policies that the rule belongs to
enabled
\nboolean
Whether the Agent rule is enabled
expression
\nstring
The SECL expression of the Agent rule
filters
\n[string]
The platforms the Agent rule is supported on
monitoring
\n[string]
The monitoring policies that the rule belongs to
name
\nstring
The name of the Agent rule
product_tags
\n[string]
The list of product tags associated with the rule
updateAuthorUuId
\nstring
The ID of the user who updated the rule
updateDate
\nint64
Timestamp in milliseconds when the Agent rule was last updated
updatedAt
\nint64
When the Agent rule was last updated, timestamp in milliseconds
updater
\nobject
The attributes of the user who last updated the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
version
\nint64
The version of the Agent rule
id
\nstring
The ID of the Agent rule
type
\nenum
The type of the resource, must always be agent_rule
\nAllowed enum values: agent_rule
default: agent_rule
data
\nobject
Object for a single Agent rule
attributes
\nobject
A Cloud Workload Security Agent rule returned by the API
actions
\n[object]
The array of actions the rule can perform if triggered
filter
\nstring
SECL expression used to target the container to apply the action on
hash
\nobject
An empty object indicating the hash action
kill
\nobject
Kill system call applied on the container matching the rule
signal
\nstring
Supported signals for the kill system call
metadata
\nobject
The metadata action applied on the scope matching the rule
image_tag
\nstring
The image tag of the metadata action
service
\nstring
The service of the metadata action
short_image
\nstring
The short image of the metadata action
set
\nobject
The set action applied on the scope matching the rule
append
\nboolean
Whether the value should be appended to the field
field
\nstring
The field of the set action
name
\nstring
The name of the set action
scope
\nstring
The scope of the set action
size
\nint64
The size of the set action
ttl
\nint64
The time to live of the set action
value
\nstring
The value of the set action
agentConstraint
\nstring
The version of the Agent
blocking
\n[string]
The blocking policies that the rule belongs to
category
\nstring
The category of the Agent rule
creationAuthorUuId
\nstring
The ID of the user who created the rule
creationDate
\nint64
When the Agent rule was created, timestamp in milliseconds
creator
\nobject
The attributes of the user who created the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
defaultRule
\nboolean
Whether the rule is included by default
description
\nstring
The description of the Agent rule
disabled
\n[string]
The disabled policies that the rule belongs to
enabled
\nboolean
Whether the Agent rule is enabled
expression
\nstring
The SECL expression of the Agent rule
filters
\n[string]
The platforms the Agent rule is supported on
monitoring
\n[string]
The monitoring policies that the rule belongs to
name
\nstring
The name of the Agent rule
product_tags
\n[string]
The list of product tags associated with the rule
updateAuthorUuId
\nstring
The ID of the user who updated the rule
updateDate
\nint64
Timestamp in milliseconds when the Agent rule was last updated
updatedAt
\nint64
When the Agent rule was last updated, timestamp in milliseconds
updater
\nobject
The attributes of the user who last updated the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
version
\nint64
The version of the Agent rule
id
\nstring
The ID of the Agent rule
type
\nenum
The type of the resource, must always be agent_rule
\nAllowed enum values: agent_rule
default: agent_rule
data
\nobject
Object for a single Agent rule
attributes
\nobject
A Cloud Workload Security Agent rule returned by the API
actions
\n[object]
The array of actions the rule can perform if triggered
filter
\nstring
SECL expression used to target the container to apply the action on
kill
\nobject
Kill system call applied on the container matching the rule
signal
\nstring
Supported signals for the kill system call
metadata
\nobject
The metadata action applied on the scope matching the rule
image_tag
\nstring
The image tag of the metadata action
service
\nstring
The service of the metadata action
short_image
\nstring
The short image of the metadata action
set
\nobject
The set action applied on the scope matching the rule
append
\nboolean
Whether the value should be appended to the field
field
\nstring
The field of the set action
name
\nstring
The name of the set action
scope
\nstring
The scope of the set action
size
\nint64
The size of the set action
ttl
\nint64
The time to live of the set action
value
\nstring
The value of the set action
agentConstraint
\nstring
The version of the Agent
blocking
\n[string]
The blocking policies that the rule belongs to
category
\nstring
The category of the Agent rule
creationAuthorUuId
\nstring
The ID of the user who created the rule
creationDate
\nint64
When the Agent rule was created, timestamp in milliseconds
creator
\nobject
The attributes of the user who created the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
defaultRule
\nboolean
Whether the rule is included by default
description
\nstring
The description of the Agent rule
disabled
\n[string]
The disabled policies that the rule belongs to
enabled
\nboolean
Whether the Agent rule is enabled
expression
\nstring
The SECL expression of the Agent rule
filters
\n[string]
The platforms the Agent rule is supported on
monitoring
\n[string]
The monitoring policies that the rule belongs to
name
\nstring
The name of the Agent rule
product_tags
\n[string]
The list of product tags associated with the rule
updateAuthorUuId
\nstring
The ID of the user who updated the rule
updateDate
\nint64
Timestamp in milliseconds when the Agent rule was last updated
updatedAt
\nint64
When the Agent rule was last updated, timestamp in milliseconds
updater
\nobject
The attributes of the user who last updated the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
version
\nint64
The version of the Agent rule
id
\nstring
The ID of the Agent rule
type
\nenum
The type of the resource, must always be agent_rule
\nAllowed enum values: agent_rule
default: agent_rule
data
\nobject
Object for a single Agent rule
attributes
\nobject
A Cloud Workload Security Agent rule returned by the API
actions
\n[object]
The array of actions the rule can perform if triggered
filter
\nstring
SECL expression used to target the container to apply the action on
hash
\nobject
An empty object indicating the hash action
kill
\nobject
Kill system call applied on the container matching the rule
signal
\nstring
Supported signals for the kill system call
metadata
\nobject
The metadata action applied on the scope matching the rule
image_tag
\nstring
The image tag of the metadata action
service
\nstring
The service of the metadata action
short_image
\nstring
The short image of the metadata action
set
\nobject
The set action applied on the scope matching the rule
append
\nboolean
Whether the value should be appended to the field
field
\nstring
The field of the set action
name
\nstring
The name of the set action
scope
\nstring
The scope of the set action
size
\nint64
The size of the set action
ttl
\nint64
The time to live of the set action
value
\nstring
The value of the set action
agentConstraint
\nstring
The version of the Agent
blocking
\n[string]
The blocking policies that the rule belongs to
category
\nstring
The category of the Agent rule
creationAuthorUuId
\nstring
The ID of the user who created the rule
creationDate
\nint64
When the Agent rule was created, timestamp in milliseconds
creator
\nobject
The attributes of the user who created the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
defaultRule
\nboolean
Whether the rule is included by default
description
\nstring
The description of the Agent rule
disabled
\n[string]
The disabled policies that the rule belongs to
enabled
\nboolean
Whether the Agent rule is enabled
expression
\nstring
The SECL expression of the Agent rule
filters
\n[string]
The platforms the Agent rule is supported on
monitoring
\n[string]
The monitoring policies that the rule belongs to
name
\nstring
The name of the Agent rule
product_tags
\n[string]
The list of product tags associated with the rule
updateAuthorUuId
\nstring
The ID of the user who updated the rule
updateDate
\nint64
Timestamp in milliseconds when the Agent rule was last updated
updatedAt
\nint64
When the Agent rule was last updated, timestamp in milliseconds
updater
\nobject
The attributes of the user who last updated the Agent rule
handle
\nstring
The handle of the user
name
\nstring
The name of the user
version
\nint64
The version of the Agent rule
id
\nstring
The ID of the Agent rule
type
\nenum
The type of the resource, must always be agent_rule
\nAllowed enum values: agent_rule
default: agent_rule
data [required]
\nobject
Object for a single Agent rule
attributes [required]
\nobject
Update an existing Cloud Workload Security Agent rule
actions
\n[object]
The array of actions the rule can perform if triggered
filter
\nstring
SECL expression used to target the container to apply the action on
kill
\nobject
Kill system call applied on the container matching the rule
signal
\nstring
Supported signals for the kill system call
metadata
\nobject
The metadata action applied on the scope matching the rule
image_tag
\nstring
The image tag of the metadata action
service
\nstring
The service of the metadata action
short_image
\nstring
The short image of the metadata action
set
\nobject
The set action applied on the scope matching the rule
append
\nboolean
Whether the value should be appended to the field
field
\nstring
The field of the set action
name
\nstring
The name of the set action
scope
\nstring
The scope of the set action
size
\nint64
The size of the set action
ttl
\nint64
The time to live of the set action
value
\nstring
The value of the set action
blocking
\n[string]
The blocking policies that the rule belongs to
description
\nstring
The description of the Agent rule
disabled
\n[string]
The disabled policies that the rule belongs to
enabled
\nboolean
Whether the Agent rule is enabled
expression
\nstring
The SECL expression of the Agent rule
monitoring
\n[string]
The monitoring policies that the rule belongs to
policy_id
\nstring
The ID of the policy where the Agent rule is saved
product_tags
\n[string]
The list of product tags associated with the rule
id
\nstring
The ID of the Agent rule
type [required]
\nenum
The type of the resource, must always be agent_rule
\nAllowed enum values: agent_rule
default: agent_rule
data [required]
\nobject
Object for a single Agent rule
attributes [required]
\nobject
Update an existing Cloud Workload Security Agent rule
actions
\n[object]
The array of actions the rule can perform if triggered
filter
\nstring
SECL expression used to target the container to apply the action on
hash
\nobject
An empty object indicating the hash action
kill
\nobject
Kill system call applied on the container matching the rule
signal
\nstring
Supported signals for the kill system call
metadata
\nobject
The metadata action applied on the scope matching the rule
image_tag
\nstring
The image tag of the metadata action
service
\nstring
The service of the metadata action
short_image
\nstring
The short image of the metadata action
set
\nobject
The set action applied on the scope matching the rule
append
\nboolean
Whether the value should be appended to the field
field
\nstring
The field of the set action
name
\nstring
The name of the set action
scope
\nstring
The scope of the set action
size
\nint64
The size of the set action
ttl
\nint64
The time to live of the set action
value
\nstring
The value of the set action
blocking
\n[string]
The blocking policies that the rule belongs to
description
\nstring
The description of the Agent rule
disabled
\n[string]
The disabled policies that the rule belongs to
enabled
\nboolean
Whether the Agent rule is enabled
expression
\nstring
The SECL expression of the Agent rule
monitoring
\n[string]
The monitoring policies that the rule belongs to
policy_id
\nstring
The ID of the policy where the Agent rule is saved
product_tags
\n[string]
The list of product tags associated with the rule
id
\nstring
The ID of the Agent rule
type [required]
\nenum
The type of the resource, must always be agent_rule
\nAllowed enum values: agent_rule
default: agent_rule