Get Key Policy by Key Group Info
The API will fetch SSH key policy with key group id provided.
Before you begin
Before attempting to get ssh key policy, make sure the user has access to view SSH key policies..
Request Structure
| Endpoint: | /ssh/policy/list |
| Type: | GET |
| Sample URL: | https://<IP/HostName/TenantName>:<GWPORT>/avxapi/ssh/policy/list?gwsource=externalTo understand the elements of the sample URL, click here. |
| Headers: | |
| Content-Type: | application/json |
| Name | Description |
|---|---|
| sessionId
|
(Mandatory) Session ID received after
login. Type: String Constraints: Required if username and password are not provided. |
| username
|
(Mandatory) AppViewX login username. Type: String Constraints: Required if sessionId is not provided. |
| password
|
(Mandatory) AppViewX login password. Type: String Constraints: Required if sessionId is not provided. |
| Content-Type
|
(Mandatory) Specifies the nature of the data in the
payload. Type: String Constraints: The value of the param should be ‘application/json’. |
| gwsource
|
(Mandatory) Source from which the request is
triggered. (E.g. external) Type: String |
| requestId
|
(Mandatory) Request Id of the bulk upload
request. Type: String |
| Payload
|
Empty Payload Type: Payload |
Response Structure
200 OK returns string of type application/json with the following body params.
| Name | Description |
|---|---|
| response | Contains the response as sshKeyPolicyInfo Type: sshKeyPolicyInfo |
| message | “Success" Type: String |
| appStatusCode | SSH-NB-200 Type: String |
| tags | More info in case of failure response. |
| Name | Description |
|---|---|
| name | Policy Name. Type: String |
| description | Description of the SSH key policy. Type: String |
| selectedGroupIds | List of selected group IDs for the
policy. Type: List[String] |
| active | Whether the policy is active. Type: Boolean |
| autoRotateKeys | Flag for auto rotation of keys. Type: Boolean |
| keyRotationPeriodInDays |
Key rotation period in days. Type: Integer |
| keyRotationAlgorithm |
Algorithm used for key rotation. Type: String |
| keyRotationSize |
Key size used for rotation. Type: String |
| encryptionAndBitLength |
Available bit lengths for encryption algorithms. Type: encryptionAndBitLength |
| autoRotateScheduledTime |
Scheduled time for auto rotation. Type: String |
| timeZone |
Time zone of the scheduled action. Type: String |
| hostCertRenewalPeriodInDays |
Host certificate renewal period in days. Type: Integer |
| _id |
Mongo ID of the policy. Type: String |
| Name | Description |
|---|---|
| RSA | Available bit lengths for RSA in
policy. Type: List |
| ECDSA |
Available bit lengths for ECDSA in policy. Type: List |
| ED25519 |
Available bit lengths for ED25519 in policy. Type: List |
Status Codes
| HTTP Status code | appStatusCode | Message and Possible remediation |
|---|---|---|
| 200 OK | NA | Success |
| 401 Unauthorized | AVX_GW_003 | Authentication failed, reason - Invalid
Credentials Possible remediation: Ensure that valid username and password or valid sessionId is provided as the header param. |
| 400 Bad Request | VALIDATION_ERROR_0004 | Mandatory field <<field name>> is missing or
or empty Possible remediation: Check and ensure that valid value is provided for <<field name>> field in the request. |
| 404 Not Found | ERR-SSH-NB-249 |
Policy not found for the given id. Possible remediation: Wrong requestorPolicyId provided. |
Sample Request/Response
To retrive available SSH key group information using /ssh/policy/list API.
https://<IP/HostName/TenantName>:<GWPORT>/avxapi/ssh/policy/list?gwsource=external{}{
"response": {
"name": "Default_Key_Policy",
"description": "Default policy for SSH Keys",
"selectedGroupIds": [
"5767bcef3465bfbf73e44727"
],
"active": true,
"autoRotate": false,
"autoRotateKeys": false,
"keyRotationPeriodInDays": 180,
"keyRotationAlgorithm": "ECDSA",
"keyRotationSize": "256",
"encryptionAndBitLength": {
"RSA": [
"4096",
"16384",
"2048",
"1024",
"8192"
],
"ED25519": [
"256"
],
"ECDSA": [
"256",
"521",
"384"
]
},
"autoRotateScheduledTime": null,
"timeZone": null,
"hostCertRenewalPeriodInDays": 10,
"_id": "577de4f03b4a15e6a9a171dd"
},
"message": "Success",
"appStatusCode": "SSH-NB-200",
"tags": {},
"headers": null
}
Reference
- IP/HostName/TenantName: Replace with the actual IP address, hostname,
or tenant name based on the specific configuration in AppViewX.
- IP: A unique identifier assigned to each device connected to
a computer network that uses the Internet Protocol for communication
The IP address will be included in the endpoint URL for an on-prem deployment.
- HostName: A human-readable label assigned to a device (host)
on a network
The hostname will be included in the endpoint URL for an on-prem deployment.
- TenantName: An identifier label for a tenant given to
indicate which tenant's data the API request will
access/modify
The tenant name will be included in the endpoint URL for a SaaS deployment.
- IP: A unique identifier assigned to each device connected to
a computer network that uses the Internet Protocol for communication
- GWPORT: AppViewX gateway port A gateway port refers to a network port through which data is sent and received to communicate with a gateway in an on-prem deployment.Note: GWPORT is not required for SaaS setups.
Example: 31443
- avxapi: Path parameter value (static) that is part of the endpoint's URL
- Endpoint: Endpoint of the API, for example: /ssh/host/create
- gwsource: Source or origin of a gateway, for example: external.
