Vulnerability Remediation API

To enable vulnerability remediation capabilities, you must acquire a Puppet Enterprise Advanced license. Contact your Puppet Enterprise administrator or Contact our sales team to acquire a license and enable this feature.

You can use the Vulnerability Remediation API to handle transformer operations and manage vulnerability data and associated results from scan reports.

• The Vulnerability Remediation API accepts well-formed HTTPS requests and requires authentication

• Use the Command endpoints to manage and operate the transformer and run remediation patch jobs

• Use Get requests to request vulnerability data

• URI path: https://${primary_host}:8146/vrs

• Default port: 8146

Authentication

• Token (X-Authentication Header)

• Parameter Name: X-Authentication, in: header

Command endpoint

• POST__v1_command_activate-transformer/{id}

• POST__v1_command_delete-transformer/{id}

• POST__v1_command_remediate-patch-job

The following are used only by the transformer:

• POST__v1_command_add-results/{id}} Transformer scanner report

• POST__v1_command_register-transformer/{id} Transformer registration

Get requests

• GET/v1_transformer

• GET/v1/vulnerabilities

• GET/v1/vulnerabilities/{id}

• GET/v1/vulnerability-nodes/{id}

• GET/v1/vulnerability-patch-groups/{id}

• GET/v1/node-vulnerabilities/{id}