Lacework API & CLI - Container Vulnerability
Overview
Lacework offers a rich API and CLI to configure container registries, retrieve assessment reports and trigger on-demand scans for public and private registries. You can use the API or CLI as part of your workflows to pull data about host and container vulnerabilities, generate your own reports, etc.
Lacework API
The Lacework API documentation is available directly from your Lacework application at the following URIs:
- https://YourLacework.lacework.net/api/v1/external/docs (APIv1)
- https://YourLacework.lacework.net/api/v2/docs (APIv2)
Replace 'YourLacework' with your Lacework application.
Logging in to the Lacework Console is not required. However, there are links to the Lacework API documentation from the Lacework Console. From the Help drop-down, select API Documentation or API 2.0 Documentation.
Run the Lacework APIs using your favorite REST API tools such as curl or Postman. Example curl commands are listed in the API documentation provided by the Help > API Documentation or API 2.0 Documentation menu options in the Lacework Console.
To get your API Access Keys and Tokens, you must Generate API Access Keys and Tokens.
Lacework CLI
The Lacework Command Line Interface is a tool that helps you manage the Lacework cloud security platform. You can use it to manage many all aspects of the Lacework Cloud Platform, including vulnerability scans.
You can use the CLI as alternative to the Lacework Cloud Console to:
Retrieve assessment reports
Trigger scans for specific images in a public registry (through the Registry Integration).
For instance if you have added a Container Registry integration for Docker Hub (index.docker.io), you can perform on-demand scan of the ubuntu image with "latest" tag with this command:
lacework vulnerability container scan index.docker.io library/ubuntu latest
The list of commands is available in the CLI documentation.
You must Install and Configure the Lacework CLI before using it.