Domain name for API request: tcss.intl.tencentcloudapi.com.
Query image interception event details.
A maximum of 20 requests can be initiated per second for this API.
The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.
| Parameter Name | Required | Type | Description |
|---|---|---|---|
| Action | Yes | String | Common Params. The value used for this API: DescribeImageDenyEventDetail. |
| Version | Yes | String | Common Params. The value used for this API: 2020-11-01. |
| Region | No | String | Common Params. This parameter is not required. |
| EventID | Yes | Integer | Event ID |
| Parameter Name | Type | Description |
|---|---|---|
| EventID | Integer | Event ID |
| EventType | String | Event Type. EVENT_RISK: Risk Event Type; EVENT_PRIVILEGE: Privilege |
| RuleName | String | Rule name |
| RuleID | String | Rule ID |
| RuleType | String | Rule type |
| RuleStatus | Integer | Rule Enable Status. 0: Enabled; 1: Disabled |
| RuleEffectStatus | String | Rule Policy Status. IN_THE_TEST: Observing; IN_EFFECT: Effective |
| RuleInfo | Array of String | Rule content Note: This field may return null, indicating that no valid values can be obtained. |
| RuleDescription | String | Rule description |
| ImageID | String | Image ID |
| ImageName | String | Image name |
| NodeName | String | Node name. |
| NodeIP | String | Private IP address |
| PublicIP | String | Public IP address |
| QUUID | String | Host QUUID |
| FoundTime | String | First generation time |
| LatestFoundTime | String | Latest creation time |
| EventCount | Integer | Number of events |
| DealBehavior | String | Execute action BEHAVIOR_ALERT: Alert BEHAVIOR_HOLDUP_SUCCESSED: Interception |
| PodName | String | Pod name |
| RuleEffectTime | String | Rule Start Interception Time |
| Description | String | Event description |
| StartParam | String | Image startup parameter |
| Solution | String | Solution |
| PodIP | String | pod ip |
| PodStatus | String | Pod Status |
| ClusterID | String | Cluster ID. |
| NodeType | String | Node type. |
| NodeID | String | Node ID. |
| NodeUniqueID | String | Node Unique ID |
| NodeSubNetID | String | Node subnet id |
| NodeSubNetName | String | Node Subnet Name |
| NodeSubNetCIDR | String | Node subnet cidr |
| ClusterName | String | Cluster name. |
| ImageRegistryInfo | ImageRegistryInfo | Image repository information. |
| RequestId | String | The unique request ID, generated by the server, will be returned for every request (if the request fails to reach the server for other reasons, the request will not obtain a RequestId). RequestId is required for locating a problem. |
Query image interception event details.
POST / HTTP/1.1
Host: tcss.intl.tencentcloudapi.com
Content-Type: application/json
X-TC-Action: DescribeImageDenyEventDetail
<Common request parameters>
{
"EventID": "10"
}
{
"Response": {
"ClusterID": "cls-4waue9dh",
"ClusterName": "prom-g62znlhv",
"DealBehavior": "BEHAVIOR_HOLDUP_SUCCESSED",
"Description": "This image hits the interception rule (id:ce25d78c-d247-4e2f-80ee-190e089ea434) and triggers intercept. Rule detail: vulnerability exists in this image. By vulnerability category."
"EventCount": 185,
"EventID": 2414001,
"EventType": "EVENT_RISK",
"FoundTime": "2024-11-02 00:03:32",
"ImageID": "sha256:d41059c812a8741c15695046857b90747aef9c7f9d67733962d7bbb025b9d159",
"ImageName": "registry.tce.com/etcd/etcd:3.4.18.amd64",
"LatestFoundTime": "2024-11-02 15:42:37",
"NodeID": "eklet-subnet-1ewk3avk",
"NodeIP": "10.206.1.2",
"NodeName": "tcs-10-206-67-153",
"NodeSubNetCIDR": "172.16.64.0/20",
"NodeSubNetID": "subnet-1ewk3avk",
"NodeSubNetName": "subnet-1ewk3avk",
"NodeType": "NORMAL",
"NodeUniqueID": "eb7b9af448345924bab44fc90a1b4e3b",
"PodIP": "127.0.0.1",
"PodName": "pod1",
"PodStatus": "RUNNING",
"PublicIP": "127.0.0.1",
"QUUID": "46d3b4de-add7-4378-af19-ad34baeb6b4b",
"RequestId": "b610c113-b940-4c0c-b937-b8edf518ef92",
"RuleDescription": "Test",
"RuleEffectStatus": "IN_EFFECT",
"RuleEffectTime": "2024-10-30 10:52:56",
"RuleID": "ce25d78c-d247-4e2f-80ee-190e089ea434",
"RuleInfo": [
"IMAGE_DENY_VUL_CLASS"
],
"RuleName": "name01",
"RuleStatus": 1,
"RuleType": "RULE_RISK",
"Solution": "CVE vulnerability: Update the vulnerable component to the corresponding fixed version."
"StartParam": "/opt/containerd/bin/runc runc --root /var/run/docker/runtime-runc/moby --log /run/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/9deace634eeb3fc28f7ac7bdbdeae6e917c89d1fc668892b25af20555fbd2832/log.json --log-format json create --bundle /var/run/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/9deace634eeb3fc28f7ac7bdbdeae6e917c89d1fc668892b25af20555fbd2832 --pid-file /var/run/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/9deace634eeb3fc28f7ac7bdbdeae6e917c89d1fc668892b25af20555fbd2832/init.pid 9deace634eeb3fc28f7ac7bdbdeae6e917c89d1fc668892b25af20555fbd2832",
"ImageRegistryInfo": {
"Name": "registry01",
"Type": "tcr",
"Address": "ccr.ccs.tencentyun.com/t-pot/logstash"
}
}
}
TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.
The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.
| Error Code | Description |
|---|---|
| AuthFailure | A CAM signature/authentication error occurred. |
| InternalError | An internal error occurred. |
| InvalidParameter | The parameter is incorrect. |
| InvalidParameter.InvalidFormat | The parameter format is incorrect. |
| InvalidParameter.MissingParameter | The required parameter is missing. |
| InvalidParameter.ParsingError | A parameter parsing error occurred. |
| InvalidParameterValue | The parameter value is incorrect. |
| MissingParameter | The parameter is missing. |
| ResourceNotFound | The resource does not exist. |
| UnknownParameter | The parameter is unknown. |
文档反馈