Create a vulnerability exemption in a profile

curl --request POST \
  --url https://{region}.api.plerion.com/v1/tenant/profiles/{profileId}/vulnerability/exemptions \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "name": "<string>",
  "auditNote": "<string>",
  "reason": "ACCEPTED_RISK",
  "conditions": {
    "vulnerabilityIds": [
      "<string>"
    ],
    "assetGroupIds": [
      "<string>"
    ],
    "assetIds": [
      "<string>"
    ],
    "assetRegions": [
      "<string>"
    ],
    "assetTags": [
      {
        "key": "<string>",
        "value": "<string>"
      }
    ],
    "noVendorFix": true,
    "hasKev": true,
    "hasExploit": true
  }
}'

{
  "data": {
    "exemptionId": "550e8400-e29b-41d4-a716-446655440000",
    "profileId": "123e4567-e89b-12d3-a456-426614174000",
    "name": "Critical Patch Exemption",
    "auditNote": "Accepted risk due to compensating controls.",
    "reason": "COMPENSATING_CONTROL",
    "conditions": {
      "vulnerabilityIds": [
        "CVE-2023-12345"
      ],
      "assetGroupIds": [
        "asset-group-123"
      ],
      "assetIds": [
        "prn:assets:afeb4e5f-0370-4b43-8e37-7e4efc719358:aws:ec2:instance:ap-southeast-2:i-085a328dba59f229b"
      ],
      "assetRegions": [
        "us-east-1"
      ],
      "assetTags": [
        {
          "key": "environment",
          "value": "production"
        }
      ],
      "noVendorFix": true,
      "hasKev": true,
      "hasExploit": true
    },
    "createdAt": "2023-10-01T12:00:00Z",
    "updatedAt": "2023-10-02T14:30:00Z",
    "createdBy": "user@example.com",
    "updatedBy": "user@example.com"
  }
}

POST

tenant

profiles

{profileId}

vulnerability

exemptions

Create a vulnerability exemption in a profile

curl --request POST \
  --url https://{region}.api.plerion.com/v1/tenant/profiles/{profileId}/vulnerability/exemptions \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "name": "<string>",
  "auditNote": "<string>",
  "reason": "ACCEPTED_RISK",
  "conditions": {
    "vulnerabilityIds": [
      "<string>"
    ],
    "assetGroupIds": [
      "<string>"
    ],
    "assetIds": [
      "<string>"
    ],
    "assetRegions": [
      "<string>"
    ],
    "assetTags": [
      {
        "key": "<string>",
        "value": "<string>"
      }
    ],
    "noVendorFix": true,
    "hasKev": true,
    "hasExploit": true
  }
}'

{
  "data": {
    "exemptionId": "550e8400-e29b-41d4-a716-446655440000",
    "profileId": "123e4567-e89b-12d3-a456-426614174000",
    "name": "Critical Patch Exemption",
    "auditNote": "Accepted risk due to compensating controls.",
    "reason": "COMPENSATING_CONTROL",
    "conditions": {
      "vulnerabilityIds": [
        "CVE-2023-12345"
      ],
      "assetGroupIds": [
        "asset-group-123"
      ],
      "assetIds": [
        "prn:assets:afeb4e5f-0370-4b43-8e37-7e4efc719358:aws:ec2:instance:ap-southeast-2:i-085a328dba59f229b"
      ],
      "assetRegions": [
        "us-east-1"
      ],
      "assetTags": [
        {
          "key": "environment",
          "value": "production"
        }
      ],
      "noVendorFix": true,
      "hasKev": true,
      "hasExploit": true
    },
    "createdAt": "2023-10-01T12:00:00Z",
    "updatedAt": "2023-10-02T14:30:00Z",
    "createdBy": "user@example.com",
    "updatedBy": "user@example.com"
  }
}

Authorizations

Authorization

string

header

required

Bearer API Key. For example, "Bearer {Tenant API Key}"

Headers

Authorization

string

required

Bearer API Key. For example, "Bearer {Tenant API Key}"

Content-Type

string

application/json

Path Parameters

profileId

string

required

Profile ID (UUID) or the literal string "default" for the default profile.

Body

application/json

Response

Exemption created

The response is of type object.

List vulnerability exemptions in a profile Get a vulnerability exemption by ID

Overview

API documentation

Create a vulnerability exemption in a profile

Authorizations

Headers

Path Parameters

Body

Response