Kubernetes record



Create, update, list and delete Kubernetes records for compliance scans (using PC). This record is used to authenticate to a Kubernetes application (version 1.x) running on a Unix host.

Requirement - Unix authentication is required. So, you’ll also need a Unix record for the asset on which Kubernetes is installed.

Input Parameters




(Required) Specify create, update, delete (using POST) or list (using GET or POST). See List Auth Records for type


(Optional) Set to 1 to view (echo) input parameters in XML output. By default, parameters are not included.


(Optional) Default value is Basic. You can choose from None, Basic, and All.


(Required to list, update or delete record and optional to create record) Kubernetes authentication IDs. Specify record IDs and/or ID ranges (for example, 1359-1407). Multiple entries are comma-separated.


(Required to create record) The record title. The title must be unique and may include a maximum of 255 characters (ascii).


(Optional) User-defined notes about the record. Maximum of 1999 characters (ascii).



unix_bin_path= {value}

(Optional) Absolute path of the 'kubectl' command.


(Optional) Absolute path of the Kubernetes configuration file.

Target Hosts



The IP addresses for the Kubernetes targets you want to authenticate to. Multiple entries are comma-separated.

This parameter and the add_ips parameter or the remove_ips parameter cannot be specified in the same request.


(Optional and valid only to update record) IPs to be added to an existing record. You may enter a combination of IPs and IP ranges. Multiple entries are comma separated.


(Optional and valid to update record) IPs to be removed from your record. You may enter a combination of IPs and ranges. Multiple entries are comma separated.


(Optional to create or update record, and valid when the networks feature is enabled) The network ID for the record.


Sample - Create Kubernetes record

API request

curl -u "USERNAME:PASSWORD" -H "X-Requested-With: curl" -d "action=create&title=kubernetesauthrecord&unix_bin_path=/usr/bin/kubectl&unix_conf_path=/root/kube/config&ips= auth record" "https://qualysapi.qualys.com/api/2.0/fo/auth/kubernetes/"


XML output

<?xml version="1.0" encoding="UTF-8" ?>

<!DOCTYPE BATCH_RETURN SYSTEM "https://qualysapi.qualys.com/api/2.0/batch_return.dtd">






                <TEXT>Successfully Created</TEXT>









DTDs for auth type "kubernetes"

<platform API server>/api/2.0/fo/auth/auth_records.dtd

<platform API server>/api/2.0/fo/auth/kubernetes/auth_kubernetes_list_output.dtd