GET
/
connections
/
{nameOrID}

Path Parameters

nameOrID
string
required

Name or UUID of the connection

Response

200 - application/json
access_mode_connect
enum<string>
required

Toggle Port Forwarding

  • enabled - Enable to perform port forwarding for this connection
  • disabled - Disable port forwarding for this connection
Available options:
enabled,
disabled
access_mode_exec
enum<string>
required

Toggle Ad Hoc Executions

  • enabled - Enable to run ad-hoc executions for this connection
  • disabled - Disable ad-hoc executions for this connection
Available options:
enabled,
disabled
access_mode_runbooks
enum<string>
required

Toggle Ad Hoc Runbooks Executions

  • enabled - Enable to run runbooks for this connection
  • disabled - Disable runbooks execution for this connection
Available options:
enabled,
disabled
access_schema
enum<string>
required

Toggle Introspection Schema

  • enabled - Enable the instrospection schema in the webapp
  • disabled - Disable the instrospection schema in the webapp
Available options:
enabled,
disabled
agent_id
string
required

The agent associated with this connection

command
string[]

Is the shell command that is going to be executed when interacting with this connection. This value is required if the connection is going to be used from the Webapp.

guardrail_rules
string[]

The guard rail association id rules

id
string

Unique ID of the resource

managed_by
string

Managed By is a read only field that indicates who is managing this resource. When this attribute is set, this resource is considered immutable

name
string
required

Name of the connection. This attribute is immutable when updating it

redact_enabled
boolean

When this option is enabled it will allow managing the redact types through the attribute redact_types

redact_types
string[]

Redact Types is a list of info types that will used to redact the output of the connection. Possible values are described in the DLP documentation: https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference

reviewers
string[]

Reviewers is a list of groups that will review the connection before the user could execute it

secret
object

Secrets are environment variables that are going to be exposed in the runtime of the connection:

  • { envvar:[env-key]: [base64-val] } - Expose the value as environment variable
  • { filesystem:[env-key]: [base64-val] } - Expose the value as a temporary file path creating the value in the filesystem

The value could also represent an integration with a external provider:

  • { envvar:[env-key]: _aws:[secret-name]:[secret-key] } - Obtain the value dynamically in the AWS secrets manager and expose as environment variable
  • { envvar:[env-key]: _envjson:[json-env-name]:[json-env-key] } - Obtain the value dynamically from a JSON env in the agent runtime. Example: MYENV={"KEY": "val"}
status
enum<string>

Status is a read only field that informs if the connection is available for interaction

  • online - The agent is connected and alive
  • offline - The agent is not connected
Available options:
online,
offline
subtype
string

Sub Type is the underline implementation of the connection:

  • postgres - Implements Postgres protocol
  • mysql - Implements MySQL protocol
  • mongodb - Implements MongoDB Wire Protocol
  • mssql - Implements Microsoft SQL Server Protocol
  • tcp - Forwards a TCP connection
tags
string[]

Tags to classify the connection

type
enum<string>
required

Type represents the main type of the connection:

  • database - Database protocols
  • application - Custom applications
  • custom - Shell applications
Available options:
database,
application,
custom