このドキュメントでは、Secure Workspaceでのシークレット管理のためのAPIキーの使用法の概要を説明し、プレーン・テキストと暗号化されたデータ処理の両方の例を含め、APIコールを使用してシークレットを取得および更新する方法を詳しく説明します。
前提条件
・apikey_id
とapikey_secret_key
で構成されるAPIキーが必要です。
・Secret APIキーの作成方法と取得方法に関するドキュメントを検索してください。
シークレットの取得
シークレットのリストの取得する
API キーでアクセス可能なすべてのシークレットのリストを取得するには、次のようにします。
curl --location --request POST 'https://${mytenant}.us.ssw.splashtop.com/server/api-key-access/inspect/' \
--header 'Content-Type: application/json' \
--data-raw '{
"api_key_id": "${apikey_id}",
"api_key_secret_key": "${apikey_secret_key}"
}'
# response example
{
"read": true,
"write": false,
"restrict_to_secrets": true,
"allow_insecure_access": true,
"api_key_secrets": [
{
"secret_id": "467ccfd5-b04f-4c5a-95de-927046a6c5fa",
"secret_title": "my windows",
"write_date": "2023-11-30 09:31:35.427375 +0000 UTC"
},
{
"secret_id": "006fa005-112e-41e4-8877-6ba08c47b837",
"secret_title": "myssh",
"write_date": "2024-01-24 02:21:38.709925 +0000 UTC"
}
]
}
Secret_filter を使用してシークレットのリストを取得するには、次のようにします。
curl --location --request POST 'https://${mytenant}.us.ssw.splashtop.com/server/api-key-access/secret_list/' \
--header 'Content-Type: application/json' \
--data-raw '{
"api_key_id": ${apikey_id},
"api_key_secret_key": ${apikey_secret_key},
"secret_filter": "{\"zero_trust_application_password_title\":\"s.+\"}"
}'
# secret_filter support regex
# e.g. to list filtered field zero_trust_application_password_title: sshhjhkj
# secret_filter": "{\"zero_trust_application_password_title\":\"sshhjhkj\"}"
# e.g. to list filtered field zero_trust_application_password_title with prefix 's'
# "secret_filter": "{\"zero_trust_application_password_title\":\"s.+\"}"
# Response example:
[
{
"secret_id": "006fa005-112e-41e4-8877-6ba08c47b837",
"zero_trust_application": "demo/test/applications/ssh@njc3ztrhmmet.app.e1-singapore-c1-usw2.dev.ztw.splashtop.com/all/ssh",
"zero_trust_application_desktop_app": [
"Terminal",
"WindowsTerminal.exe"
],
"zero_trust_application_id": "677e4a2a-c165-4351-8962-6836df69ffa8",
"zero_trust_application_password_fqdn": "njc3ztrhmmet.app.e1-singapore-c1-usw2.dev.ztw.splashtop.com",
"zero_trust_application_password_header": "",
"zero_trust_application_password_header_value": "",
"zero_trust_application_password_http_basic_auth_credentials": "",
"zero_trust_application_password_http_basic_auth_type": "",
"zero_trust_application_password_http_proxy_auth_credentials": "",
"zero_trust_application_password_http_proxy_auth_type": "",
"zero_trust_application_password_k8s_private_key": "",
"zero_trust_application_password_k8s_public_key": "",
"zero_trust_application_password_notes": "123",
"zero_trust_application_password_password": "ssh",
"zero_trust_application_password_ssh_passphrase": "",
"zero_trust_application_password_ssh_private_key": "",
"zero_trust_application_password_ssh_public_key": "",
"zero_trust_application_password_ssh_username": "",
"zero_trust_application_password_title": "sshhjhkj",
"zero_trust_application_password_type": "ztna",
"zero_trust_application_password_username": "ssh"
}
]
シークレットを個別に取得する
個々のシークレットを取得するには、次のようにします。
curl --location --request POST 'https://${mytenant}.us.ssw.splashtop.com/server/api-key-access/secret/' \
--header 'Content-Type: application/json' \
--data-raw '{
"api_key_id": "${apikey_id}",
"secret_id": "${secret_id}",
"api_key_secret_key": "${apikey_secret_key}"
}'
# response example
[
{
"secret_id": "006fa005-112e-41e4-8877-6ba08c47b837",
"zero_trust_application": "demo/test/applications/ssh@njc3ztrhmmet.app.e1-singapore-c1-usw2.dev.ztw.splashtop.com/all/ssh",
"zero_trust_application_desktop_app": [
"Terminal",
"WindowsTerminal.exe"
],
"zero_trust_application_id": "677e4a2a-c165-4351-8962-6836df69ffa8",
"zero_trust_application_password_fqdn": "njc3ztrhmmet.app.e1-singapore-c1-usw2.dev.ztw.splashtop.com",
"zero_trust_application_password_header": "",
"zero_trust_application_password_header_value": "",
"zero_trust_application_password_http_basic_auth_credentials": "",
"zero_trust_application_password_http_basic_auth_type": "",
"zero_trust_application_password_http_proxy_auth_credentials": "",
"zero_trust_application_password_http_proxy_auth_type": "",
"zero_trust_application_password_k8s_private_key": "",
"zero_trust_application_password_k8s_public_key": "",
"zero_trust_application_password_notes": "123",
"zero_trust_application_password_password": "ssh",
"zero_trust_application_password_ssh_passphrase": "",
"zero_trust_application_password_ssh_private_key": "",
"zero_trust_application_password_ssh_public_key": "",
"zero_trust_application_password_ssh_username": "",
"zero_trust_application_password_title": "sshhjhkj",
"zero_trust_application_password_type": "ztna",
"zero_trust_application_password_username": "ssh"
},
{
"secret_id": "467ccfd5-b04f-4c5a-95de-927046a6c5fa",
"zero_trust_application": "demo/applications/OpenSSH@zguwndnlmzet.app.e1-singapore-c1-usw2.dev.ztw.splashtop.com/all/ssh",
"zero_trust_application_desktop_app": [
"Terminal",
"WindowsTerminal.exe"
],
"zero_trust_application_password_fqdn": "zguwndnlmzet.app.e1-singapore-c1-usw2.dev.ztw.splashtop.com",
"zero_trust_application_password_header": "",
"zero_trust_application_password_header_value": "",
"zero_trust_application_password_http_basic_auth_credentials": "",
"zero_trust_application_password_http_basic_auth_type": "",
"zero_trust_application_password_http_proxy_auth_credentials": "",
"zero_trust_application_password_http_proxy_auth_type": "",
"zero_trust_application_password_k8s_private_key": "",
"zero_trust_application_password_k8s_public_key": "",
"zero_trust_application_password_notes": "",
"zero_trust_application_password_password": "xxx",
"zero_trust_application_password_ssh_passphrase": "",
"zero_trust_application_password_ssh_private_key": "",
"zero_trust_application_password_ssh_public_key": "",
"zero_trust_application_password_ssh_username": "",
"zero_trust_application_password_title": "litang",
"zero_trust_application_password_type": "ztna",
"zero_trust_application_password_username": "demo"
}
]
シークレットを更新する場合 (シークレットの詳細なペイロードには「insecure_data」というラベルが付いています。セキュリティ上の理由から、必ず信頼できる環境内でコードを実行してください。)
# The detailed payload for the secret is labeled as 'insecure_data'. Please ensure to execute the code within a trusted environment for security reasons.
curl --location --request PUT 'https://${mytenant}.us.ssw.splashtop.com/server/api-key-access/secret/' \
--header 'Content-Type: application/json' \
--data-raw '{
"api_key_id": "${apikey_id}",
"secret_id": "${secret_id}",
"api_key_secret_key": "${apikey_secret_key}",
"insecure_data": "{\"secret_id\": \"006fa005-112e-41e4-8877-6ba08c47b837\", \"zero_trust_application\": \"demo/test/applications/ssh@njc3ztrhmmet.app.e1-singapore-c1-usw2.dev.ztw.splashtop.com/all/ssh\", \"zero_trust_application_desktop_app\": [\"Terminal\", \"WindowsTerminal.exe\"], \"zero_trust_application_id\": \"677e4a2a-c165-4351-8962-6836df69ffa8\", \"zero_trust_application_password_fqdn\": \"njc3ztrhmmet.app.e1-singapore-c1-usw2.dev.ztw.splashtop.com\", \"zero_trust_application_password_header\": \"\", \"zero_trust_application_password_header_value\": \"\", \"zero_trust_application_password_http_basic_auth_credentials\": \"\", \"zero_trust_application_password_http_basic_auth_type\": \"\", \"zero_trust_application_password_http_proxy_auth_credentials\": \"\", \"zero_trust_application_password_http_proxy_auth_type\": \"\", \"zero_trust_application_password_k8s_private_key\": \"\", \"zero_trust_application_password_k8s_public_key\": \"\", \"zero_trust_application_password_notes\": \"123\", \"zero_trust_application_password_password\": \"ssh\", \"zero_trust_application_password_ssh_passphrase\": \"\", \"zero_trust_application_password_ssh_private_key\": \"\", \"zero_trust_application_password_ssh_public_key\": \"\", \"zero_trust_application_password_ssh_username\": \"\", \"zero_trust_application_password_title\": \"sshhjhkj\", \"zero_trust_application_password_type\": \"ztna\", \"zero_trust_application_password_username\": \"ssh\"}"
}'
このドキュメントでは、セキュア ワークスペース プラットフォーム内でのシークレット管理に API キーを使用するための包括的なガイドを提供します。これには、API 呼び出しを使用したシークレットの取得と更新の両方の詳細な例が含まれます。