search

rapid7 / nexpose-client

DEPRECATED: Rapid7 Nexpose API client library written in Ruby
https://www.rapid7.com/
BSD 3-Clause "New" or "Revised" License
150 stars 103 forks source link

[QUESTION] How to generate Shared Secret via RESTful API? #322

Closed vorotech closed 6 years ago

vorotech commented 6 years ago

In order to pre-authorize Nexpose Scan Engine in AWS I need to generate Shared Secret.

With a nexpose client ruby gem it is possible to generate/revoke the shared secret (see also #310).

But I cannot find an alternative in RESTful API, and the only way to to generate via UI.

Is it available? Or can I continue using ruby gem to generate the secret?

zyoutz-r7 commented 6 years ago

When using the nexpose-client Ruby gem, you can call the following method to remove the shared secret after initially generating it: https://www.rubydoc.info/github/rapid7/nexpose-client/Nexpose%2FSharedSecret:delete

As for the RESTful API, there is an enhancement request for the functionality to be added but it does not yet exist. You can either use the gem to accomplish this functionality, or it is also possible to interact with the endpoints yourself if another language is of interest: https://github.com/rapid7/nexpose-client/blob/master/lib/nexpose/shared_secret.rb#L8

vorotech commented 6 years ago

Thanks @zyoutz-r7