Vulnerability Management: New Parameter for Resource Tags in Asset Exports (Limited Availability)
Note
Tenable is enabling this update for customers in a rolling fashion and availability is limited. For more information, contact your Tenable representative.
A new boolean body parameter is now available for the Tenable Vulnerability Management Export assets v1 and Export assets v2 endpoints that enables customers to include resource tags in asset exports. The new parameter is include_resource_tags.
Resource tags are imported from a cloud provider like Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Platform (GCP) by a Cloud Discovery Connector and are used to identify cloud assets. For more information about resource tags, see Cloud Resources and Host Assets in the Tenable Vulnerability Management User Guide.
The new parameter is described in the following table:
| Parameter | Type | Description |
|---|---|---|
include_resource_tags | Boolean | Specifies whether or not to include resource tags. If this parameter is omitted, Tenable Vulnerability Management uses a default value of false.Caution: Including resource tags can significantly increase the size of the API response and exports take longer to complete. Tenable does not recommend including both resource tags and open port findings in the same export. Additionally, when including resource tags, the chunk size is limited to 1000 for best performance and Tenable Vulnerability Management returns a 400 error if you attempt to use a larger chunk size. |
This update affects the following endpoints:
| Endpoint | Name | Description |
|---|---|---|
| POST /assets/export | Export assets v1 | Exports all assets that match the request criteria. |
| POST /assets/v2/export | Export assets v2 | Exports all assets that match the request criteria. |
| GET /assets/export/{export_uuid}/chunks/{chunk_id} | Download assets chunk | Downloads exported asset chunks by ID. Chunks are available for download for up to 24 hours after they have been created. Tenable Vulnerability Management returns a 404 message for expired chunks. |
The resource tags object in the response chunks from the Download asset chunk endpoint looks like the following:
{
"resource_tags": [
{
"key": "example-name",
"value": "cust1-fa-linux"
},
{
"key": "ExpirationTime",
"value": "1731485476823"
}
]
}
Example: Include Resource Tags in Asset Export v2
For example, to include resource tags in an asset export, you could use the following cURL request:
curl --request POST \
--url https://cloud.tenable.com/assets/v2/export \
--header 'X-ApiKeys: accessKey=<YOURKEY>;secretKey=<YOURKEY>' \
--header 'accept: application/json' \
--header 'content-type: application/json' \
--data '
{
"chunk_size": 500,
"include_resource_tags": true
}
'