API Reference
The API enables you to interact with ASecureCloud programmatically to automate actions such as onboarding accounts, updating settings, and launching security assessments. The api can be accessed at https://api.asecure.cloud/
Getting Started
To get started, you need to create an API key to be used for authenticating the requests. Navigate to the Admin Portal Dashboard > Settings, and click on Configure API Keys
Authentication
The API key and secret key generated will be used in all API calls for authentication. They are passed in the authorization header with Basic Auth, which will be used in the API requests’ authorization header using Basic Auth.
API Endpoints
List managed AWS accounts
PATH: GET /accounts/Description: Lists all configured AWS accounts associated with the ASecureCloud profile
Parameters: None
Create a managed AWS account
PATH: POST /accounts/Description: Lists the configured AWS accounts associated with the ASecureCloud profile
Parameters:
accountId (required) – AWS account id number (12 digits)
Description (required) – AWS account Description
Retrieve settings for a managed AWS account
PATH: GET /accounts/{account_id}Description: Retrieves the managed account configuration details including the authentication profile details
Parameters: None
Update a managed AWS account settings
PATH: PUT /accounts/{account_id}Description: Update an existing managed AWS account settings such as Description and assessment schedule
Parameters:
Description (optional) – AWS account Description
assessmentSchedule (optional) – Set the schedule for the automated weekly assessment
Delete a managed AWS account
PATH: DELETE /accounts/{account_id}Description: Deletes a managed AWS account from the user’s profile
Parameters: None
Create a new authentication profile for a managed AWS account
Note: When creating an authentication profile that uses an IAM role, the external ID will be generated by and sent back in the response body. See screenshot below.
PATH: POST /accounts/{account_id}/authProfileDescription: Creates a new authentication profile for the specified AWS account. This allows ASecureCloud to access the
Parameters:
name (required) – authentication profile name
description (required) – authentication profile description
authType (required) – Allowed values: [“role”, “user”], specifies authentication method to be used to access the AWS account (cross account IAM role vs IAM access keys)
roleName (required if “role” is set) – the IAM role name that will be used to access the environment
accessKeyId (required if “user” is set)
secretAccessKey (required if “user” is set)
sessionToken (optional)
Delete an authentication profile for a managed AWS account
PATH: DELETE /accounts/{account_id}/authProfile/{auth_profile_name}Description: Deletes an existing authentication profile for a managed AWS account
Parameters: None
Launch an AWS security assessment
PATH: POST /assessmentsDescription: Launch a security assessment for the specific AWS account
Parameters:
accountId (required) – Managed AWS account id
regions (required) – list of regions to be included in the assessment. Example format: [“us-east-1”, “us-east-2”]
authProfile (optional) – Name of the authentication profile to use for the assessment. If not provided, then the first authentication profile defined for the managed account will be used
