API

The API enables you to interact with ASecureCloud programmatically to automate actions such as onboarding accounts, updating settings, and launching security assessments. The api can be accessed at https://api.asecure.cloud/

A premium subscription is required to use the API

Getting Started

To get started, you need to create an API key to be used for authenticating the requests. Navigate to Dashboard > User Settings, and click on Generate API Keys

Authentication

The API key and secret key generated will be used in all API calls for authentication. They are passed in the authorization header with Basic Auth. which will be used in the API requests' authorization header using Basic Auth.

API Reference

List managed AWS accounts

  • PATH: GET /accounts/

  • Description: Lists all configured AWS accounts associated with the ASecureCloud profile

  • Parameters: None

Create a managed AWS account

  • PATH: POST /accounts/

  • Description: Lists the configured AWS accounts associated with the ASecureCloud profile

  • Parameters:

    • accountId (required) – AWS account id number (12 digits)

    • description (required) – AWS account description

Retrieve settings for a managed AWS account

  • PATH: GET /accounts/{account_id}

  • Description: Retrieves the managed account configuration details including the authentication profile details

  • Parameters: None

Update a managed AWS account settings

  • PATH: PUT /accounts/{account_id}

  • Description: Update an existing managed AWS account settings such as description and assessment schedule

  • Parameters:

    • description (optional) – AWS account description

    • assessmentSchedule (optional) – Set the schedule for the automated weekly assessment

Delete a managed AWS account

  • PATH: DELETE /accounts/{account_id}

  • Description: Deletes a managed AWS account from the user's profile

  • Parameters: None

Create a new authentication profile for a managed AWS account

  • PATH: POST /accounts/{account_id}/authProfile

  • Description: Creates a new authentication profile for the specified AWS account. This allows ASecureCloud to access the

  • Parameters:

    • name (required) authentication profile name

    • description (required) authentication profile description

    • authType (required) – Allowed values: ["role", "user"], specifies authentication method to be used to access the AWS account (cross account IAM role vs IAM access keys)

    • roleName (required if "role" is set) – the IAM role name that will be used to access the environment

    • accessKeyId (required if "user" is set)

    • secretAccessKey (required if "user" is set)

    • sessionToken (optional)

When creating an authentication profile that uses an IAM role, the external ID will be generated by and sent back in the response body. See screenshot below.

Delete an authentication profile for a managed AWS account

  • PATH: DELETE /accounts/{account_id}/authProfile/{auth_profile_name}

  • Description: Deletes an existing authentication profile for a managed AWS account

  • Parameters: None

Launch an AWS security assessment

  • PATH: POST /assessments

  • Description: Launch a security assessment for the specific AWS account

  • Parameters:

    • accountId (required) – Managed AWS account id

    • regions (required) – list of regions to be included in the assessment. Example format: ["us-east-1", "us-east-2"]

    • authProfile (optional) – Name of the authentication profile to use for the assessment. If not provided, then the first authentication profile defined for the managed account will be used

PreviousUpdate Password

Last updated