The API enables you to interact with ASecureCloud programmatically to automate actions such as onboarding accounts, updating settings, and launching security assessments. The api can be accessed at https://api.asecure.cloud/
A premium subscription is required to use the API
Getting Started
To get started, you need to create an API key to be used for authenticating the requests. Navigate to Dashboard > User Settings, and click on Generate API Keys
Authentication
The API key and secret key generated will be used in all API calls for authentication. They are passed in the authorization header with Basic Auth. which will be used in the API requests' authorization header using Basic Auth.
API Reference
List managed AWS accounts
PATH:GET /accounts/
Description: Lists all configured AWS accounts associated with the ASecureCloud profile
Parameters: None
Create a managed AWS account
PATH:POST /accounts/
Description: Lists the configured AWS accounts associated with the ASecureCloud profile
Parameters:
accountId (required) – AWS account id number (12 digits)
authType (required) – Allowed values: ["role", "user"], specifies authentication method to be used to access the AWS account (cross account IAM role vs IAM access keys)
roleName (required if "role" is set) – the IAM role name that will be used to access the environment
accessKeyId (required if "user" is set)
secretAccessKey (required if "user" is set)
sessionToken (optional)
When creating an authentication profile that uses an IAM role, the external ID will be generated by and sent back in the response body. See screenshot below.
Delete an authentication profile for a managed AWS account
Description: Deletes an existing authentication profile for a managed AWS account
Parameters: None
Launch an AWS security assessment
PATH:POST /assessments
Description: Launch a security assessment for the specific AWS account
Parameters:
accountId (required) – Managed AWS account id
regions (required) – list of regions to be included in the assessment. Example format: ["us-east-1", "us-east-2"]
authProfile (optional) – Name of the authentication profile to use for the assessment. If not provided, then the first authentication profile defined for the managed account will be used