API

The API enables you to interact with ASecureCloud programmatically to automate actions such as onboarding accounts, updating settings, and launching security assessments. The api can be accessed at https://api.asecure.cloud/

A premium subscription is required to use the API

Getting Started

To get started, you need to create an API key to be used for authenticating the requests. Navigate to Dashboard > User Settings, and click on Generate API Keys

Authentication

The API key and secret key generated will be used in all API calls for authentication. They are passed in the authorization header with Basic Auth. which will be used in the API requests' authorization header using Basic Auth.

API Reference

List managed AWS accounts

PATH: GET /accounts/
Description: Lists all configured AWS accounts associated with the ASecureCloud profile
Parameters: None

Create a managed AWS account

PATH: POST /accounts/
Description: Lists the configured AWS accounts associated with the ASecureCloud profile
Parameters:
- accountId (required) – AWS account id number (12 digits)
- description (required) – AWS account description

Retrieve settings for a managed AWS account

PATH: GET /accounts/{account_id}
Description: Retrieves the managed account configuration details including the authentication profile details
Parameters: None

Update a managed AWS account settings

PATH: PUT /accounts/{account_id}
Description: Update an existing managed AWS account settings such as description and assessment schedule
Parameters:
- description (optional) – AWS account description
- assessmentSchedule (optional) – Set the schedule for the automated weekly assessment

Delete a managed AWS account

PATH: DELETE /accounts/{account_id}
Description: Deletes a managed AWS account from the user's profile
Parameters: None

Create a new authentication profile for a managed AWS account

PATH: POST /accounts/{account_id}/authProfile
Description: Creates a new authentication profile for the specified AWS account. This allows ASecureCloud to access the
Parameters:
- name (required) – authentication profile name
- description (required) – authentication profile description
- authType (required) – Allowed values: ["role", "user"], specifies authentication method to be used to access the AWS account (cross account IAM role vs IAM access keys)
- roleName (required if "role" is set) – the IAM role name that will be used to access the environment
- accessKeyId (required if "user" is set)
- secretAccessKey (required if "user" is set)
- sessionToken (optional)

When creating an authentication profile that uses an IAM role, the external ID will be generated by and sent back in the response body. See screenshot below.

Delete an authentication profile for a managed AWS account

PATH: DELETE /accounts/{account_id}/authProfile/{auth_profile_name}
Description: Deletes an existing authentication profile for a managed AWS account
Parameters: None

Launch an AWS security assessment

PATH: POST /assessments
Description: Launch a security assessment for the specific AWS account
Parameters:
- accountId (required) – Managed AWS account id
- regions (required) – list of regions to be included in the assessment. Example format: ["us-east-1", "us-east-2"]
- authProfile (optional) – Name of the authentication profile to use for the assessment. If not provided, then the first authentication profile defined for the managed account will be used

PreviousUpdate Password

Last updated 2 years ago