### API Overview: InsightCloudSec API Source: https://docs.rapid7.com/_api/insightcloudsec-v3-api.yaml
Welcome to the reference documentation for the public APIs (v3) available for InsightCloudSec.
Here are a few resources to help start using our APIs:
After you’ve got the basics down, you can effectively interact with the sample requests and responses found in this file.
```yaml # InsightCloudSec API # Version: v3Welcome to the reference documentation for the public APIs (v3) available for InsightCloudSec.
Here are a few resources to help start using our APIs:
After you’ve got the basics down, you can effectively interact with the sample requests and responses found in this file.
# Base URL: https://{insightcloudsecUrl}/v3 ``` -------------------------------- ### POST /cvm/packages Source: https://docs.rapid7.com/_api/insightcloudsec-v3-api.yaml Gets all packages and package data ```markdown ### Parameters - **order_by** (string,null, query, optional) - **page** (integer, query, optional) - **provide_ids** (boolean, query, optional) - **provide_counts** (boolean, query, optional) - **page_size** (integer, query, optional) - **search** (string, query, optional) ### Request Body **Content-Type:** application/json - **with_vulns_only** (boolean,null) - **filtering** (object) - **form_name** (string (usc|usc_cloud|usc_application|threatfinding|hva|clusters|iac|iam_principals|iam_federated_users|applications|apa|summary|cvm_resources|cvm_packages|cvm_vulnerabilities|cvm_config|harvester_status|system_events|jit_profiles|jit_session_history|jit_approval_policy|jit_role_configs)) (required) ("usc"|"usc_cloud"|"usc_application"|"threatfinding"|"hva"|"clusters"|"iac"|"iam_principals"|"iam_federated_users"|"applications"|"apa"|"summary"|"cvm_resources"|"cvm_packages"|"cvm_vulnerabilities"|"cvm_config"|"harvester_status"|"system_events"|"jit_profiles"|"jit_session_history"|"jit_approval_policy"|"jit_role_configs") - **expr** (unknown) (required) ### Responses #### 200 - OK **ListPackagesResponse** - **data** (array (Package)) Array items: - **has_exploits** (boolean) - **has_threats** (boolean) - **vulnerability_status** (object) - **severity** (string) - **high_count** (integer) - **riskscore** (number) - **medium_count** (integer) - **none_count** (integer) - **total_count** (integer) - **critical_count** (integer) - **low_count** (integer) - **last_seen** (string (date-time)) - **technology** (string) - **name** (string) - **type** (string) - **version** (string) - **resource_id** (string) - **impacted_resources** (integer) - **ids** (array (unknown)) - **total_count** (integer,null) - **total_pages** (integer,null) - **page** (integer) - **page_size** (integer) ### Example Usage ```bash curl -X POST "https://{insightcloudsecUrl}/v3/cvm/packages?order_by=value&page=1&provide_ids=false&provide_counts=true&page_size=25&search=string" \ -H "Content-Type: application/json" \ -d '{ "with_vulns_only": "null", "filtering": "null" }' ``` ``` -------------------------------- ### GET /cvm/packages/{package_name}/{package_version}/vulnerabilities Source: https://docs.rapid7.com/_api/insightcloudsec-v3-api.yaml Get the list of vulnerabilities for a particular package ```markdown ### Parameters - **package_name** (string, path, required) - **package_version** (string, path, required) - **order_by** (string,null, query, optional) - **page** (integer, query, optional) - **provide_ids** (boolean, query, optional) - **provide_counts** (boolean, query, optional) - **page_size** (integer, query, optional) - **search** (string, query, optional) ### Responses #### 200 - OK **ListPackageVulnerabilitiesResponse** - **data** (array (PackageVulnerability)) Array items: - **has_exploits** (boolean) - **severity** (unknown) - **cvss_v2_vector** (string) - **cve_id** (string) - **riskscore** (number) - **source** (string) - **affected_packages** (array (Package1)) Array items: - **name** (string) - **version** (string) - **cvss_v2_score** (number) - **has_threats** (boolean) - **uri** (string) - **cvss_v3_vector** (string) - **vuln_meta** (string) - **vulnerability_id** (integer) - **first_found** (string (date-time)) - **cvss_score** (number) - **cvss_v3_score** (number) - **title** (string) - **ids** (array (unknown)) - **total_count** (integer,null) - **total_pages** (integer,null) - **page** (integer) - **page_size** (integer) ### Example Usage ```bash curl -X GET "https://{insightcloudsecUrl}/v3/cvm/packages/{package_name}/{package_version}/vulnerabilities?order_by=value&page=1&provide_ids=false&provide_counts=true&page_size=25&search=string" ``` ``` -------------------------------- ### GET /iac/configs Source: https://docs.rapid7.com/_api/insightcloudsec-v3-api.yaml Provides a list of IaC configurations. ```markdown ### Responses #### 200 - 200 - Array of object - **id** (integer) (example: 1) - **organization_id** (integer) (example: 7) - **name** (string) (example: "Zero Tags") - **description** (string) (example: "Resouces that are not tagged.") - **pack_id** (integer) (example: 3) - **source** (string) (example: "custom") - **insights_blacklist** (array) - **insights_warn_only** (array) - **slack_channel** (unknown) - **email_recipients** (unknown) - **last_build_at** (string) (example: "2020-01-17T13:31:30Z") - **created_at** (string) (example: "2019-11-21T09:24:15Z") - **last_modified** (string) (example: "2020-03-12T07:38:34Z") - **total_builds** (integer) (example: 13) - **success_count** (integer) (example: 2) - **failure_count** (integer) (example: 11) - **consumption_url** (string) (example: "http://localhost:8001/v3/iac/scan") #### 400 - 400 ### Example Usage ```bash curl -X GET "https://{insightcloudsecUrl}/v3/iac/configs" ``` ``` -------------------------------- ### GET /external-data/sources Source: https://docs.rapid7.com/_api/insightcloudsec-v3-api.yaml List existing external data sources ```markdown ### Parameters - **source_type** (string, query, required): Specifies the data should be an external resource. ### Responses #### 200 - 200 - Array of object - **source_id** (string) (example: "divvyexternaldatasource:1:resource_external:test_source") - **organization_id** (integer) (example: 1) - **source_type** (string) (example: "resource_external") - **source_name** (string) (example: "test_source") - **remote_bucket_config** (object) - **organization_id** (integer) (example: 1) - **enabled** (boolean) (example: true) - **region** (string) (example: "us-east-1") - **name** (string) (example: "test_bucket") - **file_name** (string) (example: "external_data.json") - **credentials** (object) - **type** (integer) (example: 0) - **org_service_id** (integer) (example: 227) - **cloud_type_id** (string) (example: "AWS") - **last_success** (unknown) - **last_failure** (unknown) - **last_modified** (string) (example: "2021-04-16T18:56:03Z") ### Example Usage ```bash curl -X GET "https://{insightcloudsecUrl}/v3/external-data/sources?source_type=string" ``` ``` -------------------------------- ### GET /public/resources/{resource_id}/sources Source: https://docs.rapid7.com/_api/insightcloudsec-v3-api.yaml Get the Source Documents associated with a given resource. ```markdown ### Parameters - **resource_id** (string, path, required): The InsightCloudSec resource ID. ### Responses #### 200 - 200 - **DescribeInstances** (object) - **content** (object) - **Tags** (array (object)) Array items: - **Key** (string) (example: "Owner") - **Value** (string) (example: "ICS QA Team") - **State** (object) - **Code** (integer) (example: 80) - **Name** (string) (example: "stopped") - **VpcId** (string) (example: "vpc-...") - **ImageId** (string) (example: "ami-...") - **KeyName** (string) (example: "key") - **SubnetId** (string) (example: "subnet-...") - **Placement** (object) - **Tenancy** (string) (example: "default") - **GroupName** (string) (example: "") - **AvailabilityZone** (string) (example: "ca-central-1b") - **CpuOptions** (object) - **CoreCount** (integer) (example: 2) - **ThreadsPerCore** (integer) (example: 1) - **EnaSupport** (boolean) (example: true) - **Hypervisor** (string) (example: "xen") - **InstanceId** (string) (example: "i-...") - **LaunchTime** (string) (example: "2022-12-09 17:36:02+00:00") - **Monitoring** (object) - **State** (string) (example: "disabled") - **ClientToken** (string) (example: "") - **StateReason** (object) - **Code** (string) (example: "Client.UserInitiatedShutdown") - **Message** (string) (example: "Client.UserInitiatedShutdown: User initiated shutdown") - **Architecture** (string) (example: "x86_64") - **EbsOptimized** (boolean) (example: false) - **InstanceType** (string) (example: "t2.medium") - **ProductCodes** (array) - **PublicDnsName** (string) (example: "") - **AmiLaunchIndex** (integer) (example: 0) - **EnclaveOptions** (object) - **Enabled** (boolean) (example: false) - **PrivateDnsName** (string) (example: "ip-1-1-1-1.ca-central-1.compute.internal") - **RootDeviceName** (string) (example: "/dev/xvda") - **RootDeviceType** (string) (example: "ebs") - **SecurityGroups** (array (object)) Array items: - **GroupId** (string) (example: "sg-...") - **GroupName** (string) (example: "launch-wizard-5") - **UsageOperation** (string) (example: "RunInstances") - **MetadataOptions** (object) - **State** (string) (example: "applied") - **HttpTokens** (string) (example: "optional") - **HttpEndpoint** (string) (example: "enabled") - **HttpProtocolIpv6** (string) (example: "disabled") - **InstanceMetadataTags** (string) (example: "enabled") - **HttpPutResponseHopLimit** (integer) (example: 1) - **PlatformDetails** (string) (example: "Linux/UNIX") - **PublicIpAddress** (string) (example: "1.1.1.1") - **SourceDestCheck** (boolean) (example: true) - **PrivateIpAddress** (string) (example: "1.1.1.1") - **NetworkInterfaces** (array (object)) Array items: - **VpcId** (string) (example: "vpc-...") - **Groups** (array (object)) Array items: - **Status** (string) (example: "in-use") - **OwnerId** (string) (example: "...") - **SubnetId** (string) (example: "subnet-...") - **Attachment** (object) - **Status** (string) (example: "attached") - **AttachTime** (string) (example: "2022-01-10 21:43:59+00:00") - **DeviceIndex** (integer) (example: 0) - **AttachmentId** (string) (example: "eni-attach-...") - **NetworkCardIndex** (integer) (example: 0) - **DeleteOnTermination** (boolean) (example: true) - **MacAddress** (string) (example: "1:1:1:1:1") - **Description** (string) (example: "") - **InterfaceType** (string) (example: "interface") - **Ipv6Addresses** (array) - **PrivateDnsName** (string) (example: "ip-1-1-1-1.ca-central-1.compute.internal") - **SourceDestCheck** (boolean) (example: true) - **PrivateIpAddress** (string) (example: "1.1.1.1") - **NetworkInterfaceId** (string) (example: "eni-...") - **PrivateIpAddresses** (array (object)) Array items: - **Primary** (boolean) (example: true) - **PrivateDnsName** (string) (example: "ip-1-1-1-1.ca-central-1.compute.internal") - **PrivateIpAddress** (string) (example: "1.1.1.1") - **HibernationOptions** (object) - **Configured** (boolean) (example: false) - **MaintenanceOptions** (object) - **AutoRecovery** (string) (example: "default") - **VirtualizationType** (string) (example: "hvm") - **BlockDeviceMappings** (array (object)) Array items: - **Ebs** (object) - **Status** (string) (example: "attached") - **VolumeId** (string) (example: "vol-...") - **AttachTime** (string) (example: "2022-01-10 21:44:00+00:00") - **DeleteOnTermination** (boolean) (example: true) - **DeviceName** (string) (example: "/dev/xvda") - **PrivateDnsNameOptions** (object) - **HostnameType** (string) (example: "ip-name") - **EnableResourceNameDnsARecord** (boolean) (example: true) - **EnableResourceNameDnsAAAARecord** (boolean) (example: false) - **StateTransitionReason** (string) (example: "User initiated (2022-12-09 17:38:07 GMT)") - **UsageOperationUpdateTime** (string) (example: "2022-01-10 21:43:59+00:00") - **CapacityReservationSpecification** (object) - **CapacityReservationPreference** (string) (example: "open") - **metadata** (object) - **hash** (string) (example: "...") - **groups** (array) - **created** (string) (example: "2022-12-09 17:36:02+00:00") - **owner_id** (string) (example: "...") - **response_metadata** (object) - **RequestId** (string) (example: "...") - **HTTPHeaders** (object) - **date** (string) (example: "Fri, 09 Dec 2022 17:42:39 GMT") - **vary** (string) (example: "accept-encoding") - **server** (string) (example: "AmazonEC2") - **content-type** (string) (example: "text/xml;charset=UTF-8") - **cache-control** (string) (example: "no-cache, no-store") - **x-amzn-requestid** (string) (example: "...") - **transfer-encoding** (string) (example: "chunked") - **strict-transport-security** (string) (example: "max-age=31536000; includeSubDomains") - **RetryAttempts** (integer) (example: 0) - **HTTPStatusCode** (integer) (example: 200) #### 400 - 400 ### Example Usage ```bash curl -X GET "https://{insightcloudsecUrl}/v3/public/resources/{resource_id}/sources" ``` ``` -------------------------------- ### GET /cvm/resource/{resource_id_str}/vulnerabilities Source: https://docs.rapid7.com/_api/insightcloudsec-v3-api.yaml Get the list of vulnerabilities for a particular resource ```markdown ### Parameters - **resource_id_str** (string, path, required) - **order_by** (string,null, query, optional) - **page** (integer, query, optional) - **provide_ids** (boolean, query, optional) - **provide_counts** (boolean, query, optional) - **page_size** (integer, query, optional) - **search** (string, query, optional) ### Request Body **Content-Type:** application/json - **severities** (array,null) ### Responses #### 200 - OK **ListVulnerabilitiesResponse** - **data** (array (Vulnerability)) Array items: - **severity** (string) - **cvss_v2_vector** (string) - **source** (string) - **cvss_v2_score** (number) - **first_found** (string (date-time)) - **cvss_score** (number) - **cvss_v3_score** (number) - **uri** (string) - **has_exploits** (boolean) - **cve_id** (string) - **affected_packages** (integer) - **has_threats** (boolean) - **resource_count** (integer) - **vuln_meta** (object) - **title** (string) - **riskscore** (number) - **vulnerability_id** (string) - **last_seen** (string (date-time)) - **cvss_v3_vector** (string) - **total_count** (integer,null) - **ids** (array (unknown)) - **total_pages** (integer,null) - **page** (integer) - **page_size** (integer) ### Example Usage ```bash curl -X GET "https://{insightcloudsecUrl}/v3/cvm/resource/{resource_id_str}/vulnerabilities?order_by=value&page=1&provide_ids=false&provide_counts=true&page_size=25&search=string" \ -H "Content-Type: application/json" \ -d '{ "severities": "null" }' ``` ``` -------------------------------- ### POST /cvm/resource/vulnerabilities Source: https://docs.rapid7.com/_api/insightcloudsec-v3-api.yaml Get a list of resources with vulnerabilities and their associated data ```markdown ### Parameters - **order_by** (string,null, query, optional) - **page** (integer, query, optional) - **provide_ids** (boolean, query, optional) - **provide_counts** (boolean, query, optional) - **page_size** (integer, query, optional) - **search** (string, query, optional) ### Request Body **Content-Type:** application/json - **filtering** (object) - **form_name** (string (usc|usc_cloud|usc_application|threatfinding|hva|clusters|iac|iam_principals|iam_federated_users|applications|apa|summary|cvm_resources|cvm_packages|cvm_vulnerabilities|cvm_config|harvester_status|system_events|jit_profiles|jit_session_history|jit_approval_policy|jit_role_configs)) (required) ("usc"|"usc_cloud"|"usc_application"|"threatfinding"|"hva"|"clusters"|"iac"|"iam_principals"|"iam_federated_users"|"applications"|"apa"|"summary"|"cvm_resources"|"cvm_packages"|"cvm_vulnerabilities"|"cvm_config"|"harvester_status"|"system_events"|"jit_profiles"|"jit_session_history"|"jit_approval_policy"|"jit_role_configs") - **expr** (unknown) (required) ### Responses #### 200 - OK **ListResourcesResponse2** - **data** (array (HostAssessmentResource)) Array items: - **severity** (string) - **high_count** (integer) - **public_accessible** (boolean) - **organization_service_id** (integer) - **none_count** (integer) - **resource_type** (string) - **id** (integer) - **low_count** (integer) - **cloud** (string (AWS|AWS_GOV|AWS_CHINA|DO|GCE|AZURE_ARM|AZURE_GOV|AZURE_CHINA|OCI|K8S|K8S_R7|ALICLOUD)) ("AWS"|"AWS_GOV"|"AWS_CHINA"|"DO"|"GCE"|"AZURE_ARM"|"AZURE_GOV"|"AZURE_CHINA"|"OCI"|"K8S"|"K8S_R7"|"ALICLOUD") - **platform** (string) - **riskscore** (number) - **report_id** (string) - **image_id** (string) - **resource_name** (string) - **last_assessment** (string (date-time)) - **critical_count** (integer) - **assessment_info** (object) - **account** (string) - **medium_count** (integer) - **account_id** (string) - **total_count** (integer) - **resource_id** (string) - **total_count** (integer,null) - **ids** (array (unknown)) - **total_pages** (integer,null) - **page** (integer) - **page_size** (integer) ### Example Usage ```bash curl -X POST "https://{insightcloudsecUrl}/v3/cvm/resource/vulnerabilities?order_by=value&page=1&provide_ids=false&provide_counts=true&page_size=25&search=string" \ -H "Content-Type: application/json" \ -d '{ "filtering": "null" }' ``` ``` -------------------------------- ### GET /iam/iam-explorer/principals/{principal_resource_id}/list-actions Source: https://docs.rapid7.com/_api/insightcloudsec-v3-api.yaml List available actions for a given principal or resource. ```markdown ### Parameters - **principal_resource_id** (string, path, required): InsightCloudSec resource ID for the principal. - **service** (string, query, optional): Service to filter the allowed actions, e.g., `s3`, `kms`, etc. - **category** (string, query, optional): Category to filter the allowed actions. Options are: `read`, `write`, `list`, `tag`, and `perm`. - **entity_resource_id** (string, query, optional): Resource ID for the resource a principal is allowed to perform actions against. - **excluded** (string, query, optional): A JSON-encoded string containing objects composed of keys that are principal, group, organization unit, or account IDs and values are lists of policy IDs for policies attached to a given key. These will be ignored during analysis. ### Responses #### 200 - 200 - **value** (object) - **actions_count** (string) (example: "3") - **services_count** (string) (example: "2") - **allowed_actions** (array (object)) Array items: - **name** (string) (example: "getkeypolicy") - **service** (string) (example: "kms") - **category** (string) (example: "read") - **resources_count** (string) (example: "0") #### 400 - 400 #### 404 - 404 - **error_message** (string) (example: "Either the selected principal does not exist or is unsupported") - **error_type** (string) (example: "NotFound") ### Example Usage ```bash curl -X GET "https://{insightcloudsecUrl}/v3/iam/iam-explorer/principals/{principal_resource_id}/list-actions?service=string&category=string&entity_resource_id=string&excluded=string" ``` ``` -------------------------------- ### GET /lpa/principals/{principal_resource_id}/actions Source: https://docs.rapid7.com/_api/insightcloudsec-v3-api.yaml Lists the activity (policy/permission actions) for a given principal. ```markdown ### Parameters - **principal_resource_id** (string, path, required): The InsightCloudSec resource ID for the principal, e.g., `servicerole:123:0a123b45-01a2-01ab-a012-0a12b3bc456d:`. - **start** (string (date), query, required): The start date (in `YYYY-MM-DD` format) for the range in which to search for principal activity. - **end** (string (date), query, required): The end date (in `YYYY-MM-DD` format) for the range in which to search for principal activity. - **format** (string, query, optional): Output format for the activity list. - **source** (string, query, optional): Determines the location from which the principal's actions are collected. Options are: `sql` (retrieved from the MySQL cache) or `storage` (retrieved from Azure Storage or LPA Working Bucket (S3)). ### Responses #### 200 - 200 #### 400 - 400 ### Example Usage ```bash curl -X GET "https://{insightcloudsecUrl}/v3/lpa/principals/{principal_resource_id}/actions?start=2023-01-01&end=2023-01-01&format=json&source=sql" ``` ``` -------------------------------- ### POST /cvm/resource/{resource_id_str}/vulnerabilities Source: https://docs.rapid7.com/_api/insightcloudsec-v3-api.yaml Get the list of vulnerabilities for a particular resource ```markdown ### Parameters - **resource_id_str** (string, path, required) - **order_by** (string,null, query, optional) - **page** (integer, query, optional) - **provide_ids** (boolean, query, optional) - **provide_counts** (boolean, query, optional) - **page_size** (integer, query, optional) - **search** (string, query, optional) ### Request Body **Content-Type:** application/json - **severities** (array,null) ### Responses #### 200 - OK **ListVulnerabilitiesResponse** - **data** (array (Vulnerability)) Array items: - **severity** (string) - **cvss_v2_vector** (string) - **source** (string) - **cvss_v2_score** (number) - **first_found** (string (date-time)) - **cvss_score** (number) - **cvss_v3_score** (number) - **uri** (string) - **has_exploits** (boolean) - **cve_id** (string) - **affected_packages** (integer) - **has_threats** (boolean) - **resource_count** (integer) - **vuln_meta** (object) - **title** (string) - **riskscore** (number) - **vulnerability_id** (string) - **last_seen** (string (date-time)) - **cvss_v3_vector** (string) - **total_count** (integer,null) - **ids** (array (unknown)) - **total_pages** (integer,null) - **page** (integer) - **page_size** (integer) ### Example Usage ```bash curl -X POST "https://{insightcloudsecUrl}/v3/cvm/resource/{resource_id_str}/vulnerabilities?order_by=value&page=1&provide_ids=false&provide_counts=true&page_size=25&search=string" \ -H "Content-Type: application/json" \ -d '{ "severities": "null" }' ``` ``` -------------------------------- ### GET /lpa/principals/{principal_resource_id}/permissions Source: https://docs.rapid7.com/_api/insightcloudsec-v3-api.yaml Lists used and unused permissions based on a given principal. ```markdown ### Parameters - **principal_resource_id** (string, path, required): The InsightCloudSec Resource ID for a principal. - **start** (string (date), query, optional): The start date for the collection window of used and unused permissions. Use in conjunction with `end`. Takes precedence over `previous_days`. - **end** (string (date), query, optional): The end date for the collection window of used and unused permissions. Use in conjunction with `start`. Takes precedence over `previous_days`. - **filter_by** (string, query, optional): Key to filter by; paired with `filter`. Options are: `permission` or `status`. - **filter** (string, query, optional): Value to filter by; paired with `filter_by`. - **order_by** (string, query, optional): Key to order by; paired with `order`. Options are: `permission` or `status`. - **order** (string, query, optional): Direction to order; paired with `order_by`. Options are: `asc` (ascending) or `desc` (descending). - **page** (integer (int32), query, optional): The page number for the list of results to return. Must be positive. - **page_size** (integer (int32), query, optional): The size of the page for the list of results. Must be positive. - **previous_days** (integer (int32), query, optional): The previous *n* number of days of the request date range, where *n* can be an integer between 1 and 90. ### Responses #### 200 - 200 - **end** (string) (example: "2023-01-09") - **page** (integer) (example: 1) - **permissions** (array (object)) Array items: - **action** (string) (example: "access-analyzer.ListPolicyGenerations") - **category** (string) (example: "read") - **count** (integer) (example: 3) - **last_executed_date** (string) (example: "2023-01-09T21:10:09") - **permission** (string) (example: "access-analyzer:listpolicygenerations") - **status** (string) (example: "Used") - **principal** (object) - **name** (string) (example: "ssoUser") - **resource_id** (string) (example: "servicerole:**:****************:") - **resource_type** (string) (example: "servicerole") - **start** (string) (example: "2023-01-02") - **total_pages** (integer) (example: 1) - **warnings** (object) - **An API method could not be found for the following actions:** (array (string)) #### 400 - 400 ### Example Usage ```bash curl -X GET "https://{insightcloudsecUrl}/v3/lpa/principals/{principal_resource_id}/permissions?start=2023-01-01&end=2023-01-01&filter_by=string&filter=string&order_by=string&order=string&page=0&page_size=0&previous_days=0" ``` ``` -------------------------------- ### Schema: Package1 Source: https://docs.rapid7.com/_api/insightcloudsec-v3-api.yaml Schema definition for Package1 ```markdown ## Schema: Package1 Schema definition for Package1 **Type:** object - **name** (string) - **version** (string) ``` -------------------------------- ### GET /sensitivedata/classifications/resources/{resource_id} Source: https://docs.rapid7.com/_api/insightcloudsec-v3-api.yaml Gets details about sensitive data classifications related to a specific resource ```markdown ### Parameters - **resource_id** (string, path, required) ### Responses #### 200 - OK - **count** (integer,null) (required) - **last_harvest_time** (string,null) (required) - **last_harvest_time_source** (string,null) (required) - **max_severity** (string,null) (required) - **max_severity_sources** (array (string)) (required) - **unique_classifications_count** (integer,null) (required) - **categories** (array (object)) (required) Array items: - **count** (integer,null) (required) - **name** (string) (required) - **max_severity** (string) (required) - **sources** (array (string)) (required) - **source_providers** (array (string)) (required) - **classifications** (array (object)) (required) Array items: - **count** (integer,null) (required) - **name** (string) (required) - **severity** (string) (required) - **source_provider** (string) (required) - **resource_id** (string) (required) ### Example Usage ```bash curl -X GET "https://{insightcloudsecUrl}/v3/sensitivedata/classifications/resources/{resource_id}" ``` ``` -------------------------------- ### POST /iam/iam-explorer/actions-per-service Source: https://docs.rapid7.com/_api/insightcloudsec-v3-api.yaml Lists the actions available per given service. ```markdown ### Request Body **Content-Type:** application/json - **scope** (array (object)): The scope for the operation. Array items: - **id** (string): The InsightCloudSec resource ID for the given type. - **type** (string): The type of service. Options are: `USER`, `APPLICATION`, or `RESOURCE`. *Note: If the type is `USER` and the ID is associated with a federated user, an error will be returned.* ### Responses #### 200 - 200 #### 400 - 400 ### Example Usage ```bash curl -X POST "https://{insightcloudsecUrl}/v3/iam/iam-explorer/actions-per-service" \ -H "Content-Type: application/json" \ -d '{ "scope": [ { "id": "string", "type": "string" } ] }' ``` ``` -------------------------------- ### POST /public/resource/etl-query Source: https://docs.rapid7.com/_api/insightcloudsec-v3-api.yaml Query for resources using pagination. This endpoint is the successor to the standard v3 query resources endpoint. This endpoint is faster overall than the standard v3 query resources endpoint and should be used for maximum efficiency. *Note: Requires Domain Admin, Organization Admin, or Basic User with "View Resource" permissions.* ```markdown ### Request Body **Content-Type:** application/json - **badges** (array (object)): The key-value pairs for badges. Array items: - **key** (string) (required): The badge key. - **value** (string) (required): The badge value. - **badge_filter_operator** (string): Operator for evaluating multiple badges. Options are: "OR" or "AND". - **filters** (array (object)): The name and configuration for a filter. Array items: - **name** (string) (required): The name of the filter. Use the [Get Filter Registry](https://docs.divvycloud.com/reference#get-filter-registry) endpoint to obtain a filter's name. - **config** (object): The configuration for the filter, which varies from filter to filter. Use the [Get Filter Registry](https://docs.divvycloud.com/reference#get-filter-registry) endpoint to obtain a filter's configuration. - **insight** (string): A union of the Insight's pack type and ID: `pack-type:insight-id` - **limit** (integer (int32)) (required): The maximum number of resources returned if `selected_resource_type` is provided and resources match the provided criteria. The value can be between 1 and 1000. - **offset** (integer (int32)): The number of entries to skip over before returning anything. It is *highly* recommended that `cursor` be used instead. - **scopes** (array (string)): A list of the Cloud Organization Resource ID(s) and/or Resource Group ID(s) to which to scope the query. Use the [List Clouds](https://docs.divvycloud.com/reference#list-clouds) endpoint to obtain Cloud Organization resource ID(s); use the [List Resource Group Associations endpoint](https://docs.divvycloud.com/reference#get-resource-associations) to obtain resource group ID(s). - **selected_resource_type** (string): The resource type that will be used to populate the response object. If no type is provided, counts of all resource types (in the user's current InsightCloudSec Organization) will be returned. - **tags** (array (string)): A list of tag names. - **cursor** (string): The hash value for the next page of results. This value can be obtained from the `next_cursor` parameter in the response object if there are more results that match a successful request. This process can be repeated until the `next_cursor` response parameter is null. ### Responses #### 200 - 200 ### Example Usage ```bash curl -X POST "https://{insightcloudsecUrl}/v3/public/resource/etl-query" \ -H "Content-Type: application/json" \ -d '{ "badges": [ { "key": "string", "value": "string" } ], "badge_filter_operator": "OR", "filters": [ { "name": "string", "config": "value" } ], "insight": "string", "limit": "0", "offset": "0", "scopes": [ "string" ], "selected_resource_type": "string", "tags": [ "string" ], "cursor": "string" }' ``` ``` -------------------------------- ### POST /public/resource/query Source: https://docs.rapid7.com/_api/insightcloudsec-v3-api.yaml Query for resources using pagination. *Requires Domain Admin, Organization Admin, or Basic User with "View Resource" permissions.* ```markdown ### Request Body **Content-Type:** application/json - **badges** (array (object)): The key-value pairs for badges. Array items: - **key** (string) (required): The badge key. - **value** (string) (required): The badge value. - **badge_filter_operator** (string): Operator for evaluating multiple badges. Options are: "OR" or "AND". - **filters** (array (object)): The name and configuration for a filter. Array items: - **name** (string) (required): The name of the filter. Use the [Get Filter Registry](https://docs.divvycloud.com/reference#get-filter-registry) endpoint to obtain a filter's name. - **config** (object): The configuration for the filter, which varies from filter to filter. Use the [Get Filter Registry](https://docs.divvycloud.com/reference#get-filter-registry) endpoint to obtain a filter's configuration. - **insight** (string): A union of the Insight's pack type and ID: `pack-type:insight-id` - **limit** (integer (int32)) (required): The maximum number of resources returned if `selected_resource_type` is provided and resources match the provided criteria. The value can be between 1 and 1000. - **offset** (integer (int32)): The number of entries to skip over before returning anything. It is *highly* recommended that `cursor` be used instead. - **scopes** (array (string)): A list of the Cloud Organization Resource ID(s) and/or Resource Group ID(s) to which to scope the query. Use the [List Clouds](https://docs.divvycloud.com/reference#list-clouds) endpoint to obtain Cloud Organization resource ID(s); use the [List Resource Group Associations endpoint](https://docs.divvycloud.com/reference#get-resource-associations) to obtain resource group ID(s). - **selected_resource_type** (string): The resource type that will be used to populate the response object. If no type is provided, counts of all resource types (in the user's current InsightCloudSec Organization) will be returned. - **tags** (array (string)): A list of tag names. - **cursor** (string): The hash value for the next page of results. This value can be obtained from the `next_cursor` parameter in the response object if there are more results that match a successful request. This process can be repeated until the `next_cursor` response parameter is null. ### Responses #### 200 - 200 ### Example Usage ```bash curl -X POST "https://{insightcloudsecUrl}/v3/public/resource/query" \ -H "Content-Type: application/json" \ -d '{ "badges": [ { "key": "string", "value": "string" } ], "badge_filter_operator": "OR", "filters": [ { "name": "string", "config": "value" } ], "insight": "string", "limit": "0", "offset": "0", "scopes": [ "string" ], "selected_resource_type": "string", "tags": [ "string" ], "cursor": "string" }' ``` ``` -------------------------------- ### GET /iac/scans Source: https://docs.rapid7.com/_api/insightcloudsec-v3-api.yaml Retrieves the results for all completed IaC scans ```markdown ### Responses #### 200 - OK - All scan results retrieved **getAllIacScanResults200** ### Example Usage ```bash curl -X GET "https://{insightcloudsecUrl}/v3/iac/scans" ``` ```