Start a CSA Scan
Start a CSA Scan
This endpoint starts a Cloud Security Assessment (CSA) scan according to a policy. CSA scans IaaS accounts for compliance violations, and then displays the non-compliant rules and resources associated with those accounts. To see the scan results, go to Cloud Infrastructure > Compliance in the Netskope UI.
Also, use the scan_id hash value returned for getting a CSA scan status. Refer to Get a CSA Scan Status.
Request
GET https://<tenant-URL>/api/v1/csa_scan?token=<token>&op=start&name=<policy_name>&scan_start_by=<name>
Valid parameters are:
| Key | Value | Description |
|---|---|---|
op | start | Starts the scan. |
name | <policy_name> Example: "MYCSA_POLICY" | Required. The Security Assessment policy name in the Netskope UI. |
scan_start_by | Name of the user starting the scan. | Required for scan start. Cannot be empty string. |
Example Request and Response
curl -X GET https://<tenant-URL>/api/v1/csa_scan?token=<token>&op=start&name=<policy_name>&scan_start_by=<name>
{
"status": "success",
"msg": "Policy scan has been submitted",
"data {
"scan_id": "2e528976d8c01e115d8943519ab7b0f043ead317",
"data": []
}
}
// Success Response
{
"status": "success",
"msg": "Policy scan has been submitted",
"data": []
}
// Error Response for Invalid Policy Name
{
"status": "error",
"errorCode": "General Error",
"errors": [
"A deployed policy by this name does not exist."
]
}
// Error Response for Expired Token
{
"status": "error",
"errorCode": "Authorization Error",
"errors": [
"Invalid REST API Token. Please contact administrator"
]
}
// Error Response for invalid operator
{
"status": "error",
"errorCode": "General Error",
"errors": [
"Invalid op start_end."
]
}
