Netskope Help

View Cloud Provider Inventory

Use this endpoint to get an inventory of your cloud provider assets. These parameters correlate with the filters on the Cloud Infrastructure Inventory page: As of, Resource Category, Account Name, Cloud Provider, Region, and Resource Name.

Request Endpoint
https://<tenant-name>.goskope.com/api/v1/public_cloud/inventory

All parameters are optional:

Key

Value

Description

format

string: json | flatten

Response format default is JSON.

account_name

URL-encoded string

The Iaas platform provider account name.

cloud_provider

azure | aws | googlecloud

The IaaS platform provider.

resource_category

Examples: Compute | Database | Network | Role | Storage | Messaging

For a complete list of supported resource categories, see

The resource category set by Netskope per account resource. Default is all resource categories.

resource_type

Examples: EC2instance | Lambda | Image | Volume

For a complete list of supported resource types, see

One or more resource category types. Separate types with the pipe '|' character.

resource_name

URL-encoded string

The IaaS instance name.

tag_name

URL-encoded string

The tag name set in the Iaas platform provider account resource. Must also supply tag value.

tag_value

URL-encoded string

The tag value set in the Iaas platform provider account resource. Must also supply tag name.

as_of

Integer

Epoch time of results at that time. Default is the time of the request when not supplied, and is GMT time.

limit

integer

REST API responses can return up to 10000 items in a single response. You can use pagination to retrieve more results.

skip

Positive integer

Skip over some of the items (useful for pagination in combination with limit).

region

For Azure, some possible values are:

  • all

  • global

  • eastus

  • northcentralus

  • westus

  • centralindia

  • centralus

  • australiacentral

For AWS, possible values are: 

  • global

  • ap-south-1

  • ap-northeast-2

  • ap-southeast-1

  • ap-southeast-2

  • ap-northeast-1

  • ca-central-1

  • eu-central-1

  • eu-west-1

  • eu-west-2

  • eu-west-3

  • eu-north-1

  • me-south-1

  • us-east-1

  • us-east-2

  • us-west-1

  • us-west-2

For Google Cloud, some possible values are:

  • asia-east1

  • asia-east2

  • asia-northeast1

  • asia-southeast1

  • asia-south1

  • europe-north1

  • europe-west1

  • europe-west2

  • europe-west3

  • europe-west4

  • northamerica-northeast1

  • southamerica-east1

  • us-central1

  • us-east1

  • us-east4

  • us-west1

  • us-west2

The location reference

JSON Response
// JSON format
{
    "status": "success",
    "msg": "",
    "data": [
        {
            "TrustedIdentities": "lambda.amazonaws.com",
            "own": "",
            "region_id": "",
            "account_name": "demo_1234",
            "region_name": "global",
            "asset_id": "demo-iam-1-2-3",
            "appname": "AWS",
            "Description": "Allows Lambda functions to call AWS services on your behalf.",
            "deletion_time": 0,
            "first_seen_time": 1569430257.14,
            "asset_type": "Role",
            "instance": "demo_1234",
            "metadata": {
                "TrustedIdentities": [
                    "lambda.amazonaws.com"
                ],
                "AssumeRolePolicy": {
                    "Version": "2019-10-17",
                    "Statement": [
                        {
                            "Action": "sts:AssumeRole",
                            "SID": null,
                            "Conditions": [],
                            "Effect": "Allow",
                            "Principal": {
                                "AWS": null,
                                "Federated": null,
                                "Service": [
                                    "lambda.amazonaws.com"
                                ]
                            }
                        }
                    ]
                },
                "Description": "Allows Lambda functions to call AWS services on your behalf.",
                "InstanceProfile": [],
                "Policies": {
                    "Inline": [],
                    "Managed": [
                        {
                            "id": "arn:aws:iam::aws:policy/IAMFullAccess"
                        },
                        {
                            "id": "arn:aws:iam::aws:policy/AdministratorAccess"
                        },
                        {
                            "id": "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
                        }
                    ]
                },
                "CreationDate": 1563988648
            },
            "account_id": "1234567890",
            "tags": [],
            "alerts": {
                "count_medium": 0,
                "total_count": 0,
                "count_critical": 0,
                "count_high": 0,
                "count_low": 0
            },
            "has_policy": true,
            "asset_name": "demo-iam-1-2-3",
            "asset_category": "Identity",
            "entity_type": "IAMRole",
            "last_updated_time": 1569430257.14,
            "CreationDate": 1563988648
        },
...
flatten Response
// Flattened format
{
    "status": "success",
    "msg": "",
    "data": [
        {
            "TrustedIdentities": "lambda.amazonaws.com",
            "own": "",
            "region_id": "",
            "account_name": "demo_1234",
            "region_name": "global",
            "asset_id": "demo-iam-1-2-3",
            "appname": "AWS",
            "Description": "Allows Lambda functions to call AWS services on your behalf.",
            "deletion_time": 0,
            "first_seen_time": 1569430257.14,
            "asset_type": "Role",
            "instance": "demo_1234",
            "metadata.TrustedIdentities.0": "lambda.amazonaws.com",
            "metadata.AssumeRolePolicy.Version": "2012-10-17",
            "metadata.AssumeRolePolicy.Statement.0.Action": "sts:AssumeRole",
            "metadata.AssumeRolePolicy.Statement.0.SID": null,
            "metadata.AssumeRolePolicy.Statement.0.Effect": "Allow",
            "metadata.AssumeRolePolicy.Statement.0.Principal.AWS": null,
            "metadata.AssumeRolePolicy.Statement.0.Principal.Federated": null,
            "metadata.AssumeRolePolicy.Statement.0.Principal.Service.0": "lambda.amazonaws.com",
            "metadata.Description": "Allows Lambda functions to call AWS services on your behalf.",
            "metadata.Policies.Managed.0.id": "arn:aws:iam::aws:policy/IAMFullAccess",
            "metadata.Policies.Managed.1.id": "arn:aws:iam::aws:policy/AdministratorAccess",
            "metadata.Policies.Managed.2.id": "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole",
            "metadata.CreationDate": 1563988648,
            "account_id": "1234567890",
            "alerts.count_medium": 0,
            "alerts.total_count": 0,
            "alerts.count_critical": 0,
            "alerts.count_high": 0,
            "alerts.count_low": 0,
            "has_policy": true,
            "asset_name": "demo-iam-1-2-3",
            "asset_category": "Identity",
            "entity_type": "IAMRole",
            "last_updated_time": 1569430257.14,
            "CreationDate": 1563988648
        },
...