View Cloud Provider Inventory

Use this endpoint to get an inventory of your cloud provider assets. These parameters correlate with the filters on the Cloud Infrastructure Inventory page: As of, Resource Category, Account Name, Cloud Provider, Region, and Resource Name.

Request Endpoint

https://<tenant-URL>/api/v1/public_cloud/inventory

All parameters are optional:

Key	Value	Description
`format`	string: `json \| flatten`	Response format default is JSON.
`account_name`	URL-encoded string	The Iaas platform provider account name.
`cloud_provider`	`azure \| aws \| googlecloud`	The IaaS platform provider.
`resource_category`	Examples: `Compute \| Database \| Network \| Role \| Storage \| Messaging` For a complete list of supported resource categories, see AWS Entities Azure Entities Google Cloud Entities	The resource category set by Netskope per account resource. Default is all resource categories.
`resource_type`	Examples: `EC2instance \| Lambda \| Image \| Volume` For a complete list of supported resource types, see AWS Entities Azure Entities Google Cloud Entities	One or more resource category types. Separate types with the pipe ‘\|’ character.
`resource_name`	URL-encoded string	The IaaS instance name.
`tag_name`	URL-encoded string	The tag name set in the Iaas platform provider account resource. Must also supply tag value.
`tag_value`	URL-encoded string	The tag value set in the Iaas platform provider account resource. Must also supply tag name.
`as_of`	Integer	Epoch time of results at that time. Default is the time of the request when not supplied, and is GMT time.
`limit`	integer	REST API responses can return up to 10000 items in a single response. You can use pagination to retrieve more results.
`skip`	Positive integer	Skip over some of the items (useful for pagination in combination with `limit`).
`region`	For Azure, some possible values are: `all` `global` `eastus` `northcentralus` `westus` `centralindia` `centralus` `australiacentral` For AWS, possible values are: `global` `ap-south-1` `ap-northeast-2` `ap-southeast-1` `ap-southeast-2` `ap-northeast-1` `ca-central-1` `eu-central-1` `eu-west-1` `eu-west-2` `eu-west-3` `eu-north-1` `me-south-1` `us-east-1` `us-east-2` `us-west-1` `us-west-2` For Google Cloud, some possible values are: `asia-east1` `asia-east2` `asia-northeast1` `asia-southeast1` `asia-south1` `europe-north1` `europe-west1` `europe-west2` `europe-west3` `europe-west4` `northamerica-northeast1` `southamerica-east1` `us-central1` `us-east1` `us-east4` `us-west1` `us-west2`	The location reference

Response

// JSON format
{
    "status": "success",
    "msg": "",
    "data": [
        {
            "TrustedIdentities": "lambda.amazonaws.com",
            "own": "",
            "region_id": "",
            "account_name": "demo_1234",
            "region_name": "global",
            "asset_id": "demo-iam-1-2-3",
            "appname": "AWS",
            "Description": "Allows Lambda functions to call AWS services on your behalf.",
            "deletion_time": 0,
            "first_seen_time": 1569430257.14,
            "asset_type": "Role",
            "instance": "demo_1234",
            "metadata": {
                "TrustedIdentities": [
                    "lambda.amazonaws.com"
                ],
                "AssumeRolePolicy": {
                    "Version": "2019-10-17",
                    "Statement": [
                        {
                            "Action": "sts:AssumeRole",
                            "SID": null,
                            "Conditions": [],
                            "Effect": "Allow",
                            "Principal": {
                                "AWS": null,
                                "Federated": null,
                                "Service": [
                                    "lambda.amazonaws.com"
                                ]
                            }
                        }
                    ]
                },
                "Description": "Allows Lambda functions to call AWS services on your behalf.",
                "InstanceProfile": [],
                "Policies": {
                    "Inline": [],
                    "Managed": [
                        {
                            "id": "arn:aws:iam::aws:policy/IAMFullAccess"
                        },
                        {
                            "id": "arn:aws:iam::aws:policy/AdministratorAccess"
                        },
                        {
                            "id": "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
                        }
                    ]
                },
                "CreationDate": 1563988648
            },
            "account_id": "1234567890",
            "tags": [],
            "alerts": {
                "count_medium": 0,
                "total_count": 0,
                "count_critical": 0,
                "count_high": 0,
                "count_low": 0
            },
            "has_policy": true,
            "asset_name": "demo-iam-1-2-3",
            "asset_category": "Identity",
            "entity_type": "IAMRole",
            "last_updated_time": 1569430257.14,
            "CreationDate": 1563988648
        },
...

Response

// Flattened format
{
    "status": "success",
    "msg": "",
    "data": [
        {
            "TrustedIdentities": "lambda.amazonaws.com",
            "own": "",
            "region_id": "",
            "account_name": "demo_1234",
            "region_name": "global",
            "asset_id": "demo-iam-1-2-3",
            "appname": "AWS",
            "Description": "Allows Lambda functions to call AWS services on your behalf.",
            "deletion_time": 0,
            "first_seen_time": 1569430257.14,
            "asset_type": "Role",
            "instance": "demo_1234",
            "metadata.TrustedIdentities.0": "lambda.amazonaws.com",
            "metadata.AssumeRolePolicy.Version": "2012-10-17",
            "metadata.AssumeRolePolicy.Statement.0.Action": "sts:AssumeRole",
            "metadata.AssumeRolePolicy.Statement.0.SID": null,
            "metadata.AssumeRolePolicy.Statement.0.Effect": "Allow",
            "metadata.AssumeRolePolicy.Statement.0.Principal.AWS": null,
            "metadata.AssumeRolePolicy.Statement.0.Principal.Federated": null,
            "metadata.AssumeRolePolicy.Statement.0.Principal.Service.0": "lambda.amazonaws.com",
            "metadata.Description": "Allows Lambda functions to call AWS services on your behalf.",
            "metadata.Policies.Managed.0.id": "arn:aws:iam::aws:policy/IAMFullAccess",
            "metadata.Policies.Managed.1.id": "arn:aws:iam::aws:policy/AdministratorAccess",
            "metadata.Policies.Managed.2.id": "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole",
            "metadata.CreationDate": 1563988648,
            "account_id": "1234567890",
            "alerts.count_medium": 0,
            "alerts.total_count": 0,
            "alerts.count_critical": 0,
            "alerts.count_high": 0,
            "alerts.count_low": 0,
            "has_policy": true,
            "asset_name": "demo-iam-1-2-3",
            "asset_category": "Identity",
            "entity_type": "IAMRole",
            "last_updated_time": 1569430257.14,
            "CreationDate": 1563988648
        },
...

View Cloud Provider Inventory

View Cloud Provider Inventory

Request Endpoint

Response

Response

View Cloud Provider Inventory

In this topic ...