View Cloud Provider Inventory
View Cloud Provider Inventory
Use this endpoint to get an inventory of your cloud provider assets. These parameters correlate with the filters on the Cloud Infrastructure Inventory page: As of, Resource Category, Account Name, Cloud Provider, Region, and Resource Name.
Request Endpoint
https://<tenant-URL>/api/v1/public_cloud/inventory
All parameters are optional:
Key | Value | Description |
---|---|---|
format | string: json | flatten | Response format default is JSON. |
account_name | URL-encoded string | The Iaas platform provider account name. |
cloud_provider | azure | aws | googlecloud | The IaaS platform provider. |
resource_category | Examples: Compute | Database | Network | Role | Storage | Messaging For a complete list of supported resource categories, see | The resource category set by Netskope per account resource. Default is all resource categories. |
resource_type | Examples: EC2instance | Lambda | Image | Volume For a complete list of supported resource types, see | One or more resource category types. Separate types with the pipe ‘|’ character. |
resource_name | URL-encoded string | The IaaS instance name. |
tag_name | URL-encoded string | The tag name set in the Iaas platform provider account resource. Must also supply tag value. |
tag_value | URL-encoded string | The tag value set in the Iaas platform provider account resource. Must also supply tag name. |
as_of | Integer | Epoch time of results at that time. Default is the time of the request when not supplied, and is GMT time. |
limit | integer | REST API responses can return up to 10000 items in a single response. You can use pagination to retrieve more results. |
skip | Positive integer | Skip over some of the items (useful for pagination in combination with limit ). |
region | For Azure, some possible values are:
For AWS, possible values are:
For Google Cloud, some possible values are:
| The location reference |
Response
// JSON format { "status": "success", "msg": "", "data": [ { "TrustedIdentities": "lambda.amazonaws.com", "own": "", "region_id": "", "account_name": "demo_1234", "region_name": "global", "asset_id": "demo-iam-1-2-3", "appname": "AWS", "Description": "Allows Lambda functions to call AWS services on your behalf.", "deletion_time": 0, "first_seen_time": 1569430257.14, "asset_type": "Role", "instance": "demo_1234", "metadata": { "TrustedIdentities": [ "lambda.amazonaws.com" ], "AssumeRolePolicy": { "Version": "2019-10-17", "Statement": [ { "Action": "sts:AssumeRole", "SID": null, "Conditions": [], "Effect": "Allow", "Principal": { "AWS": null, "Federated": null, "Service": [ "lambda.amazonaws.com" ] } } ] }, "Description": "Allows Lambda functions to call AWS services on your behalf.", "InstanceProfile": [], "Policies": { "Inline": [], "Managed": [ { "id": "arn:aws:iam::aws:policy/IAMFullAccess" }, { "id": "arn:aws:iam::aws:policy/AdministratorAccess" }, { "id": "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" } ] }, "CreationDate": 1563988648 }, "account_id": "1234567890", "tags": [], "alerts": { "count_medium": 0, "total_count": 0, "count_critical": 0, "count_high": 0, "count_low": 0 }, "has_policy": true, "asset_name": "demo-iam-1-2-3", "asset_category": "Identity", "entity_type": "IAMRole", "last_updated_time": 1569430257.14, "CreationDate": 1563988648 }, ...
Response
// Flattened format { "status": "success", "msg": "", "data": [ { "TrustedIdentities": "lambda.amazonaws.com", "own": "", "region_id": "", "account_name": "demo_1234", "region_name": "global", "asset_id": "demo-iam-1-2-3", "appname": "AWS", "Description": "Allows Lambda functions to call AWS services on your behalf.", "deletion_time": 0, "first_seen_time": 1569430257.14, "asset_type": "Role", "instance": "demo_1234", "metadata.TrustedIdentities.0": "lambda.amazonaws.com", "metadata.AssumeRolePolicy.Version": "2012-10-17", "metadata.AssumeRolePolicy.Statement.0.Action": "sts:AssumeRole", "metadata.AssumeRolePolicy.Statement.0.SID": null, "metadata.AssumeRolePolicy.Statement.0.Effect": "Allow", "metadata.AssumeRolePolicy.Statement.0.Principal.AWS": null, "metadata.AssumeRolePolicy.Statement.0.Principal.Federated": null, "metadata.AssumeRolePolicy.Statement.0.Principal.Service.0": "lambda.amazonaws.com", "metadata.Description": "Allows Lambda functions to call AWS services on your behalf.", "metadata.Policies.Managed.0.id": "arn:aws:iam::aws:policy/IAMFullAccess", "metadata.Policies.Managed.1.id": "arn:aws:iam::aws:policy/AdministratorAccess", "metadata.Policies.Managed.2.id": "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", "metadata.CreationDate": 1563988648, "account_id": "1234567890", "alerts.count_medium": 0, "alerts.total_count": 0, "alerts.count_critical": 0, "alerts.count_high": 0, "alerts.count_low": 0, "has_policy": true, "asset_name": "demo-iam-1-2-3", "asset_category": "Identity", "entity_type": "IAMRole", "last_updated_time": 1569430257.14, "CreationDate": 1563988648 }, ...