In this article
- Importing a cloud formation or terraform file through the API
Required permissions
- API_ACCESS (to access the API)
- PRODUCT_CREATE (to create project via the API)
- SYTEM_SETTINGS_UPDATE (to enable the API)
Instructions
Enabling the API
- Navigate to the control panel icon in the top right hand side of the interface
- Select settings
- Expand the API blade and toggle on the API.
Generating an API token for your user account
- Select your user profile in the top right hand side of the user user interface
- Select user profile from the dropdown
- Select "Generate API token"
- Once this token has been generated, it cannot be viewed again. This token should be stored safely in a password vault or an external secret management tool.
API Endpoints
As of v1.16 of the IriusRisk API, the following endpoints are available for Terraform and Cloud Formation. Updated API documentation can be found at Swagger Hub.
Terraform
- POST {{baseUrl}}/api/v1/products/terraform
- PUT {{baseUrl}}/api/v1/products/terraform/:product-id
Cloud Formation
- POST {{baseUrl}}/api/v1/products/cloudformation
- PUT {{baseUrl}}/api/v1/products/cloudformation/:product-id
File Formats and Python Syntax
Mapping File:
Each file will need to have a corresponding mapping file that is sent to the API which provides the necessary relationship between the CF/TF component and the IriusRisk component and associated risk pattern when the rules engine runs the first time. This mapping file should be either JSON or Yaml format.
Python Syntax:
import requests
api_endpoint = "YOUR_BASE_URL_HERE"
api_token = "YOUR_API_KEY_HERE"
api_endpointTF = "/api/v1/products/terraform"
api_endpoint2 = api_endpoint+api_endpointTF
headers = {
'api-token': (api_token)
}
files=[
('tf-file',('elb.tf',open('elb.tf','rb'),'application/octet-stream')),
('mapping-file',('iriusrisk-tf-aws-mapping.yaml',open('iriusrisk-tf-aws-mapping.yaml','rb'),'text/yaml'))
]
data = {
'product-id': 'testingterra2',
'name': 'testingterra2'
}
response = requests.post(api_endpoint2, headers=headers, files=files, data=data)
print (response)
print (response.text)
This should return the following text.
<Response [201]>
{"ref":"testingterra2","name":"testingterra2","revision":"1","type":"STANDARD","status":"OPEN","priority":"0","tags":null,"workflowState":"new","udts":[],"groups":null,"users":null}
Example files for testing this import for both Cloud Formation and Terraform can be found on the IriusRisk Start Left GitHub Page.
Comments
0 comments
Article is closed for comments.