Cloud Conformity API
The Cloud Conformity API allows you to programmatically interact with Cloud Conformity
The table below lists the Cloud Conformity API endpoints:
|Europe (Ireland - eu-west-1)||
|Australia (Sydney - ap-southeast-2)||
|US (Oregon - us-west-2)||
This early API is subject to change. Cloud Conformity will use commercially reasonable efforts to support the previous version of the API. The API is provided on an ‘AS IS’ and ‘WHEN AVAILABLE’ basis. Cloud Conformity has no liability to user as a result of any change to the API.
Generating an API Key
All requests to Cloud Conformity's API must be authenticated. An API key is a secure 64-bit strong key randomly generated by Cloud Conformity on behalf of a user. To generate an API Key, navigate to User settings > API Keys and click on New API Key to generate your API key.
Your new API Key will be generated and can be downloaded as shown in the following screenshot:
When you create an API key, Cloud Conformity gives you an opportunity to copy and download the key only once. If you don't download it or if you lose it, you can delete the API key and then create a new one.
You can have a maximum of two API keys (active or inactive) at a time
A newly created API key has the status of enable meaning that you can use the key for API calls. You can have up to two API keys for your Cloud Conformity account at a time, which is useful when you want to rotate the API keys. When you disable an API key, you can't use it for API calls.
When using API keys:
- Rotate API keys periodically
- Remove unused API keys
All requests to Cloud Conformity's API must be authenticated. Add an Authorization header with the ‘APIKey’, and your 64-bit key:
Success And Errors
The Cloud Conformity API uses HTTP status codes to indicate the success or failure of a request. An error indicates that the API did not successfully handle your request. In addition to the status code, the response may contain additional information about problems encountered while performing an operation.
204 No Content
301 Moved Permanently
304 Not Modified
400 Bad Request
404 Not Found
422 Unprocessable Entity
500 Internal Server Error
When getting 401 and 403 errors, double check that you have the correct privileges. For example, if you have Read-Only access to an account, you can perform read calls such as pulling a list of existing checks from the
GET /checksendpoint. However, you cannot perform write calls such as requesting a conformity bot run from the
There are two parameters to configure pagination:
||Indicates the number of results that should be returned. Maximum value is 1000 and defaults to 100 if not specified|
||Indicates the page number, defaults to 0|
Below is a list of the available APIs:
- API Keys
- External Ids
- Report Configs
- Rule Settings
- Rule Setting types
- Template Scanner
API Request Timeout
The timeout for API requests has a hard limit of 30 seconds.
If you have questions or issues using the Cloud Conformity API, please contact us at firstname.lastname@example.org
Protect, Detect, Correct. The most complete solution to avoid critical threats and vulnerabilities in your AWS environments. Awarded both AWS Cloud Management Tools Competency and Security Partner Competency, Cloud Conformity’s security and optimization platform delivers continuous assurance that your infrastructure is risk-free and compliant as your cloud presence grows.