API Documentation (AWS)
Pre-requisite
IAM User with API Access
- Create a user if not already existing
- Attach policy that grants required permission (you can either provide administrator
for all access or assign policies specific to the reuirement)
- A new policy can also be created with the required permissions as shown in the
following screenshots
� - Once the user is created, save the Access Key ID and Secret Access Key securely.
This will be used to authenticate the subsequent requests
2
�AWS API Configuration and Test
We will execute the request in POSTMAN to verify the API which fetch all databases
(resources) on AWS. This example demonstrates the usage of RDS api.
Create new API request
- Create new POST request in POSTMAN and use the following endpoint
https://rds.<your region here>.amazonaws.com
- Add the following key values in header
- Add body with the following action (to fetch DB Instances)
Action=DescribeDBInstances&Version=2014-10-31
3
�Configure Authentication in Postman
- On the authorization tab, select AWS Signature as Auth Type and enter the following
fields
Reading the response body
- Send the request and if the configuration & authentication is valid, we get the
following response body with a 200 OK status
Here DBInstances will contain the list of DB Instances hosted on the specified AWS
account.
4
�API to Get All Resources
Tagging api can be used to fetch all resources created on AWS. Following is an example
which demonstrates the same
Create new API request
- Create new POST request in POSTMAN and use the following endpoint
https://tagging.<your region here>.amazonaws.com
- Add the following key values in header
X-Amz-Target: ResourceGroupsTaggingAPI_20170126.GetResources
Content-Type: application/x-amz-json-1.1
- Use either an empty body in the request or add the following object structure with
desired values
Request Syntax (Optional)
{
"ExcludeCompliantResources": boolean,
"IncludeComplianceDetails": boolean,
"PaginationToken": "string",
"ResourceARNList": [ "string" ],
"ResourcesPerPage": number,
"ResourceTypeFilters": [ "string" ],
"TagFilters": [
{
"Key": "string",
"Values": [ "string" ]
}
],
"TagsPerPage": number
}
- Set the Authentication as described in the previous request
- When you send this request, following response is received with the list of resources
on AWS
5
�Sample Request
POST / HTTP/1.1
Host: tagging.us-west-2.amazonaws.com
Accept-Encoding: identity
Content-Length: 80
X-Amz-Target: ResourceGroupsTaggingAPI_20170126.GetResources
X-Amz-Date: 20191201T214524Z
User-Agent: aws-cli/1.11.79 Python/2.7.9 Windows/7 botocore/1.5.42
Content-Type: application/x-amz-json-1.1
Authorization: AUTHPARAMS
{
"ExcludeCompliantResources": null,
"IncludeComplianceDetails": true,
"PaginationToken": 1
}
Sample Response
HTTP/1.1 200 OK
x-amzn-RequestId: 14bc735b-26da-11e7-a933-67e2d2f3ef37
Content-Type: application/x-amz-json-1.1
Content-Length: 4060
Date: Sun, 1 Dec 2019 21:45:25 GMT
{
"PaginationToken": "",
"ResourceTagMappingList": [
{
"ComplianceDetails": {
"ComplianceStatus":true,
"KeysWithNoncompliantValues":[],
"NoncompliantKeys":[]
},
"ResourceARN":
"arn:aws:inspector:us-west-2:123456789012:target/0-nvgVhaxX/template/0-7sbz2Kz0",
"Tags": []
}
]
}
