Endpoint Access
Access the Warden API through this endpoint: https://api.horangi.com/v1/cspm
Header Authorization
Put the API key in the header of the request with the case sensitive header name `x-api-key`
Example:
x-api-key: API_KEY_VALUE
Follow the instructions on Managing Warden API Keys to generate a new API key.
Pagination
If the number of items being requested exceeds the page limit, the API response will include a url in `response.links.next`.
Performing a GET request on this URL will return the next page of items. Note that all query parameters are included in `page_cursor`, so you do not need to specify the same query parameters in subsequent paginated requests.
Endpoints
GET /checks
This endpoint returns the latest checks for an Organization. The response is returned in JSON format.
Query Parameters
| Query Parameter | Type | Required | Description |
| page_cursor | String | No | An opaque value embedded in the response field response.links.next. This is used to retrieve the next page of items. Note that this parameter is ignored if there are other query parameters in the request. For example, /checks?page_cursor=xxx&results=fail is the same as /checks?filter_result=fail. |
| page_limit | Integer | No | The maximum number of checks can be returned in one page.
|
| results | Array | No |
One or more (comma delimited) keys to filter based on check.result. Valid values:
|
| severities | Array | No | One or more (comma delimited) keys to filter based on check.severity. Valid values:
|
| statuses | Array | No | One or more (comma delimited) keys to filter based on check.status. Status is only applicable for checks with "fail" result Valid values:
|
| system_compliance | Array | No | One or more (comma delimited) keys to filter based on system-defined compliance standards. Some compliance standards might be applicable to only a few specific cloud providers. Valid values: refer to system_compliance table |
System Compliance Standard
| system_compliance |
Compliance Standard Name/Description
|
| apra |
APRA CPG 234 standards
|
| aws-waf |
AWS WAF standards
|
| bnm-rmit |
BNM RMiT standards
|
| ccm-v4-0-5 |
Cloud Control Matrix v4.0.5
|
| cis-aws |
CIS-AWS benchmark.
|
| cis-aws-1-4 | CIS AWS 1.4 |
| cis-azr-1-4 | CIS AZR 1.4 |
| cis-gcp |
CIS-GCP 1.1 standards
|
| cis-gcp-1-2 |
CIS-GCP 1.2 standards
|
| cis-gke |
CIS-GKE standards
|
| gdpr |
GDPR standards for data privacy
|
| hwa-cloud-scg-3-2 |
HUAWEI Cloud Security Configuration Guide 3.2.
|
| iso-27001 |
ISO 27001 standards
|
| mas-cyber-hygiene |
MAS mandated Cyber Hygiene standards.
|
| mas-trm |
MAS-TRM standards.
|
| mas-trm-2021 |
MAS-TRM standards
|
| nist |
NIST cybersecurity framework standards.
|
| pci-dss |
PCI DSS v3.2.1 standards for card payment security
|
| pci-dss-v4-0 |
PCI DSS v4.0 standards for card payment security
|
| pojk-38 |
POJK 38 MRTI regulation
|
| seojk-21 |
SEOJK 21 MRTI regulation
|
| soc-2 |
SOC 2 standards
|
| thai-pdpa-2562-2019 |
Personal Data Protection Act BE2562-2019 (Unofficial English Translation), Official Notification on Standards for Personal Data Security B.E. 2563 (2020) (Unofficial English Translation)
|
Example curl commands:
# getting all latest checks
curl --header "x-api-key:API_KEY_VALUE" https://api.horangi.com/v1/cspm/checks
# getting all latest checks covered in ISO 27001 Standards
curl --header "x-api-key:API_KEY_VALUE" https://api.horangi.com/v1/cspm/checks?system_compliance=iso-27001
# getting all latest failed checks
curl --header "x-api-key:API_KEY_VALUE" https://api.horangi.com/v1/cspm/checks?results=fail
# getting all latest failed checks with critical and high severity
curl --header "x-api-key:API_KEY_VALUE" https://api.horangi.com/v1/cspm/checks?results=fail&severities=critical%2Chigh
# getting all latest failed checks with critical severity and open status
curl --header "x-api-key:API_KEY_VALUE" https://api.horangi.com/v1/cspm/checks?results=fail&severities=critical&statuses=open
Query Response
| Response Field | Type | Description |
| data.[x].id | uuid | The unique identifier for the item. |
| data.[x].type | String | The item type. This will be 'check' |
| data.[x].attributes.scan_target | String | The cloud account id of the scan that this check belongs to. |
| data.[x].attributes.resource_region | String | The cloud region where the resource of this check is located at. |
| data.[x].attributes.resource_id | String | The cloud native identifier for the resource of this check. |
| data.[x].attributes.resource_name | String | The name of the resource for this check. |
| data.[x].attributes.result | String | The result of this check. Values: - pass - fail |
| data.[x].attributes.severity | String | The final severity of this check if suppression is applied. Values: - informational - low - medium - high - critical |
| data.[x].attributes.status | String | The status of this check. Values: - open - risk_accepted - false_positive - remediated - needs_review |
| data.[x].attributes.created_at | String | The time this check was created. |
| data.[x].attributes.scan_group_name | String | The name of the scan group that this check belongs to. |
| data.[x].attributes.scan_name | String | The name of the scan that this check belongs to. |
| data.[x].attributes.title | String | The rule title of this check. |
| data.[x].attributes.original_severity | String | The original severity of this check before suppression is applied. Values: - informational - low - medium - high - critical |
| links.self | URL | the url that generates this response |
| links.next | URL | If not null, the url to be used to request the next page of items. |
Rate Limits
For each API key, the following rate limits apply
- 5000 requests per day
- 50 requests per second
A 429 error code will be returned if the rate limit is exceeded.
Errors
|
Error Code |
Description |
|
400 |
Invalid query parameters. |
|
401 |
API key not granted with the right permissions. |
|
403 |
Invalid API Key. |
|
404 |
Wrong resource path. |
|
405 |
Method not allowed. |
|
429 |
Throttling limits reached. |
|
500 |
Internal Server Error. |