API Documentation (AWS)

Pre-requisite
IAM User with API Access
- Create a user if not already existing

- Attach policy that grants required permission (you can either provide administrator
for all access or assign policies specific to the reuirement)

- A new policy can also be created with the required permissions as shown in the
following screenshots
 - Once the user is created, save the Access Key ID and Secret Access Key securely.
This will be used to authenticate the subsequent requests

2
AWS API Configuration and Test
We will execute the request in POSTMAN to verify the API which fetch all databases
(resources) on AWS. This example demonstrates the usage of RDS api.

Create new API request

- Create new POST request in POSTMAN and use the following endpoint
https://rds.<your region here>.amazonaws.com

- Add the following key values in header

- Add body with the following action (to fetch DB Instances)

Action=DescribeDBInstances&Version=2014-10-31

3
Configure Authentication in Postman
- On the authorization tab, select AWS Signature as Auth Type and enter the following
fields

Reading the response body

- Send the request and if the configuration & authentication is valid, we get the
following response body with a 200 OK status

Here DBInstances will contain the list of DB Instances hosted on the specified AWS
account.

4
API to Get All Resources

Tagging api can be used to fetch all resources created on AWS. Following is an example
which demonstrates the same

Create new API request

- Create new POST request in POSTMAN and use the following endpoint
https://tagging.<your region here>.amazonaws.com
- Add the following key values in header
X-Amz-Target: ResourceGroupsTaggingAPI_20170126.GetResources
Content-Type: application/x-amz-json-1.1
- Use either an empty body in the request or add the following object structure with
desired values

Request Syntax (Optional)

{
"ExcludeCompliantResources": boolean,
"IncludeComplianceDetails": boolean,
"PaginationToken": "string",
"ResourceARNList": [ "string" ],
"ResourcesPerPage": number,
"ResourceTypeFilters": [ "string" ],
"TagFilters": [
{
"Key": "string",
"Values": [ "string" ]
}
],
"TagsPerPage": number
}
- Set the Authentication as described in the previous request
- When you send this request, following response is received with the list of resources
on AWS

5
Sample Request

POST / HTTP/1.1
Host: tagging.us-west-2.amazonaws.com
Accept-Encoding: identity
Content-Length: 80
X-Amz-Target: ResourceGroupsTaggingAPI_20170126.GetResources
X-Amz-Date: 20191201T214524Z
User-Agent: aws-cli/1.11.79 Python/2.7.9 Windows/7 botocore/1.5.42
Content-Type: application/x-amz-json-1.1
Authorization: AUTHPARAMS

{
"ExcludeCompliantResources": null,
"IncludeComplianceDetails": true,
"PaginationToken": 1
}

Sample Response

HTTP/1.1 200 OK
x-amzn-RequestId: 14bc735b-26da-11e7-a933-67e2d2f3ef37
Content-Type: application/x-amz-json-1.1
Content-Length: 4060
Date: Sun, 1 Dec 2019 21:45:25 GMT
{
"PaginationToken": "",
"ResourceTagMappingList": [
{
"ComplianceDetails": {
"ComplianceStatus":true,
"KeysWithNoncompliantValues":[],
"NoncompliantKeys":[]
},
"ResourceARN":
"arn:aws:inspector:us-west-2:123456789012:target/0-nvgVhaxX/template/0-7sbz2Kz0",
"Tags": []
}
]
}