Cloud Conformity (1.0)

Download OpenAPI specification:Download

Note to Cloud One users - Accounts created in US-1 should use us-west-2, all other accounts should use the same region as your Cloud One account.

Access Control

Managing Custom Roles

This endpoint is not applicable to users who are part of the Legacy Conformity Platform.

List All Roles

get/access-control/roles

This endpoint allows you to query all roles that you have access to.

IMPORTANT:

  1. This endpoint is not applicable to users who are part of the Legacy Conformity Platform.
  2. Only ADMIN users can use this endpoint.

The endpoint has a limit of returning up to a maximum of 1000 Roles with in the overall results.

SecurityApiKeyAuth
Request
query Parameters
object

Optional parameter including page size, and page number returned

Responses
200

OK

400

Bad Request. Cannot process request due to a client error.

Response samples
application/json
{
  • "data": [
    ]
}

Create a Role

post/access-control/roles

This endpoint allows you to create a role.

IMPORTANT:

  1. This endpoint is not applicable to users who are part of the Legacy Conformity Platform.
  2. Only ADMIN users can use this endpoint.

Example Request: Full Access to two specific accounts

curl -H "Authorization: ApiKey S1YnrbQuWagQS0MvbSchNHDO73XHqdAqH52RxEPGAggOYiXTxrwPfmiTNqQkTq3" \
-d '
{
    "data": {
        "name": "FullAWSOnly",
        "description": "Full access to AWS accounts only",
        "policies": {
            "accounts": {
                "ee3a8572-58e6-4dff-9212-f41cda3a081": {
                    "access": "full"
                },
                "fb0f488c-d4f4-43d2-a497-fa872afa00b": {
                    "access": "full"
                }
            }
        }
    }
}
' \
https://conformity.us-1.dev-cloudone.trendmicro.com/api/access-control \

Example Response

{
    "id": "bd49fb8b-2b92-4c13-ad97-83caecf20e3c",
    "name": "FullAWSOnly",
    "description": "Full access to AWS accounts only",
    "policies": {
        "accounts": {
            "ee3a8572-58e6-4dff-9212-f41cda3a081": {
                "access": "full"
            },
            "fb0f488c-d4f4-43d2-a497-fa872afa00b": {
                "access": "full"
            }
        }
    },
    "organisationId": "228967833155",
    "createdBy": "urn:cloudone:identity:us-1:228967833155:user/bfc5bb8a-3bd8-47e6-8fe8-5ed012878c5",
    "createdDate": "1682468263260"
}

Example Request: Full Access to all accounts

curl -H "Authorization: ApiKey S1YnrbQuWagQS0MvbSchNHDO73XHqdAqH52RxEPGAggOYiXTxrwPfmiTNqQkTq3" \
-d '
{
    "data": {
        "name": "customFullAccessAllAccounts",
        "description": "Full access to all Accounts",
        "policies": {
            "accounts": {
                {
                    "access": "full"
                }
            }
        }
    }
}
' \

https://conformity.us-1.dev-cloudone.trendmicro.com/api/access-control \

Example Response: Full Access to all accounts

{
    "id": "bd49fb8b-2b92-4c13-ad97-83caecf20e3c",
    "name": "customFullAccessAllAccounts",
    "description": "Full access to all Accounts",
    "policies": {
        "accounts": {
            {
                "access": "full"
            }
        }
    },
    "organisationId": "228967833155",
    "createdBy": "urn:cloudone:identity:us-1:228967833155:user/bfc5bb8a-3bd8-47e6-8fe8-5ed012878c5",
    "createdDate": "1682468263260"
}

Example Request: Read Access to all accounts

curl -H "Authorization: ApiKey S1YnrbQuWagQS0MvbSchNHDO73XHqdAqH52RxEPGAggOYiXTxrwPfmiTNqQkTq3" \
-d '
{
    "data": {
        "name": "customReadAccessAllAccounts",
        "description": "Read access to all accounts",
        "policies": {
            "accounts": {
                {
                    "access": "read"
                }
            }
        }
    }
}
' \
https://conformity.us-1.dev-cloudone.trendmicro.com/api/access-control \

Example Response: Read Access to all accounts

{
    "id": "bd49fb8b-2b92-4c13-ad97-83caecf20e3c",
    "name": "customReadAccessAllAccounts",
    "description": "Read access to all accounts",
    "policies": {
        "accounts": {
            {
                "access": "read"
            }
        }
    },
    "organisationId": "228967833155",
    "createdBy": "urn:cloudone:identity:us-1:228967833155:user/bfc5bb8a-3bd8-47e6-8fe8-5ed012878c5",
    "createdDate": "1682468263260"
}
SecurityApiKeyAuth
Responses
200

OK

422

Unprocessed Entity. Validation error.

500

Internal Server Error

Response samples
application/json
{
  • "id": "full-access",
  • "name": "FullAWSOnly",
  • "description": "Full access to AWS accounts only",
  • "policies": {
    },
  • "organisationId": "22896783315",
  • "createdBy": "urn:cloudone:identity:us-1:228967833155:user/bfc5bb8a-3bd8-47e6-8fe8-5ed012878c5",
  • "createdDate": "1682468263260"
}

Get Role Details

get/access-control/roles/{id}

This endpoint allows you to get a specific role detail.

IMPORTANT:

  1. This endpoint is not applicable to users who are part of the Legacy Conformity Platform.
  2. Only ADMIN users can use this endpoint.
curl -H "Authorization: ApiKey S1YnrbQuWagQS0MvbSchNHDO73XHqdAqH52RxEPGAggOYiXTxrwPfmiTNqQkTq3" \
https://conformity.us-1.dev-cloudone.trendmicro.com/api/access-control/roles/bd49fb8b-2b92-4c13-ad97-83caecf20e3 \

Example Response

{
    "lastUpdatedBy": "urn:cloudone:identity:us-1:228967833155:apikey/tmc12OcXUZ2kvStmcunTBBYlfPN48Cp",
    "lastUpdatedDate": "1682468717538",
    "createdDate": "1682468263260",
    "organisationId": "228967833155",
    "policies": {
        "accounts": {
            "fb0f488c-d4f4-43d2-a497-fa872afa00bc": {
                "access": "full"
            },
            "ee3a8572-58e6-4dff-9212-f41cda3a0813": {
                "access": "full"
            }
        }
    },
    "description": "Full access to AWS accounts only",
    "id": "bd49fb8b-2b92-4c13-ad97-83caecf20e3c",
    "createdBy": "urn:cloudone:identity:us-1:228967833155:user/bfc5bb8a-3bd8-47e6-8fe8-5ed012878c54",
    "name": "FullAWSOnly"
}
SecurityApiKeyAuth
Responses
200

OK

404

Not found.

Response samples
application/json
{
  • "id": "full-access",
  • "name": "FullAWSOnly",
  • "description": "Full access to AWS accounts only",
  • "policies": {
    },
  • "lastUpdatedDate": "1682468717538",
  • "lastUpdatedBy": "urn:cloudone:identity:us-1:228967833155:apikey/tmc12OcXUZ2kvStmcunTBBYlfPN48C",
  • "organisationId": "22896783315",
  • "createdBy": "urn:cloudone:identity:us-1:228967833155:user/bfc5bb8a-3bd8-47e6-8fe8-5ed012878c5",
  • "createdDate": "1682468263260"
}

Update a Role

patch/access-control/roles/{id}

This endpoint allows you to update a specific role.

IMPORTANT:

  1. This endpoint is not applicable to users who are part of the Legacy Conformity Platform.
  2. Only ADMIN users can use this endpoint.

Example Request: Full Access to two specific accounts

curl -H "Authorization: ApiKey S1YnrbQuWagQS0MvbSchNHDO73XHqdAqH52RxEPGAggOYiXTxrwPfmiTNqQkTq3" \
-d '
{
    "data": {
        "name": "FullAWSOnly",
        "description": "Full access to AWS accounts only",
        "policies": {
            "accounts": {
                "ee3a8572-58e6-4dff-9212-f41cda3a081": {
                    "access": "full"
                },
                "fb0f488c-d4f4-43d2-a497-fa872afa00b": {
                    "access": "full"
                }
            }
        }
    }
}
' \
https://conformity.us-1.dev-cloudone.trendmicro.com/api/access-control/roles/bd49fb8b-2b92-4c13-ad97-83caecf20e3 \

Example Request: Full Access to two specific accounts

{
    "id": "bd49fb8b-2b92-4c13-ad97-83caecf20e3c",
    "name": "FullAWSOnly",
    "description": "Full access to AWS accounts only",
    "policies": {
        "accounts": {
            "ee3a8572-58e6-4dff-9212-f41cda3a081": {
                "access": "full"
            },
            "fb0f488c-d4f4-43d2-a497-fa872afa00b": {
                "access": "full"
            }
        }
    },
    "lastUpdatedDate": "1682468717538",
    "lastUpdatedBy": "urn:cloudone:identity:us-1:228967833155:apikey/tmc12OcXUZ2kvStmcunTBBYlfPN48C",
    "organisationId": "228967833155",
    "createdBy": "urn:cloudone:identity:us-1:228967833155:user/bfc5bb8a-3bd8-47e6-8fe8-5ed012878c5",
    "createdDate": "1682468263260"
}

Example Request: Full Access to all accounts

curl -H "Authorization: ApiKey S1YnrbQuWagQS0MvbSchNHDO73XHqdAqH52RxEPGAggOYiXTxrwPfmiTNqQkTq3" \
-d '
{
    "data": {
        "name": "customFullAccessAllAccounts",
        "description": "Full access to all Accounts",
        "policies": {
            "accounts": {
                {
                    "access": "full"
                }
            }
        }
    }
}
' \
https://conformity.us-1.dev-cloudone.trendmicro.com/api/access-control/roles/bd49fb8b-2b92-4c13-ad97-83caecf20e3 \

Example Response: Full Access to all accounts

{
    "id": "bd49fb8b-2b92-4c13-ad97-83caecf20e3c",
    "name": "customFullAccessAllAccounts",
    "description": "Full access to all Accounts",
    "policies": {
        "accounts": {
            {
                "access": "full"
            }
        }
    },
    "lastUpdatedDate": "1682468717538",
    "lastUpdatedBy": "urn:cloudone:identity:us-1:228967833155:apikey/tmc12OcXUZ2kvStmcunTBBYlfPN48C",
    "organisationId": "228967833155",
    "createdBy": "urn:cloudone:identity:us-1:228967833155:user/bfc5bb8a-3bd8-47e6-8fe8-5ed012878c5",
    "createdDate": "1682468263260"
}

Example Request: Read Access to all accounts

curl -H "Authorization: ApiKey S1YnrbQuWagQS0MvbSchNHDO73XHqdAqH52RxEPGAggOYiXTxrwPfmiTNqQkTq3" \
-d '
{
    "data": {
        "name": "customReadAccessAllAccounts",
        "description": "Read access to all accounts",
        "policies": {
            "accounts": {
                {
                    "access": "read"
                }
            }
        }
    }
}
' \
https://conformity.us-1.dev-cloudone.trendmicro.com/api/access-control/roles/bd49fb8b-2b92-4c13-ad97-83caecf20e3 \

Example Response: Read Access to all accounts

{
    "id": "bd49fb8b-2b92-4c13-ad97-83caecf20e3c",
    "name": "customReadAccessAllAccounts",
    "description": "Read access to all accounts",
    "policies": {
        "accounts": {
            {
                "access": "read"
            }
        }
    },
    "lastUpdatedDate": "1682468717538",
    "lastUpdatedBy": "urn:cloudone:identity:us-1:228967833155:apikey/tmc12OcXUZ2kvStmcunTBBYlfPN48C",
    "organisationId": "228967833155",
    "createdBy": "urn:cloudone:identity:us-1:228967833155:user/bfc5bb8a-3bd8-47e6-8fe8-5ed012878c5",
    "createdDate": "1682468263260"
}
SecurityApiKeyAuth
Responses
200

OK

404

Not found.

Response samples
application/json
{
  • "id": "full-access",
  • "name": "FullAWSOnly",
  • "description": "Full access to AWS accounts only",
  • "policies": {
    },
  • "lastUpdatedDate": "1682468717538",
  • "lastUpdatedBy": "urn:cloudone:identity:us-1:228967833155:apikey/tmc12OcXUZ2kvStmcunTBBYlfPN48C",
  • "organisationId": "22896783315",
  • "createdBy": "urn:cloudone:identity:us-1:228967833155:user/bfc5bb8a-3bd8-47e6-8fe8-5ed012878c5",
  • "createdDate": "1682468263260"
}

Delete a Role

delete/access-control/roles/{id}

This endpoint allows you to delete a specific role.

IMPORTANT:

  1. This endpoint is not applicable to users who are part of the Legacy Conformity Platform.
  2. Only ADMIN users can use this endpoint.

Example Request:

curl -X DELETE \
-H "Content-Type: application/json" \
-H "Authorization: ApiKey S1YnrbQuWagQS0MvbSchNHDO73XHqdAqH52RxEPGAggOYiXTxrwPfmiTNqQkTq3" \
https://conformity.us-1.dev-cloudone.trendmicro.com/api/access-control/roles/bd49fb8b-2b92-4c13-ad97-83caecf20e3 \

Example Response:

{
    meta: {
        status: "deleted"
    }
}
SecurityApiKeyAuth
Responses
200

OK

404

Not found.

Response samples
application/json
{
  • "meta": {
    }
}
➔ Next to Access Control