Skip to main content
API docs by Redocly

FireMon Cloud REST API (1.0.0)

Download OpenAPI specification:Download

/authenticate

Authenticate, exchanging credentials for a JWT token. The resulting token can be used in the Authorization header of other requests.

Authorizations:
bearerAuth
Request Body schema: application/json
required
password
required
string
username
required
string

Responses

Request samples

Content type
application/json
{
  • "password": "string",
  • "username": "string"
}

Response samples

Content type
application/json
{
  • "expiration": 0,
  • "idToken": "string",
  • "refreshToken": "string"
}

/change-requests

Get a page of Change Requests.

Authorizations:
bearerAuth
query Parameters
limit
integer
nextPageKey
string

Responses

Response samples

Content type
application/json
{
  • "items": [
    ],
  • "pageInfo": {
    }
}

/change-requests

Save a Change Request and start the asynchronous process of evaluation against all enforced Boundaries. If ID is specified, and a change request exists with that ID, the change request will be updated. Otherwise a new change request will be created.

Authorizations:
bearerAuth
Request Body schema: application/json
required
required
object (ChangeRequestInput)
id
required
string
name
required
string
projectId
required
string
required
Array of objects (ChangeRequestRuleInput)

Responses

Request samples

Content type
application/json
{
  • "input": {
    }
}

Response samples

Content type
application/json
{
  • "createdAt": "string",
  • "createdBy": "string",
  • "id": "string",
  • "name": "string",
  • "parentPath": "string",
  • "projectId": "string",
  • "results": [
    ],
  • "rules": [
    ],
  • "score": 0,
  • "state": "Error",
  • "stateReason": "string",
  • "updatedAt": "string",
  • "updatedBy": "string"
}

/change-requests/{id}

Get a single Change Request by its ID.

Authorizations:
bearerAuth
path Parameters
id
required
string

Responses

Response samples

Content type
application/json
{
  • "createdAt": "string",
  • "createdBy": "string",
  • "id": "string",
  • "name": "string",
  • "parentPath": "string",
  • "projectId": "string",
  • "results": [
    ],
  • "rules": [
    ],
  • "score": 0,
  • "state": "Error",
  • "stateReason": "string",
  • "updatedAt": "string",
  • "updatedBy": "string"
}

/change-requests/{id}

Delete a Change Request by ID.

Authorizations:
bearerAuth
path Parameters
id
required
string

Responses

Response samples

Content type
application/json
"string"

/connect-groups

Authorizations:
bearerAuth
query Parameters
limit
integer
nextPageKey
string

Responses

Response samples

Content type
application/json
{
  • "items": [
    ],
  • "pageInfo": {
    }
}

/connect-groups/{id}

Authorizations:
bearerAuth
path Parameters
id
required
string

Responses

Response samples

Content type
application/json
{
  • "accountId": {
    },
  • "alertWindow": 0,
  • "checkId": {
    },
  • "checkResult": {
    },
  • "cidr": {
    },
  • "cidrCount": 0,
  • "createdAt": "string",
  • "createdBy": "string",
  • "description": "string",
  • "environment": {
    },
  • "formats": [
    ],
  • "id": "string",
  • "jsonPath": {
    },
  • "memberCount": 0,
  • "name": "string",
  • "parentPath": "string",
  • "parentProjectId": "string",
  • "projectId": {
    },
  • "region": {
    },
  • "severity": {
    },
  • "tags": {
    },
  • "type": {
    },
  • "updateType": "Automatic",
  • "updatedAt": "string",
  • "updatedBy": "string",
  • "vendor": {
    },
  • "vpcId": {
    }
}

/inventory

Get a page of Inventory search results.

Authorizations:
bearerAuth
query Parameters
from
integer

The number from which result items should start, used to page through results. For example: to get the first page of 10 items, from should be 0 and size should be 10. To get the second page, from should be 10 and size should be 10.

query
string

Search query in the form field:value or field:"value"

Any of the top-level InventoryItem fields can be included in the query.

Multiple fields can be combined:

  • field1:value AND field2:value
  • field1:value OR field1:value

You can also perform full-text search by not specifying a field.

Examples:

  • test AND (region:"us-west-1" OR region:"us-west-2")
    • search for items with the text test and region field value of us-west-1 or us-west-2
  • region:"us-west-1" OR region:"us-west-2"
  • cloudAccountId:275726472673 AND region:"us-east-1"
  • ip:"10.0.0.0/8"
    • search for items with an IP address within the specified CIDR

Lucene query documentation

size
integer

The number of items to include in the response.

sort
string

Sort the search results by the specified InventoryItem field: cloudAccountId, cloudAccountName, name, region, type, etc.

Responses

Response samples

Content type
application/json
{
  • "items": [
    ],
  • "pageInfo": {
    }
}

/inventory/{accountId}/{region}/{type}/{id}

Get a single inventory item by its accountId, region, type, and ID. For REST requests, you can use the path from the Cloud Defense or Connect apps:

App URLs:

  • https://app.defense.firemon.cloud/inventory/6253c4b0-8bed-4041-b522-e32df11de3c7/us-west-2/AWS%3A%3AEC2%3A%3AInstance/i-07114c5770f20ec9b
  • https://connect.firemon.cloud/inventory/6253c4b0-8bed-4041-b522-e32df11de3c7/us-west-2/AWS%3A%3AEC2%3A%3AInstance/i-07114c5770f20ec9b

REST API:

GET https://api.prod.firemon.cloud/inventory/6253c4b0-8bed-4041-b522-e32df11de3c7/us-west-2/AWS%3A%3AEC2%3A%3AInstance/i-07114c5770f20ec9b

Authorizations:
bearerAuth
path Parameters
accountId
required
string

The internal account UUID of the item (not the external/cloud account ID).

id
required
string

The ID of the item.

region
required
string

The region of the item (us-east-1, us-west-2, global, etc).

type
required
string

The internal type name of the item (AWS::IAM::User, AWS::S3::Bucket, Microsoft.Storage.storageAccounts, etc).

Responses

Response samples

Content type
application/json
{
  • "accountId": "string",
  • "altId": "string",
  • "clientId": "string",
  • "cloudAccountEnv": "string",
  • "cloudAccountId": "string",
  • "cloudAccountLabels": [
    ],
  • "cloudAccountName": "string",
  • "eventId": "string",
  • "eventIdentity": {
    },
  • "id": "string",
  • "ip": [
    ],
  • "ipRange": [
    ],
  • "ips": [
    ],
  • "item": "string",
  • "name": "string",
  • "parentPath": "string",
  • "region": "string",
  • "tags": [
    ],
  • "type": "string",
  • "typeName": "string",
  • "updatedAt": "string",
  • "vendor": "string"
}

/inventory/type-names

Get a list of all types & names supported by inventory.

Authorizations:
bearerAuth

Responses

Response samples

Content type
application/json
[
  • {
    }
]