Admin API Reference Guide

CloudCheckr allows for the creation of two different types of access keys. Account-level access keys can only make calls against a single account. Admin-level access keys allow users to make calls against any of their accounts within CloudCheckr. They also allow API users to make account-management related calls that cannot be executed using account-level access keys.

CloudCheckr is revamping its API documentation to ensure that it reflects the best practices for REST and to improve overall consistency. We will restructure each call to include these sections:

Section Description
Input Parameters Options that you pass with the endpoint to influence a response.

Identifies if a parameter is required or optional, the data type, and the parameter description.

API Call URL Identifies the common path for the API (highlighted in yellow) and the end path of the endpoint (highlighted in light blue).

Request Example Includes a sample request that shows the endpoint and a few key parameters.

Formatted in curl since it’s language-agnostic.

Includes the header information and the method (GET or POST in most cases).

Response Example Shows a sample response for all of the parameters passed in the request example.

Includes examples in XML and JSON.


Attempting to make any of these calls using a general API access key will result in an error. You may also use admin-level API keys to make the other calls found in the general API Reference guide.

When using an admin-level access keys to make those calls you must add one of the following parameter to your calls:
  • use_account – the name of the account you are making the call for, where the name is the name of the account added in CloudCheckr.
  • use_cc_account_id – the ID of the account you are making the call for. The ID is returned when using the method ‘account/add_account_v3′ to register the account in CloudCheckr.

XML Call:

https://api.cloudcheckr.com/api/best_practice.xml/get_best_practices?access_key=[access_key]&use_account=[MyAccount]
https://api.cloudcheckr.com/api/best_practice.xml/get_best_practices?access_key=[access_key]&use_cc_account_id=[MyAccountId]

JSON Call:

https://api.cloudcheckr.com/api/best_practice.json/get_best_practices?access_key=[access_key]&use_account=[MyAccount]
https://api.cloudcheckr.com/api/best_practice.json/get_best_practices?access_key=[access_key]&use_cc_account_id=[MyAccountId]

Using Access Keys

CloudCheckr requires an access key to be passed as a parameter to all API calls.

Click here for details on creating and managing access keys.

Example of Using an Access Key:

https://api.cloudcheckr.com/api/change_monitoring.json/get_changes?access_key=[access_key]

Preferred HTTP Methods

When using libraries such as curl, you may need to indicate the HTTP method to use (POST or GET). The CloudCheckr API accepts both POST and GET in most API calls. However, we recommend you use the preferred HTTP method when possible.

The preferred HTTP method for each call is GET unless specifically noted in the API CALLS section.

For more information on HTTP methods, click here:  http://www.w3schools.com/tags/ref_httpmethods.asp.


API Calls

Add Access Control Lists Per Account Per Group

The API method, “add_access_control_lists_per_account_per_group”, is used to add access control lists per account per group.

The preferred HTTP method for this call is POST.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
acls list <string> required; unique alphanumeric ID for each access control list (acl)
group_id string required; group ID
use_account string required/optional; friendly name of the account in CloudCheckr; must be a payer account in CloudCheckr*
use_cc_account_id string required/optional; unique account ID used in CloudCheckr; must be a payer account in CloudCheckr*
use_aws_account_id string required/optional; the 12-digit AWS account ID; must be a payer account in CloudCheckr*
One of the * parameters must be defined.

API CALL URL:

https://api.cloudcheckr.com/api/account.[json|xml]/add_access_control_lists_per_account_per_group?access_key=your_admin_access_key&use_account=AWS Main

REQUEST EXAMPLE:

curl -X POST \
                -- https://api.cloudcheckr.com/api/account.[json|xml]/add_access_control_lists_per_account_per_group?
                   access_key=your_admin_access_key&use_account=AWS Main\
                -- header 'cache-control: no-cache' \
                -- header 'content-type: application/[json|xml]' \
                -- data '{
                    "group_id": "315ED648-DA56-4713-98DB-7D0A434A31F9",
                    "acls": ["dd82ecd7-c590-490f-9b3a-f22990a1b500[CC_Delimiter]16b586a1-4459-46e1-b348-8c24dd5cfb7f",
                    "dd82ecd7-c590-490f-9b3a-f22990a1b500[CC_Delimiter]e5c59d38-f3a1-4aac-aa48-a9823c1413ed"]

RESPONSE EXAMPLE:

XML:

<AddAccessControlListsPerAccountPerGroupResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance>
          <results>
          <id>315ed648-da56-4713-98db-7d0a434a31f9<
          /id>
          <code>
          0<
          /code>
          <message>
          null<
          /message>
          <
          /results>
          </AddAccessControlListsPerAccountPerGroupResponse>
          

JSON:

{
              "Id": "315ed648-da56-4713-98db-7d0a434a31f9",
              "Code": 0,
              "Message": null
          }

Add Account V3

The API method, “add_account_v3”, is used to register an AWS account with CloudCheckr. This method will return a unique ID, “cc_account_id”, to enhance security for the newly-created account. Customers can use “cc_account_id” for the parameter, “use_cc_account_id”, when making calls to the admin-level API.

  • The preferred HTTP method for this call is POST.
  • AWS secret keys typically contain special characters. To submit as a parameter on the URL, you must URL encode it. Click here for details.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
account_name string required; the name of the AWS account to register with CloudCheckr
user_name string optional; the name of the user that will have access to this account. If no user is specified, the first administrator of the account will be applied
aws_access_key string optional; the access key of the IAM user whose credentials will be used to connect CloudCheckr to your AWS account
aws_secret_key string optional; the secret key of the IAM user whose credentials will be used to connect CloudCheckr to your AWS account
account_tag string optional; the tag for the account to be used within a Multi-Account View (MAV)
emails list <string> optional; the email address(es) that will populate the account’s email settings and determine who receives the automated reports.

If this parameter is not used, the email address used when registering the CloudCheckr account will be populated in this field.
payer_use_account string optional; the name of the payer account
payee_aws_account_id string optional; the AWS account ID associated with the payee account
use_account string required/optional; friendly name of the account in CloudCheckr; must be a payer account in CloudCheckr*
use_cc_account_id string required/optional; unique account ID used in CloudCheckr; must be a payer account in CloudCheckr*
use_aws_account_id string required/optional; the 12-digit AWS account ID; must be a payer account in CloudCheckr*

You will only need to define one of the * parameters if you want the new account to be linked to a payer account; if you do not want to link a payer account, then none of the three * parameters are needed.

API CALL URL:

https://api.cloudcheckr.com/api/account.[json|xml]/add_account_v3?access_key=your_admin_access_key


REQUEST EXAMPLE:

The Request Example uses the “cc_account_id” to show what the URL would look like if a customer needed a new account linked to a payer account.

curl -X POST \
               -- https://api.cloudcheckr.com/api/account.[json|xml]/add_account_v3?access_key=your_admin_access_key&use_cc_account_id=1234\
               -- header 'cache-control: no-cache' \
               -- header 'content-type: application/[json|xml]' \
               -- data '{
                  "account_name": "api added aws account",
              }

RESPONSE EXAMPLE:
XML:

<AddAccountV3Response xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance> <
          status>
             <account_status>Success</account_status>
             <cc_account_id>38</cc_account_id>
             <credential_status>No credentials given. Can use the following role_account_id and role_external_id to create cross-account role within AWS.</credential_status>
             <role_account_id>352813966789</role_account_id>
             <cc_external_id>CC-69CFBFCA8BF21FA123BA566A6DAAB227</cc_external_id>
          </status>
          </AddAccountV3Response>

JSON:

{
             "account_status": "Success",
             "cc_account_id": 38,
             "credential_status": "No credentials given. Can use the following role_account_id and role_external_id to create cross-account role within AWS.",
             "role_account_id": "352813966789",
             "cc_external_id": "CC-69CFBFCA8BF21FA123BA566A6DAAB227"
          }
You can use the “role_account_id” and “cc_external_id” to create a role using the AWS Command Line Interface (CLI). See the Create Role topic in the AWS documentation for more information.

Add API Key

The API method, “add_api_key”, is used to create a new CloudCheckr API key for a specific account.

You cannot create admin-level API keys with this method.

The preferred HTTP method for this call is POST.

XML Call:

https://api.cloudcheckr.com/api/account.xml/add_api_key?access_key=[access_key]&accounts=[account_name]

JSON Call:

https://api.cloudcheckr.com/api/account.json/add_api_key?access_key=[access_key]&accounts=[account_name]

INPUT PARAMETERS
This call accepts these parameters:

  • access_key (required) – standard access key required for all API calls.
  • accounts (required) – name(s) of the account(s) for which an API key is being created. Accepts multiple accounts.

OUTPUT
XML Example:

<AddApiKeyResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
              <CreationStatuses>
                  <string>
          Created access key for Account: [ACCOUNT] Key: [ACCESS_KEY]
          </string>
              </CreationStatuses>
          </AddApiKeyResponse>
          

JSON Example:

{
             "CreationStatuses": [
                "Created access key for Account: [ACCOUNT] Key: [ACCESS_KEY]"
             ]
          }

Add MAV Account

The API method, “add_mav_account”, is used to create a new Multi-View Account (MAV).

Important: This call can only be made using admin-level access keys.

The preferred HTTP method for this call is POST.

XML Call:

https://api.cloudcheckr.com/api/account.xml/add_mav_account?access_key=[access_key]&account_name=[account_name]

JSON Call:

https://api.cloudcheckr.com/api/account.json/add_mav_account?access_key=[access_key]&account_name=[account_name]

INPUT PARAMETERS
This call accepts these parameters:

  • access_key (required) – Admin-level access key required for all API calls.
  • account_name (required) – name of the new MAV account(s).
  • account_tags_to_set (optional) – comma-separated list of tags to apply to the MAV. The tag must exist.
  • for_all_accounts (optional) – true or false or 1 or 0 values. Same impact as having the “This Multi-Account View should include ALL ACCOUNTS” checked in the UI.

OUTPUT

XML & JSON Example:

{
          "Code":200,
          "Message":"OK"
          }
          

Add Tag

The API method, “tag_account”, is used to create an account-level tag, enable the account-level tag, and apply this tag to account(s), which can then be used to build Multi-Account Views (MAVs).
The preferred HTTP method for this call is POST.
XML Call:

https://api.cloudcheckr.com/api/account.xml/add_tag?access_key=[access_key]&account_name=MyAccountName&tag_name=MyAccountLevelTagName&accounts=MyAccount1,MyAccount2


JSON Call:

https://api.cloudcheckr.com/api/account.json/add_tag?access_key=[access_key]&account_name=MyAccountName&tag_name=MyAccountLevelTagName&accounts=MyAccount1,MyAccount2

INPUT PARAMETERS
This call accepts these parameters:

  • access_key (required) – Admin-level access key required for all API calls.
  • tag_name (required) – name of the account-level tag.
  • account_name (required) – name of the account where the tag will be applied.
  • accounts (required) –  name(s) of the accounts that will be added to the tag. Multiple accounts must be separated by a commma e.g. “,”.

OUTPUT

XML & JSON Example:

{
          "Code":200,
          "Message":"OK"
          }

Add User

The API method, “add_user”, creates a new CloudCheckr user.

The preferred HTTP method for this call is POST.

INPUT PARAMETERS:

Parameter Type Description
access_key string required, admin-level API key
email list <string> required; the email address of the new user
account_access list <string> required; the name of the CloudCheckr account(s) the user can access; separate multiple account names by commas as shown in the example(s)
user_role string required; the level of access for the new user; accepts ReadonlyUser, BasicUser, BasicPlusUser, User, or Administrator
group string optional; the name of the group associated with the new user
cost_report boolean optional; defines whether the user can access the cost reports within the account; accepts “yes”, “1”, “y”, “no, “0”, or “n”
blended_cost boolean optional; defines whether the user can view blended costs within the cost reports; accepts “yes”, “1”, “y”, “no, “0”, or “n”
unblended_cost boolean optional; defines whether the user can view unblended costs within the cost reports; accepts “yes”, “1”, “y”, “no, “0”, or “n”
list_cost boolean optional; defines whether the user can view list costs within the cost reports; accepts “yes”, “1”, “y”, “no, “0”, or “n”
resource_utilization_reports boolean optional; defines whether the user can access the resource utilization reports within the account; accepts “yes”, “1”, “y”, “no, “0”, or “n”
trending_reports boolean optional; defines whether the user can access the trending reports within the account; accepts “yes”, “1”, “y”, “no, “0”, or “n”
change_monitoring boolean optional; defines whether the user can access the change monitoring report within the account; accepts “yes”, “1”, “y”, “no, “0”, or “n”
best_practices boolean optional; defines whether the user can access the best practice report within the account; accepts “yes”, “1”, “y”, “no, “0”, or “n”
edit_emails boolean optional; identifies if the customer can modify email addresses associated with the user
all_access boolean optional; if this set to true, the user will have access to all reports within the account and none of the other parameters listed below are required; accepts “yes”, “1”, or “y”
password string optional; sets the password for the new user
automation boolean optional; allows the new user to access the associated report
savings boolean optional; allows the new user to access the associated report
alerts boolean optional; allows the new user to access the associated report
inventory boolean optional; allows the new user to access the associated report
security boolean optional; allows the new user to access the associated report
account_notification boolean optional; allows the new user to receive notifications from any associated accounts
partner_tools boolean optional; allows the new user to access the partner tools
edit_partner_tools boolean optional; allows the new user to modify the configuration of the partner tools
see_api_keys boolean optional; makes the API key visible to the new user
auth_types boolean optional; allows the new user access to authorization types
use_default_provider boolean optional; allows the new user to use the default provider configuration
sso_provider string optional; indicates that the new user has an SSO association
use_account string required/optional; friendly name of the account in CloudCheckr; must be a payer account in CloudCheckr*
use_cc_account_id string required/optional; unique account ID used in CloudCheckr; must be a payer account in CloudCheckr*
use_aws_account_id string required/optional; the 12-digit AWS account ID; must be a payer account in CloudCheckr*
One of the * parameters must be defined.

API CALL URL:

https://api.cloudcheckr.com/api/account.[json|xml]/add_user?access_key=your_admin_access_key

REQUEST EXAMPLE:

curl -X POST \
               -- https://api.cloudcheckr.com/api/account.[json|xml]/add_user?access_key=your_admin_access_key&use_cc_account_id=1234\
               -- header 'cache-control: no-cache' \
               -- header 'content-type: application/[json|xml]' \
               -- data '{
                 "email": "newUser@cloudcheckr.com",
                 "account_access": "AWS Main",
                 "user_role": "user",
                 "cost_report": "no",
                 "auth_types": "saml",
                 "group": "g2",
                 "use_default_provider": "true",
                 "sso_provider": "PingOne"
                  }

RESPONSE EXAMPLE:
XML:

<AddUserResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance> <CreationStatuses>Created new user with email: newUser@cloudcheckr.com</CreationStatuses>
          </AddUserResponse>
          

JSON:

{
              "CreationStatuses": [
                  "Created new user with email: newUser32i34i32ke@cloudcheckr.com"
              ]
          }

Add Users

The API method, “add_users”, creates multiple CloudCheckr users.

The preferred HTTP method for this call is POST.

INPUT PARAMETERS:

Parameter Type Description
access_key string required, admin-level API key
email string required; the email address of the new user
account_access list <string> required; the name of the CloudCheckr account(s) the user can access; separate multiple account names by commas as shown in the example(s)
user_role string required; the level of access for the new user; accepts ReadonlyUser, BasicUser, BasicPlusUser, User, or Administrator
group string optional; the name of the group associated with the new user
cost_report boolean optional; defines whether the user can access the cost reports within the account; accepts “yes”, “1”, “y”, “no, “0”, or “n”
blended_cost boolean optional; defines whether the user can view blended costs within the cost reports; accepts “yes”, “1”, “y”, “no, “0”, or “n”
unblended_cost boolean optional; defines whether the user can view unblended costs within the cost reports; accepts “yes”, “1”, “y”, “no, “0”, or “n”
list_cost boolean optional; defines whether the user can view list costs within the cost reports; accepts “yes”, “1”, “y”, “no, “0”, or “n”
resource_utilization_reports boolean optional; defines whether the user can access the resource utilization reports within the account; accepts “yes”, “1”, “y”, “no, “0”, or “n”
trending_reports boolean optional; defines whether the user can access the trending reports within the account; accepts “yes”, “1”, “y”, “no, “0”, or “n”
change_monitoring boolean optional; defines whether the user can access the change monitoring report within the account; accepts “yes”, “1”, “y”, “no, “0”, or “n”
best_practices boolean optional; defines whether the user can access the best practice report within the account; accepts “yes”, “1”, “y”, “no, “0”, or “n”
edit_emails boolean optional; identifies if the customer can modify email addresses associated with the user
all_access boolean optional; if this set to true, the user will have access to all reports within the account and none of the other parameters listed below are required; accepts “yes”, “1”, or “y”
password string optional; sets the password for the new user
automation boolean optional; allows the new user to access the associated report
savings boolean optional; allows the new user to access the associated report
alerts boolean optional; allows the new user to access the associated report
inventory boolean optional; allows the new user to access the associated report
security boolean optional; allows the new user to access the associated report
account_notification boolean optional; allows the new user to receive notifications from any associated accounts
partner_tools boolean optional; allows the new user to access the partner tools
edit_partner_tools boolean optional; allows the new user to modify the configuration of the partner tools
see_api_keys boolean optional; makes the API key visible to the new user
auth_types boolean optional; allows the new user access to authorization types
use_default_provider boolean optional; allows the new user to use the default provider configuration
sso_provider string optional; indicates that the new user has an SSO association
use_account string required/optional; friendly name of the account in CloudCheckr; must be a payer account in CloudCheckr*
use_cc_account_id string required/optional; unique account ID used in CloudCheckr; must be a payer account in CloudCheckr*
use_aws_account_id string required/optional; the 12-digit AWS account ID; must be a payer account in CloudCheckr*
One of the * parameters must be defined.

API CALL URL:

https://api.cloudcheckr.com/api/account.[json|xml]/add_users?access_key=your_admin_access_key

REQUEST EXAMPLE:

curl -X POST \
               -- https://api.cloudcheckr.com/api/account.[json|xml]/add_users?access_key=your_admin_access_key&use_cc_account_id=1234\
               -- header 'cache-control: no-cache' \
               -- header 'content-type: application/[json|xml]' \
               -- data '{
                 "email": "newUser@cloudcheckr.com",
                 "account_access": "AWS Main",
                 "user_role": "user",
                 "cost_report": "no",
                 "group": "g2",
                 "use_default_provider": 'true",
                 "sso_provider": "PingOne"
                  }

RESPONSE EXAMPLE:
XML:

<AddUsersResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance> <CreationStatuses>
             <status>Created new user with email: newUser48f@cloudcheckr.com</status>
             <status>Created new user with email: newUserk39dk@cloudcheckr.com</status>
          </CreationStatuses>
          </AddUsersResponse>
          

JSON:

{
              "CreationStatuses": [
                  "Created new user with email: newUser48f@cloudcheckr.com@cloudcheckr.com",
                  "Created new user with email: newUserk39dk@cloudcheckr.com"
              ]
          }

Add User To Group

The API method, “add_user_to_group”, is used to add a new user group in CloudCheckr to manage users and permissions at the group level.

The preferred HTTP method for this call is POST.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
group_id string required; group ID associated with the selected group
user_ids list <string> required; IDs of the users; comma-separated list
use_account string required/optional; friendly name of the account in CloudCheckr; must be a payer account in CloudCheckr*
use_cc_account_id string required/optional; unique account ID used in CloudCheckr; must be a payer account in CloudCheckr*
use_aws_account_id string required/optional; the 12-digit AWS account ID; must be a payer account in CloudCheckr*
One of the * parameters must be defined.

API CALL URL:

https://api.cloudcheckr.com/api/account.[json|xml]/add_user_to_group?access_key=your_admin_access_key

REQUEST EXAMPLE:

curl -X POST \
            -- https://api.cloudcheckr.com/api/account.[json|xml]/add_user_to_group?access_key=your_admin_access_key&use_cc_account_id=1234\
            -- header 'cache-control: no-cache' \
            -- header 'content-type: application/[json|xml]' \
            -- data '{
          	"group_id": "e85446b9-8821-41a6-9558-7550756dd899",
                  "user_ids":  ["8B65E388-8A0B-4B5A-A12B-8B0325D0ABF4", "683C1113-1FF0-4F8B-AA3D-9288D2ED615A"]
                  }         	

RESPONSE EXAMPLE:
XML:

<AddUserToGroupResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <status>
              <Code>200</Code>
              <Message>OK</Message>
            </status>
          </AddUserToGroupResponse>
          

JSON:

{
              "Code": 200,
              "Message": "OK"
          }
          

Clone Group

The API method, “clone_group”, creates a copy of an existing group without the users.

The preferred HTTP method for this call is POST.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
group_id string required; group ID
name string required; name
use_account string required; friendly name of the account in the application
use_cc_account_id string required; account ID used in the application
use_aws_account_id string required; the 12-digit AWS account ID

ENDPOINT URL:

https://api.cloudcheckr.com/api/account.[json|xml]/clone_group

JSON/XML CALL EXAMPLE:

curl --request POST \
            -- 'https://api.cloudcheckr.com/api/account.[json|xml]/clone_group?access_key=your_admin_access_key&use_cc_account_id=1234'\
            -- header 'cache-control: no-cache' \
            -- header 'content-type: application/[json|xml]' \
            -- data '{
          	"(required)access_key": "someValHere",
                  "(required)group_id": "someValHere",
          	"(required)name": "someValHere",
          	"use_account": "someValHere",
          	"use_cc_account_id": "someValHere",
          	"use_aws_account_id": "someValHere",
                	}
          

SUCCESSFUL JSON/XML RESPONSE:

{
              "Code": 200,
              "Message": "OK"
          }
          

Copy User

The API method “copy user” is used to create a new CloudCheckr user with the exact permissions as an existing user.

IMPORTANT: This call can only be made using admin-level access keys.

The preferred HTTP method for this call is POST.

XML call:

https://api.cloudcheckr.com/api/account.xml/copy_user?access_key=[access_key]&email_to_copy=[existing_user_email]&emails=[new_user_email]

JSON call:

https://api.cloudcheckr.com/api/account.json/copy_user?access_key=[access_key]&email_to_copy=[existing_user_email]&emails=[new_user_email]

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Admin-Level Access Key is required for this call.
  • email_to_copy (required) – The email address of the existing user.
  • emails (required) – The email address(es) of the new user(s).
  • use_account (required — either this field or ‘use_cc_account_id’) – The name of the AWS account within CloudCheckr.
  • use_cc_account_id (required — either this field or ‘use_account’) – The CloudCheckr ID number for the AWS account within the application.

You can also use this call to add multiple users at once. Simply include all of the emails required, separated by commas.

OUTPUT

XML Example:

<CopyUserResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance> <CreationStatuses>Created new user with email: mytest@mytest.me</CopyUserResponse>
          

JSON Example:

{
              "CreationStatuses": [
                  "Created new user with email: mytest@mytest.me"
              ]
          }

Create Group

The API method, “create_group”, is used to create a group.

The preferred HTTP method for this call is POST.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
name string required; name of the group you want to create
use_cc_account_id integer required; account ID used in the application

ENDPOINT URL:

https://api.cloudcheckr.com/api/account.[json|xml]/create_group

JSON/XML CALL EXAMPLE:

curl --request POST \
            -- 'https://api.cloudcheckr.com/api/account.[json|xml]/create_group?access_key=your_admin_access_key&use_cc_account_id=1234'\
            -- header 'cache-control: no-cache' \
            -- header 'content-type: application/[json|xml]' \
            -- data '{
                  "(required)access_key": "someValHere",
          	"(required)name": "someValHere",
                     	}
          

SUCCESSFUL JSON/XML RESPONSE:

{
              "Code": 200,
              "Message": "OK"
          }

Delete Access Control List From Group

The API method, “delete_access_control_list_from_group”, is used to delete an access control list from a group.

The preferred HTTP method for this call is POST.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
group_id string required; ID of the user group
acls list <string> required; access control lists (ACLs)
use_account string required/optional; friendly name of the account in CloudCheckr; must be a payer account in CloudCheckr*
use_cc_account_id string required/optional; unique account ID used in CloudCheckr; must be a payer account in CloudCheckr*
use_aws_account_id string required/optional; the 12-digit AWS account ID; must be a payer account in CloudCheckr*
One of the * parameters must be defined.

API CALL URL:

https://api.cloudcheckr.com/api/account.[json|xml]/delete_access_control_list_from_groupaccess_key=your_admin_access_key&use_account=AWS Main

REQUEST EXAMPLE:

curl -X POST \
            -- https://api.cloudcheckr.com/api/account.[json|xml]/delete_access_control_list_from_group?access_key=your_admin_access_key&use_account=AWS Main\
            -- header 'cache-control: no-cache' \
            -- header 'content-type: application/[json|xml]' \
            -- data '{
          	"group_id": "315ED648-DA56-4713-98DB-7D0A434A31F9",
                  "acls": ["dd82ecd7-c590-490f-9b3a-f22990a1b500[CC_Delimiter]16b586a1-4459-46e1-b348-8c24dd5cfb7f",
                  "dd82ecd7-c590-490f-9b3a-f22990a1b500[CC_Delimiter]e5c59d38-f3a1-4aac-aa48-a9823c1413ed"]
                        	}
          

RESPONSE EXAMPLE:
XML:

<DeleteAccessControlListFromGroupResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
             <Status>
                <Code>200</Code>
                <Message>OK</Message>
             </Status>
          </DeleteAccessControlListFromGroupResponse>
          

JSON:

{
              "Code": 200,
              "Message": "OK"
          }

Delete Account

The API method “delete_account” is used to remove an AWS account that has been registered with CloudCheckr.

IMPORTANT: This call can only be made using Admin-Level Access Keys.

The preferred HTTP method for this call is POST.

XML call:

https://api.cloudcheckr.com/api/account.xml/delete_account?access_key=[access_key]&account_name=MyAccountName

JSON call:

https://api.cloudcheckr.com/api/account.json/delete_account?access_key=[access_key]&account_name=MyAccountName

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Admin-Level Access Key is required for this call.
  • account_name (required) – the name of the AWS account that will be removed from CloudCheckr.

OUTPUT

XML & JSON Example:

{
          "Code":200,
          "Message":"OK"
          }

Delete Group

The API method, “delete_group”, is used to delete the group with the specified ID.

The preferred HTTP method for this call is POST.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
group_id string required; group ID
email string required; email address of the user
user_id string required; user ID
use_account string required; friendly name of the account in the application
use_cc_account_id string required; account ID used in the application
use_aws_account_id string required; the 12-digit AWS account ID

ENDPOINT URL:

https://api.cloudcheckr.com/api/account.[json|xml]/delete_group

JSON/XML CALL EXAMPLE:

curl --request POST \
            -- 'https://api.cloudcheckr.com/api/account.[json|xml]/delete_group?access_key=your_admin_access_key&use_cc_account_id=1234'\
            -- header 'cache-control: no-cache' \
            -- header 'content-type: application/[json|xml]' \
            -- data '{
          	"(required)(admin level)access_key": "someValHere",
                  "(required)group_id": "someValHere",
          	"email": "someValHere",
          	"user_id": "someValHere",
          	"use_account": "someValHere",
          	"use_cc_account_id": "someValHere",
          	"use_aws_account_id": "someValHere",
                     }
          

SUCCESSFUL JSON/XML RESPONSE:

{
              "Code": 200,
              "Message": "OK"
          }
          

Delete Tag

The API method, “delete_tag”, is used to delete an account-level tag in Multi-Account Views. If you delete an account-level tag, it will impact any account that uses this tag to build its Multi-Account Views (MAVs).

The preferred HTTP method for this call is POST.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
account_name string required; name of the account that contains the tag
account_tag string required; name of the account-level tag that will be deleted

ENDPOINT URL:

https://api.cloudcheckr.com/api/account.[json|xml]/delete_tag

JSON/XML CALL EXAMPLE:

curl --request POST \
            -- 'https://api.cloudcheckr.com/api/account.[json|xml]/delete_tag?access_key=[access key]
            -- header 'cache-control: no-cache' \
            -- header 'content-type: application/[json|xml]' \
            -- data '{
          	'account_name': 'my account name',
                  'account_tag': 'my account tag'
                 	}
          

SUCCESSFUL JSON/XML RESPONSE:

{
              "Code": 200,
              "Message": "OK"
          }
          

Edit Account Email Settings

The API method “edit_account_email_settings” is used to configure a CloudCheckr account’s primary email address(es) for delivery of report emails.

IMPORTANT: This call can only be made using Admin-Level Access Keys.

The preferred HTTP method for this call is POST.

XML call:

https://api.cloudcheckr.com/api/account.xml/edit_account_email_settings?access_key=[access_key]&use_account=[account_name]&emails=[email_address]&alert_health_all=1

JSON call:

https://api.cloudcheckr.com/api/account.json/edit_account_email_settings?access_key=[access_key]&use_account=[account_name]&emails=[email_address]&alert_health_all=1

INPUT PARAMETERS
This call accepts these parameters:

If you want a report email to be enabled, you must always explicitly define it as enabled. If you omit a report email parameter (e.g. best_practices), then the result for that report email will default to false.

Also, when using edit_account_email_settings, you will identify which AWS account to edit by using either use_account or use_cc_account_id.

  • access_key (required) – Admin-Level Access Key is required for this call.
  • use_account (required — either this field or ‘use_cc_account_id’) – The name of the AWS account within CloudCheckr that will have its credentials changed.
  • use_cc_account_id (required — either this field or ‘use_account’) – The CloudCheckr ID number for the AWS account within the application.
  • emails (required) – The email address(es) to be added as the primary recipient(s) for this account.
  • alert_daily_billing (required) – true or false or 1 or 0 values
  • alert_health_affected (required) – true or false or 1 or 0 values
  • alert_health_all (required) – true or false or 1 or 0 values
  • change_monitoring (required) – true or false or 1 or 0 values
  • best_practices (required) – true or false or 1 or 0 values
  • daily_bill_summary (required) – true or false or 1 or 0 values
  • monthly_bill_summary (required) – true or false or 1 or 0 values
  • daily_consolidated_bill_summary (required) – true or false or 1 or 0 values
  • monthly_consolidated_bill_summary (required) – true or false or 1 or 0 values
  • inventory_summary_report (required) – true or false or 1 or 0 values
  • ec2_trending_report (required) – true or false or 1 or 0 values
  • s3_summary_report (required) – true or false or 1 or 0 values
  • ec2_resource_utilization_report (required) – true or false or 1 or 0 values

OUTPUT

XML & JSON Example:

{
          "Code":200,
          "Message":"OK"
          }

Edit Account Name

The API method, “edit_accountname”, is used to edit the account name to better fit with the naming conventions used within your deployment.

The preferred HTTP method for this call is POST.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key

Alternatively, you can use an account API key to rename the account.
account_name string required; name of the Cloudcheckr account
use_account string required/optional; friendly name of the account in CloudCheckr*
use_cc_account_id string required/optional; unique account ID used in CloudCheckr*
use_aws_account_id string required/optional; the 12-digit AWS account ID*
If you use an admin-level API key, you must define one of the * parameters.

ENDPOINT URL:

https://api.cloudcheckr.com/api/account.[json|xml]/edit_accountname

JSON/XML CALL EXAMPLE:

curl --request POST \
            -- https://api.cloudcheckr.com/api/account.[json|xml]/edit_accountname?access_key=[access key]
            -- header 'cache-control: no-cache' \
            -- header 'content-type: application/[json|xml]' \
            -- data '{
          	'account_name': CloudCheckr Support',
                 	}
          

SUCCESSFUL JSON/XML RESPONSE:

{
              "Code": 200,
              "Message": "OK"
          }
          

Edit Credential

The API method, “edit_credential”, is used to add or change the AWS credentials on an AWS account that has been registered with CloudCheckr.

The preferred HTTP method for this call is POST.

INPUT PARAMETERS:

Parameter Type Description
aws_access_key string required/optional; the access key of the IAM user whose credentials will be used to connect CloudCheckr to your AWS account*
aws_secret_key string required/optional; the secret key of the IAM user whose credentials will be used to connect CloudCheckr to your AWS account*
use_account string required/optional; friendly name of the account in CloudCheckr*
use_aws_account_id string required/optional; the 12-digit AWS account ID*
aws_role_arn string required/optional; AWS role ARN parameter that gets generated when you create a role in AWS using CLI*

See the Create Role topic in the AWS documentation for more information.

One of the * parameters must be defined.

API CALL URL:

https://api.cloudcheckr.com/api/account.[json|xml]/edit_credential/

REQUEST EXAMPLE:

https://api.cloudcheckr.com/api/account.[json|xml]/edit_credential?use_account=CloudCheckrDev&aws_role_arn=arn:aws:iam::215011050627:role/restricted_iam_role


RESPONSE EXAMPLE:

{
          "Code":200,
          "Message":"OK"
          }

Get Access Control List

The API method, “get_access_control_list”, is used to return the access control list.

The preferred HTTP method for this call is POST.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
section string required; section name
use_cc_account_id string required; account ID used in the application

ENDPOINT URL:

https://api.cloudcheckr.com/api/account.[json|xml]/get_access_control_list

JSON/XML CALL EXAMPLE:

curl --request POST \
            -- 'https://api.cloudcheckr.com/api/account.[json|xml]/get_access_control_list?access_key=your_admin_access_key&use_cc_account_id=1234'\
            -- header 'cache-control: no-cache' \
            -- header 'content-type: application/[json|xml]' \
            -- data '{
          	"(required)access_key": "someValHere",
                  "section": "someValHere",
                          }
          

SUCCESSFUL JSON/XML RESPONSE:

{
              "Code": 200,
              "Message": "OK"
          }
          

Get Access Control List By ID

The API method, “get_access_control_list_by_id”, is used to return the access control list by ID.

The preferred HTTP method for this call is POST.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
id string required; ID of the ACL item
use_account string required; friendly name of the account in the application
use_cc_account_id string required; account ID used in the application
use_aws_account_id string required; the 12-digit AWS account ID

ENDPOINT URL:

https://api.cloudcheckr.com/api/account.[json|xml]/get_access_control_list_by_id

JSON/XML CALL EXAMPLE:

curl --request POST \
            -- 'https://api.cloudcheckr.com/api/account.[json|xml]/get_access_control_list_by_id&access_key=your_admin_access_key&use_cc_account_id=1234'\
            -- header 'cache-control: no-cache' \
            -- header 'content-type: application/[json|xml]' \
            -- data '{
          	"(required)(admin level)access_key": "someValHere",
          	"(required)id": "someValHere",
          	"use_account": "someValHere",
          	"use_cc_account_id": "someValHere",
          	"use_aws_account_id": "someValHere",
          	}
          

SUCCESSFUL JSON/XML RESPONSE:

{
              "Code": 200,
              "Message": "OK"
          }
          

Get Access Control List Per Group

The API method, “get_access_control_list_per_group”, is used to return the access control list by group.

The preferred HTTP method for this call is POST.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
group_id string required; ID of the group
use_account string required/optional: friendly name of the account in CloudCheckr; must be a payer account in CloudCheckr*
use_cc_account_id string required/optional: unique account ID used in CloudCheckr; must be a payer account in CloudCheckr*
use_aws_account_id string required/optional: the 12-digit AWS account ID; must be a payer account in CloudCheckr*
One of the * parameters must be defined.

API CALL URL:

https://api.cloudcheckr.com/api/account.[json|xml]/get_access_control_list_per_group?access_key=your_admin_access_key&use_account=AWS Main&group_id=315ED648-DA56-4713-98DB-7D0A434A31F9

REQUEST EXAMPLE:

curl -X GET \
               -- https://api.cloudcheckr.com/api/account.[json|xml]/get_access_control_list_per_group?access_key=your_admin_access_key&use_account=AWS Main&group_id=315ED648-DA56-4713-98DB-7D0A434A31F9\
               -- header 'cache-control: no-cache' \
               -- header 'content-type: application/[json|xml]' \
          

RESPONSE EXAMPLE:
XML:

<GetAccessControlListPerGroupResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance>
               <acl>
                 <id>dd82ecd7-c590-490f-9b3a-f22990a1b500[CC_Delimiter]bde7a10b-6e76-4ce5-918c-5c4821b4f3bd</id>
                 <name>Inventory Summary</name>
                 <section>Inventory</section>
                 <code>0</code>
                 <message>null</message>
               </acl>
               <acl>
                 <id>dd82ecd7-c590-490f-9b3a-f22990a1b500[CC_Delimiter]4adf637d-667a-4530-a6a4-e8b4e5fcd340</id>
                 <name>Map Overlay</name>
                 <section>Inventory</section>
                 <code>0</code>
                 <message>null</message>
               </acl>
               <acl>
                 <id>dd82ecd7-c590-490f-9b3a-f22990a1b500[CC_Delimiter]08d18f15-1e86-40f7-bc8f-37f8bc27f1b7</id>
                 <nameTagged Resources</name>
                 <section>Inventory</section>
                 <code>0</code>
                 <message>null</message>
               </acl>
          </GetAccessControlListPerGroupResponse>
          

JSON:

{
              "Acls": [
                  {
                      "Id": "dd82ecd7-c590-490f-9b3a-f22990a1b500[CC_Delimiter]bde7a10b-6e76-4ce5-918c-5c4821b4f3bd",
                      "Name": "Inventory Summary",
                      "Section": "Inventory",
                      "Code": 0,
                      "Message": null
                  },
                  {
                      "Id": "dd82ecd7-c590-490f-9b3a-f22990a1b500[CC_Delimiter]4adf637d-667a-4530-a6a4-e8b4e5fcd340",
                      "Name": "Map Overlay",
                      "Section": "Inventory",
                      "Code": 0,
                      "Message": null
                  },
                  {
                      "Id": "dd82ecd7-c590-490f-9b3a-f22990a1b500[CC_Delimiter]08d18f15-1e86-40f7-bc8f-37f8bc27f1b7",
                      "Name": "Tagged Resources",
                      "Section": "Inventory",
                      "Code": 0,
                      "Message": null
                  }
               ]
          }

Get Account

The API method, “get_account”, is used to retrieve an account.

The preferred HTTP method for this call is GET.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
account_id string required; account ID

API CALL URL:

https://api.cloudcheckr.com/api/account.[json|xml]/get_account

REQUEST EXAMPLE:

curl -X GET\
                -- https://api.cloudcheckr.com/api/account.[json|xml]/get_account?access_key=your_admin_access_key&account_id=3'\
                -- header 'cache-control: no-cache' \
                -- header 'content-type: application/[json|xml]' \
          

RESPONSE EXAMPLE:
XML:

<GetAccountResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
             <Code>0</Code>
             <Id>3</Id>
             <Name>Account 1234</Name>
             <Provider>Amazon Web Services</Provider>
             <Type>General</Type>
             <AccountId>1234222333</AccountId>
             <HasCredentials>true</HasCredentials>
             <Note>Don't click here anymore</Note>
             <LastUpdated>2018-04-19T20:10:59</LastUpdated>
          </GetAccountResponse>
          

JSON:

{
              "Code": "0",
              "Id": "3",
              "Name": "Account 1234",
              "Provider": "Amazon Web Services",
              "Type": "General",
              "AccountId": "1234222333",
              "HasCredentials": "true",
              "Note": "Don't click here anymore",
              "LastUpdated": "2018-04-19T20:10:59"
          }

Get Account Email Settings

The API method, “get_account_email_settings”, is used to return a complete list of all email settings in a CloudCheckr account.

  • This call can only be made using admin-level access keys.
  • The preferred HTTP method for this call is GET.

INPUT PARAMETERS:

Parameter Type Description
access_key string required, admin-level API key
use_account string required/optional; friendly name of the account in CloudCheckr; must be a payer account in CloudCheckr*
use_cc_account_id string required/optional; unique account ID used in CloudCheckr; must be a payer account in CloudCheckr*
use_aws_account_id string required/optional: the 12-digit AWS account ID; must be a payer account in CloudCheckr*
 One of the * parameters must be defined.

API CALL URL:

https://api.cloudcheckr.com/api/account.[json|xml]/get_account_email_settings?access_key=your_admin_access_key&use_cc_account_id=1234'

REQUEST EXAMPLE:

curl -X GET \
                 -- https://api.cloudcheckr.com/api/account.[json|xml]/get_account_email_settings?access_key=your_admin_access_key&use_cc_account_id=1234'\
                 -- header 'cache-control: no-cache' \
                 -- header 'content-type: application/[json|xml]' \

RESPONSE EXAMPLE:

XML:

<GetAccountEmailSettingsResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
              <accounts_and_email_settings>
                  <AccountAndEmailSettings>
                      <ProjectName>Account_Name_Example</ProjectName>
                      <EmailReportRecipients>
                          <EmailAddresses>email1@cloudcheckr.com, email2@cloudcheckr.com</EmailAddresses>
                      </EmailReportRecipients>
                      <AlertEmailSettings>
                          <EnableDailyCostAlert>true</EnableDailyCostAlert>
                          <AwsCostThreshold>10</AwsCostThreshold>
                          <EnableAwsHealthAlerts>false</EnableAwsHealthAlerts>
                          <EnableAwsHealthAlertsIfAffects>true</EnableAwsHealthAlertsIfAffects>
                      </AlertEmailSettings>
                      <DailyEmailSettings>
                          <EnableDailyChangeMonitoring>false</EnableDailyChangeMonitoring>
                          <EnableDailyBestPractice>false</EnableDailyBestPractice>
                          <EnableDailyBillForceUsingCloudWatch>false</EnableDailyBillForceUsingCloudWatch>
                          <EnableDailyAwsConsolidatedBillingSummary>true</EnableDailyAwsConsolidatedBillingSummary>
                          <EnableDailyChangeMonitoringAwsConfig>false</EnableDailyChangeMonitoringAwsConfig>
                          <EnableAutomation>false</EnableAutomation>
                          <EnableImproperlyTaggedResources>false</EnableImproperlyTaggedResources>
                          <EnableDailyCloudTrailSummary>false</EnableDailyCloudTrailSummary>
                          <DailyBestPracticeEmailSettings>
                              <EnableHighImportance>false</EnableHighImportance>
                              <EnableMediumImportance>false</EnableMediumImportance>
                              <EnableLowImportance>false</EnableLowImportance>
                              <EnableInformationalImportance>false</EnableInformationalImportance>
                              <EnableSecurityType>false</EnableSecurityType>
                              <EnableCostType>false</EnableCostType>
                              <EnableUsageType>false</EnableUsageType>
                              <EnableAvailabilityType>false</EnableAvailabilityType>
                              <EnableTrustedAdvisorType>false</EnableTrustedAdvisorType>
                          </DailyBestPracticeEmailSettings>
                      </DailyEmailSettings>
                      <WeeklyEmailSettings>
                          <EnableWeeklyInventory>true</EnableWeeklyInventory>
                          <EnableWeeklyS3Summary>true</EnableWeeklyS3Summary>
                          <EnableWeeklyEc2Trend>true</EnableWeeklyEc2Trend>
                          <EnableWeeklyS3Trend>false</EnableWeeklyS3Trend>
                          <EnableWeeklyEc2Utilization>true</EnableWeeklyEc2Utilization>
                          <EnableWeeklyBestPractice>false</EnableWeeklyBestPractice>
                          <WeeklyBestPracticeEmailSettings>
                              <EnableHighImportanceWeekly>false</EnableHighImportanceWeekly>
                              <EnableMediumImportanceWeekly>false</EnableMediumImportanceWeekly>
                              <EnableLowImportanceWeekly>false</EnableLowImportanceWeekly>
                              <EnableInformationalImportanceWeekly>false</EnableInformationalImportanceWeekly>
                              <EnableSecurityTypeWeekly>false</EnableSecurityTypeWeekly>
                              <EnableCostTypeWeekly>false</EnableCostTypeWeekly>
                              <EnableUsageTypeWeekly>false</EnableUsageTypeWeekly>
                              <EnableAvailabilityTypeWeekly>false</EnableAvailabilityTypeWeekly>
                          </WeeklyBestPracticeEmailSettings>
                      </WeeklyEmailSettings>
                      <MonthlyEmailSettings>
                          <EnableMonthlyCost>false</EnableMonthlyCost>
                          <EnableMonthlyAwsConsolidatedBillingSummary>false</EnableMonthlyAwsConsolidatedBillingSummary>
                          <EnableMonthlyBestPractice>false</EnableMonthlyBestPractice>
                          <DaysSelectedMonthly />
                          <MonthlyBestPracticeEmailSettings>
                              <EnableHighImportanceMonthly>false</EnableHighImportanceMonthly>
                              <EnableMediumImportanceMonthly>false</EnableMediumImportanceMonthly>
                              <EnableLowImportanceMonthly>false</EnableLowImportanceMonthly>
                              <EnableInformationalImportanceMonthly>false</EnableInformationalImportanceMonthly>
                              <EnableSecurityTypeMonthly>false</EnableSecurityTypeMonthly>
                              <EnableCostTypeMonthly>false</EnableCostTypeMonthly>
                              <EnableUsageTypeMonthly>false</EnableUsageTypeMonthly>
                              <EnableAvailabilityTypeMonthly>false</EnableAvailabilityTypeMonthly>
                          </MonthlyBestPracticeEmailSettings>
                      </MonthlyEmailSettings>
                  </AccountAndEmailSettings>
              </accounts_and_email_settings>
          </GetAccountEmailSettingsResponse>
          

JSON:

{
            "GetAccountEmailSettingsResponse": {
              "accounts_and_email_settings": {
                "AccountAndEmailSettings": {
                  "ProjectName": "Account_Name_Example",
                  "EmailReportRecipients": {
                    "EmailAddresses": "email1@cloudcheckr.com, email2@cloudcheckr.com"
                  },
                  "AlertEmailSettings": {
                    "EnableDailyCostAlert": "true",
                    "AwsCostThreshold": "10",
                    "EnableAwsHealthAlerts": "false",
                    "EnableAwsHealthAlertsIfAffects": "true"
                  },
                  "DailyEmailSettings": {
                    "EnableDailyChangeMonitoring": "false",
                    "EnableDailyBestPractice": "false",
                    "EnableDailyBillForceUsingCloudWatch": "false",
                    "EnableDailyAwsConsolidatedBillingSummary": "true",
                    "EnableDailyChangeMonitoringAwsConfig": "false",
                    "EnableAutomation": "false",
                    "EnableImproperlyTaggedResources": "false",
                    "EnableDailyCloudTrailSummary": "false",
                    "DailyBestPracticeEmailSettings": {
                      "EnableHighImportance": "false",
                      "EnableMediumImportance": "false",
                      "EnableLowImportance": "false",
                      "EnableInformationalImportance": "false",
                      "EnableSecurityType": "false",
                      "EnableCostType": "false",
                      "EnableUsageType": "false",
                      "EnableAvailabilityType": "false",
                      "EnableTrustedAdvisorType": "false"
                    }
                  },
                  "WeeklyEmailSettings": {
                    "EnableWeeklyInventory": "true",
                    "EnableWeeklyS3Summary": "true",
                    "EnableWeeklyEc2Trend": "true",
                    "EnableWeeklyS3Trend": "false",
                    "EnableWeeklyEc2Utilization": "true",
                    "EnableWeeklyBestPractice": "false",
                    "WeeklyBestPracticeEmailSettings": {
                      "EnableHighImportanceWeekly": "false",
                      "EnableMediumImportanceWeekly": "false",
                      "EnableLowImportanceWeekly": "false",
                      "EnableInformationalImportanceWeekly": "false",
                      "EnableSecurityTypeWeekly": "false",
                      "EnableCostTypeWeekly": "false",
                      "EnableUsageTypeWeekly": "false",
                      "EnableAvailabilityTypeWeekly": "false"
                    }
                  },
                  "MonthlyEmailSettings": {
                    "EnableMonthlyCost": "false",
                    "EnableMonthlyAwsConsolidatedBillingSummary": "false",
                    "EnableMonthlyBestPractice": "false",
                    "DaysSelectedMonthly": "",
                    "MonthlyBestPracticeEmailSettings": {
                      "EnableHighImportanceMonthly": "false",
                      "EnableMediumImportanceMonthly": "false",
                      "EnableLowImportanceMonthly": "false",
                      "EnableInformationalImportanceMonthly": "false",
                      "EnableSecurityTypeMonthly": "false",
                      "EnableCostTypeMonthly": "false",
                      "EnableUsageTypeMonthly": "false",
                      "EnableAvailabilityTypeMonthly": "false"
                    }
                  }
                }
              }
           }

Get Account Level Tags V2

The API method “get_account_level_tags_v2”, returns enabled account-level tags in three ways:

When called with only an access key, the call returns all account-level tags enabled in this customer, grouped by project name.

When called with a general account specified, the call returns all account-level tags enabled on that general account.

When called with a Multi-Account View specified, the call returns a list of accounts associated with the MAV and all enabled tags in the MAV.

Using call against general accounts:

The preferred HTTP method for this call is GET.

XML call:

https://api.cloudcheckr.com/api/account.xml/get_account_level_tags_v2?access_key=[access_key]

JSON call:

https://api.cloudcheckr.com/api/account.json/get_account_level_tags_v2?access_key=[access_key]

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Admin-Level Access Key is required for this call.
  • use_account (optional) – Account name is used here; returns enabled account-level tags from specific account(s).

OUTPUT

XML Example:

<AccountLevelTagsReponse
                xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
                <AccountItems>
                     <AccountItem>
                          <AccountName>My General Account Name</AccountName>
                          <TagsNames>
                               <string>MyAccountLevelTag1</string>
                               <string>MyAccountLevelTag2</string>
                          </TagsNames>
                     </AccountItem>
                </AccountItems>
           </AccountLevelTagsReponse>

JSON Example:

{
           "AccountLevelTagsReponse": {
             "-xmlns:xsd": "http://www.w3.org/2001/XMLSchema",
             "-xmlns:xsi": "http://www.w3.org/2001/XMLSchema-instance",
               "AccountItems": {
                 "AccountItem": {
                   "AccountName": "My General Account Name",
                   "TagsNames": {
                     "string": [
                       "MyAccountLevelTag1",
                       "MyAccountLevelTag2"
                     ]
                   }
                 }
               }
             }
           }
          

Using the call against Multi-Account Views:

XML call:

https://api.cloudcheckr.com/api/account.xml/get_account_level_tags_v2?access_key=[access_key]&use_account=[MAV account name]

JSON call:

https://api.cloudcheckr.com/api/account.json/get_account_level_tags_v2?access_key=[access_key]&use_account=[MAV account name]

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Admin-Level Access Key is required for this call.
  • use_account (required)- Account name is used here; returns enabled account-level tags from MAV account(s).

OUTPUT

XML Example:

<AccountLevelTagsReponse
                xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
                <AccountItems>
                     <AccountItem>
                          <AccountName>My MAV Account Name</AccountName>
                          <TagsNames>
                               <string>MyAccountLevelTag1</string>
                               <string>MyAccountLevelTag2</string>
                          </TagsNames>
                     </AccountItem>
                </AccountItems>
           </AccountLevelTagsReponse>

JSON Example:

{
           "AccountLevelTagsReponse": {
             "-xmlns:xsd": "http://www.w3.org/2001/XMLSchema",
             "-xmlns:xsi": "http://www.w3.org/2001/XMLSchema-instance",
               "AccountItems": {
                 "AccountItem": {
                   "AccountName": "My MAV Account Name",
                   "TagsNames": {
                     "string": [
                       "MyAccountLevelTag1",
                       "MyAccountLevelTag2"
                     ]
                   }
                 }
               }
             }
           }
          

Get Accounts By Group

The API method, “get_accounts_by_group”, is used to return a list of accounts based by a group ID.

The preferred HTTP method for this call is POST.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
group_id string required; ID of the group
use_account string required; friendly name of the account in the application
use_cc_account_id string required; account ID used in the application
use_aws_account_id string required; the 12-digit AWS account ID

ENDPOINT URL:

https://api.cloudcheckr.com/api/account.[json|xml]/get accounts_by_group

JSON/XML CALL EXAMPLE:

curl --request POST \
            -- 'https://api.cloudcheckr.com/api/account.[json|xml]/get_accounts_by_group?access_key=your_admin_access_key&use_cc_account_id=1234'\
            -- header 'cache-control: no-cache' \
            -- header 'content-type: application/[json|xml]' \
            -- data '{
          	"(required)(admin-level)access_key": "someValHere",
          	"(required)group_id": "someValHere",
          	"use_account": "someValHere",
          	"use_cc_account_id": "someValHere",
          	"use_aws_account_id": "someValHere",
                   }
          

SUCCESSFUL JSON/XML RESPONSE:

{
              "Code": 200,
              "Message": "OK"
          }
          

Get Accounts V2

The API method, “get_accounts_v2”, is used to return a complete list of all AWS accounts registered in CloudCheckr. This call will return an ID for each account that can be used for the parameter, “use_cc_account_id”, when making calls to the admin-level API. It will also include the AWS account ID.

This call can only be made using admin-level access keys.

The preferred HTTP method for this call is GET.

INPUT PARAMETERS:

Parameter Type Description
access_key string required, admin-level API key
use_account string required/optional; friendly name of the account in CloudCheckr; must be a payer account in CloudCheckr*
use_cc_account_id string required/optional; unique account ID used in CloudCheckr; must be a payer account in CloudCheckr*
use_aws_account_id string required/optional; the 12-digit AWS account ID; must be a payer account in CloudCheckr*
One of the * parameters must be defined.

API CALL URL:

https://api.cloudcheckr.com/api/account.[json|xml]/get_accounts_v2?access_key=[access_key]

REQUEST EXAMPLE:

curl -X GET \
                -- https://api.cloudcheckr.com/api/account.[json|xml]/get_accounts_v2?access_key=your_admin_access_key'\
                -- header 'cache-control: no-cache' \
                -- header 'content-type: application/[json|xml]' \   

RESPONSE EXAMPLE:
XML:

<GetAccountsResponse2 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
              <accounts_and_users>
                  <AccountAndUsernames>
                      <account_name>AWS Account1</account_name>
                      <cc_account_id>1</cc_account_id>
                      <aws_account_id>123456789012</aws_account_id>
                      <user_names>
                          <string>user@domain.com</string>
                      </user_names>
                  </AccountAndUsernames>
              </accounts_and_users>
          </GetAccountsResponse2>


JSON:

{
               "accounts_and_users": [
                  {
                    "account_name": "AWS Account1",
                    "cc_account_id": "1",
                    "user_names":
                    "aws_account_id":"123456789012"  [
                    "user@domain.com"
                    ]
                 },
          {
                "accounts_and_users": [
                  {
                    "account_name": "AWS Account2",
                    "cc_account_id": "2",
                    "user_names":
                    "aws_account_id":"234567890123"  [
                    "user@domain.com"
                    ]
                 },
          {
                "accounts_and_users": [
                  {
                    "account_name": "AWS Account3",
                    "cc_account_id": "3",
                    "user_names":
                    "aws_account_id":"345678901234"  [
                    "user@domain.com"
                    ]
                 }
             ]
          }

Get Accounts V4

The API method, “get_accounts_v4”, is used to return a complete list of all AWS and Azure accounts registered in CloudCheckr. This call will return an ID for each account that can be used for the parameter, “use_cc_account_id”, when making calls to the admin-level API. For AWS, it will include the AWS account ID and for Azure, it will include the Subscription ID.

This call can only be made using admin-level access keys.

The preferred HTTP method for this call is GET.

INPUT PARAMETERS:

Parameter Type Description
access_key string required, admin-level API key
use_account string required/optional; friendly name of the account in CloudCheckr; must be a payer account in CloudCheckr*
use_cc_account_id string required/optional; unique account ID used in CloudCheckr; must be a payer account in CloudCheckr*
use_aws_account_id string required/optional; the 12-digit AWS account ID; must be a payer account in CloudCheckr*
One of the * parameters must be defined.

API CALL URL:

https://api.cloudcheckr.com/api/account.[json|xml]/get_accounts_v4?access_key=[access_key]

REQUEST EXAMPLE:

curl -X GET \
                -- https://api.cloudcheckr.com/api/account.[json|xml]/get_accounts_v4?access_key=your_admin_access_key'\
                -- header 'cache-control: no-cache' \
                -- header 'content-type: application/[json|xml]' \   

RESPONSE EXAMPLE:
XML:

<GetAccountsResponse4 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
               <accounts_and_users>
                  <AccountAndUsernames4>
                      <account_name>AWS Account Name</account_name>
                      <cc_account_id>1</cc_account_id>
                      <user_names>
                          <string>user@domain.com</string>
                      </user_names>
                      <aws_account_id>123456789012</aws_account_id>
                      <externalId>CC-99999999999999999999999999999999</externalId>
                  </AccountAndUsernames4>
              <AccountAndUsernames4>
                      <account_name>Azure Subscription</account_name>
                      <cc_account_id>2</cc_account_id>
                      <user_names>
                          <string>user@domain.com</string>
                      </user_names>
                      <externalId>CC-88888888888888888888888888888888</externalId>
                      <azure_account_id>11111111-2222-3333-4444-555555555555</azure_account_id>
                  </AccountAndUsernames4>
              </accounts_and_users>
          </GetAccountsResponse4>

JSON:

{
               "accounts_and_users": {
              "accounts_and_users": [
              {
                      "azure_account_id": null,
                      "externalId": "CC-99999999999999999999999999999999",
                      "aws_account_id": "123456789012",
                      "account_name": "AWS Account Name",
                      "cc_account_id": "1",
                      "user_names": [
                          "user@domain.com"
                      ]
                  },
              {
                      "azure_account_id": "11111111-2222-3333-4444-555555555555",
                      "externalId": "CC-88888888888888888888888888888888",
                      "aws_account_id": null,
                      "account_name": "Azure Subscription",
                      "cc_account_id": "2",
                      "user_names": [
                          "user@domain.com"
                      ]
                  }
              ]
          }

Get External ID

The API method, “get_external_id”, is used to retrieve external IDs if you require an external ID to be associated with a specific CloudCheckr account.

The preferred HTTP method for this call is GET.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
use_account string required/optional; friendly name of the account in CloudCheckr

API CALL URL:

https://api.cloudcheckr.com/api/account.[json|xml]/get_external_id?access_key=00000&use_account=CloudCheckrDev'

REQUEST EXAMPLE:

curl -X GET \
                -- https://api.cloudcheckr.com/api/account.[json|xml]/get_external_id?access_key=00000&use_account=CloudCheckrDev'
                -- header 'cache-control: no-cache' \
                -- header 'content-type: application/[json|xml]' \

RESPONSE EXAMPLE:

XML:

<GetExternalIdResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance>
          	<ExternalIds>
          		<cc_external_id>CC-8B02A95B24EAA7179E8118C1216A9BFA</cc_external_id>
          		<role_account_id>352813966189</role_account_id>
          		<cc_account_name>CloudCheckrDev</cc_account_name>
          	</ExternalIds>
          </GetExternalIdResponse>

JSON:

{
             "ExternalIds":[
                {
                   "cc_external_id":"CC-8B02A95B24EAA7179E8118C1216A9BFA",
                   "role_account_id":"352813966189",
                   "cc_account_name":"CloudCheckrDev"
                }
             ]
          }
          

Get Group

The API method, “get_group”, is used to retrieve a group.

The preferred HTTP method for this call is POST.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
group_id string required; ID of the group
use_account string required; friendly name of the account in the application
use_cc_account_id string required; account ID used in the application
use_aws_account_id string required; the 12-digit AWS account ID

ENDPOINT URL:

https://api.cloudcheckr.com/api/account.[json|xml]/get_group

JSON/XML CALL EXAMPLE:

curl --request POST \
            -- 'https://api.cloudcheckr.com/api/account.[json|xml]/get_group?access_key=your_admin_access_key&use_cc_account_id=1234'\
            -- header 'cache-control: no-cache' \
            -- header 'content-type: application/[json|xml]' \
            -- data '{
          	"(required)(admin-level)access_key": "someValHere",
          	"(required)group_id": "someValHere",
          	"use_account": "someValHere",
          	"use_cc_account_id": "someValHere",
          	"use_aws_account_id": "someValHere",
          	}
          

SUCCESSFUL JSON/XML RESPONSE:

{
              "Code": 200,
              "Message": "OK"
          }
          

Get Groups

The API method, “get_groups”, is used to return the groups.

The preferred HTTP method for this call is GET.

Parameter Type Description
access_key string required; admin-level API key
email string required; optional; email address associated with the group
user_id string optional; user ID associated with the group
use_account string required/optional; friendly name of the account in the application; ; must be a payer account in CloudCheckr*
use_cc_account_id string required/optional; unique account ID used in the application; must be a payer account in CloudCheckr*
use_aws_account_id string required/optional; the 12-digit AWS account ID; must be a payer account in CloudCheckr*
One of the * parameters must be defined.

API CALL URL:

https://api.cloudcheckr.com/api/account.[json|xml]/get_groups?access_key=your_admin_access_key

REQUEST EXAMPLE:

curl -X GET \
               -- https://api.cloudcheckr.com/api/account.[json|xml]/get_groups?access_key=your_admin_access_key&use_cc_account_id=1234\
               -- header 'cache-control: no-cache' \
               -- header 'content-type: application/[json|xml]' \
          

RESPONSE EXAMPLE:
XML:

<GetGroupsResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance>
           <GroupNames>
               <GroupName>g2</GroupName>
               <GroupName>g3</GroupName>
           </GroupNames>
          </GetGroupsResponse> 

JSON:

{
              "GroupNames": [
                  "g2",
                  "g3"
              ]
          }

Get Groups V2

The API method, “get_groups_v2”, is used to return the groups.

The preferred HTTP method for this call is POST.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
email string required; email address of a user
user_id string required; ID of a user
use_account string required; friendly name of the account in the application
use_cc_account_id string required; account ID used in the application
use_aws_account_id string required; the 12-digit AWS account ID

ENDPOINT URL:

https://api.cloudcheckr.com/api/account.[json|xml]/get_groups_v2

JSON/XML CALL EXAMPLE:

curl --request POST\
            -- 'https://api.cloudcheckr.com/api/account.[json|xml]/get_groups_v2?access_key=your_admin_access_key&use_cc_account_id=1234'\
            -- header 'cache-control: no-cache' \
            -- header 'content-type: application/[json|xml]' \
            -- data '{
          	"(required)(admin level)access_key": "someValHere",
          	"email": "someValHere",
          	"user_id": "someValHere",
          	"use_account": "someValHere",
          	"use_cc_account_id": "someValHere",
          	"use_aws_account_id": "someValHere",
          	}
          

SUCCESSFUL JSON/XML RESPONSE:

{
              "Code": 200,
              "Message": "OK"
          }
          

Get User

The API method, “get_user”, is used to return a user.

The preferred HTTP method for this call is POST.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
user_id string required; ID of the user
use_account string required; friendly name of the account in the application
use_cc_account_id string required; account ID used in the application
use_aws_account_id string required; the 12-digit AWS account ID

ENDPOINT URL:

https://api.cloudcheckr.com/api/account.[json|xml]/get_user

JSON/XML CALL EXAMPLE:

curl --request POST \
            -- 'https://api.cloudcheckr.com/api/account.[json|xml]/get_user?access_key=your_admin_access_key&use_cc_account_id=1234'\
            -- header 'cache-control: no-cache' \
            -- header 'content-type: application/[json|xml]' \
            -- data '{
          	"(required)(admin-level)access_key": "someValHere",
          	"(required)user_id": "someValHere",
          	"use_account": "someValHere",
          	"use_cc_account_id": "someValHere",
          	"use_aws_account_id": "someValHere",
          	}
          

SUCCESSFUL JSON/XML RESPONSE:

{
              "Code": 200,
              "Message": "OK"
          }
          

Get Users

The API method, “get_users”, is used to return a list of users.

The preferred HTTP method for this call is GET.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
use_account string required/optional; friendly name of the account in CloudCheckr; must be a payer account in CloudCheckr*
use_cc_account_id string required/optional; unique account ID used in CloudCheckr; must be a payer account in CloudCheckr*
use_aws_account_id string required/optional: the 12-digit AWS account ID; must be a payer account in CloudCheckr*
One of the * parameters must be defined.

API CALL URL:

https://api.cloudcheckr.com/api/account.[json|xml]/get_users?access_key=your_admin_access_key

REQUEST EXAMPLE:

curl -X GET \
               -- https://api.cloudcheckr.com/api/account.[json|xml]/get_users?access_key=your_admin_access_key&use_cc_account_id=1234\
               -- header 'cache-control: no-cache' \
               -- header 'content-type: application/[json|xml]' \
          

RESPONSE EXAMPLE:
XML:

<GetUsersResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance>
            <users_and_accounts>
                <user>
                  <username>newuser1.lastname@cloudcheckr.com</username>
                  <account_names>AWS Main,VMware Local,VMware Remote,test,Azure Main,api added aws account</account_names>
                </user>
                <user>
                  <username>newuser2.lastname@cloudcheckr.com</username>
                  <account_names>AWS Main,VMware Local,VMware Remote,test,Azure Main,api added aws account</account_names>
                </user>
                <user>
                  <username>newuser3.lastname@cloudcheckr.com</username>
                  <account_names>AWS Main,VMware Local,VMware Remote,test,Azure Main,api added aws account</account_names>
                </user>
            </users_and_accounts>
          </GetUsersResponse>

JSON:

{
              "users_and_accounts": [
                  {
                      "username": "newuser1.lastname@cloudcheckr.com",
                      "account_names": [
                          "AWS Main",
                          "VMware Local",
                          "VMware Remote",
                          "test",
                          "Azure Main",
                          "api added aws account"
                      ]
                  },
                  {
                      "username": "newuser2.lastname@cloudcheckr.com",
                      "account_names": [
                          "AWS Main",
                          "VMware Local",
                          "VMware Remote",
                          "test",
                          "Azure Main",
                          "api added aws account"
                      ]
                  },
                  {
                      "username": "newuser3.lastname@cloudcheckr.com",
                      "account_names": [
                          "AWS Main",
                          "VMware Local",
                          "VMware Remote",
                          "test",
                          "Azure Main",
                          "api added aws account"
                      ]
                  }
              ]
          }

Get Users By Group

The API method, “get_users_by_group”, is used to return a list of users by group.

The preferred HTTP method for this call is POST.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
group_id string required; ID of the group
use_account string required/optional; friendly name of the account in CloudCheckr; must be a payer account in CloudCheckr*
use_cc_account_id string required/optional; unique account ID used in CloudCheckr; must be a payer account in CloudCheckr*
use_aws_account_id string required/optional; the 12-digit AWS account ID; must be a payer account in CloudCheckr*
One of the * parameters must be defined.

API CALL URL:

https://api.cloudcheckr.com/api/account.[json|xml]/get_users_by_group?access_key=your_admin_access_key&use_account=AWS Main&group_id=315ED648-DA56-4713-98DB-7D0A434A31F9

REQUEST EXAMPLE:

curl -X GET \
               -- https://api.cloudcheckr.com/api/account.[json|xml]/get_users_by_group?access_key=your_admin_access_key&use_account=AWS Main&group_id=315ED648-DA56-4713-98DB-7D0A434A31F9
               -- header 'cache-control: no-cache' \
               -- header 'content-type: application/[json|xml]' \
          

RESPONSE EXAMPLE:
XML:

<GetUsersByGroupResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
                      <UsersByGroup>
                          <user>
                            <group_id>eaa0e024-c166-4552-84cc-1d1350c5640c</group_id>
                            <email>newuser1.lastname@cloudcheckr.com</email>
                          </user>
                          <user>
                            <group_id>5820046e-0597-4425-bb39-46ae1c6ecb8d</group_id>
                            <email>usernewtest@cloudcheckr.com</email>
                          </user>
                     </UsersByGroup>
          </GetUsersByGroupResponse>
          

JSON:

{
              "Users": [
                  {
                      "Id": "eaa0e024-c166-4552-84cc-1d1350c5640c",
                      "Email": "newuser1.lastname@cloudcheckr.com"
                  },
                  {
                      "Id": "5820046e-0597-4425-bb39-46ae1c6ecb8d",
                      "Email": "usernewtest@cloudcheckr.com"
                  }
              ]
          }

Get Users V2

The API method “get_users_v2” is used to return a complete list of all CloudCheckr users, their created and last login dates, and details regarding the accounts they can access.

IMPORTANT: This call can only be made using Admin-Level Access Keys.

The preferred HTTP method for this call is GET.

XML call:

https://api.cloudcheckr.com/api/account.xml/get_users_v2?access_key=[access_key]

JSON call:

https://api.cloudcheckr.com/api/account.json/get_users_v2?access_key=[access_key]

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Admin-Level Access Key is required for this call.
  • email – Allows filtering to user email. Will return all users if parameter not present.

OUTPUT

XML Example:

<GetUsersResponseV2 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
          	<user_permissions>
          		<UserPermission>
          			<email>testemail@cloudcheckr.com</email>
          			<created>7/13/2016 6:38:05 PM</created>
          			<last_login>7/14/2016 7:34:53 PM</last_login>
          			<role>BasicUser</role>
          			<logon_rules>
          				<LogOnRule>
          					<rule>forms</rule>
          					<is_granted>yes</is_granted>
          				</LogOnRule>
          				<LogOnRule>
          					<rule>sso</rule>
          					<is_granted>no</is_granted>
          				</LogOnRule>
          				<LogOnRule>
          					<rule>ldap</rule>
          					<is_granted>yes</is_granted>
          				</LogOnRule>
          			</logon_rules>
          			<account_permissions>
          				<AccountPermission>
          					<account>My_Sample_Account1</account>
          					<permissions>
          						<PermissionItem>
          							<permission_name>cost_report</permission_name>
          							<is_granted>no</is_granted>
          						</PermissionItem>
          						<PermissionItem>
          							<permission_name>blended_cost</permission_name>
          							<is_granted>no</is_granted>
          						</PermissionItem>
          						<PermissionItem>
          							<permission_name>credits</permission_name>
          							<is_granted>no</is_granted>
          						</PermissionItem>
          						<PermissionItem>
          							<permission_name>resource_utilization_reports</permission_name>
          							<is_granted>no</is_granted>
          						</PermissionItem>
          						<PermissionItem>
          							<permission_name>trending_reports</permission_name>
          							<is_granted>no</is_granted>
          						</PermissionItem>
          						<PermissionItem>
          							<permission_name>change_monitoring</permission_name>
          							<is_granted>no</is_granted>
          						</PermissionItem>
          						<PermissionItem>
          							<permission_name>best_practices</permission_name>
          							<is_granted>no</is_granted>
          						</PermissionItem>
          						<PermissionItem>
          							<permission_name>unblended_cost</permission_name>
          							<is_granted>no</is_granted>
          						</PermissionItem>
          						<PermissionItem>
          							<permission_name>list_cost</permission_name>
          							<is_granted>no</is_granted>
          						</PermissionItem>
          						<PermissionItem>
          							<permission_name>edit_emails</permission_name>
          							<is_granted>no</is_granted>
          						</PermissionItem>
          						<PermissionItem>
          							<permission_name>automation</permission_name>
          							<is_granted>no</is_granted>
          						</PermissionItem>
          						<PermissionItem>
          							<permission_name>alert_reports</permission_name>
          							<is_granted>yes</is_granted>
          						</PermissionItem>
          						<PermissionItem>
          							<permission_name>security_reports</permission_name>
          							<is_granted>no</is_granted>
          						</PermissionItem>
          						<PermissionItem>
          							<permission_name>inventory_reports</permission_name>
          							<is_granted>no</is_granted>
          						</PermissionItem>
          						<PermissionItem>
          							<permission_name>savings_reports</permission_name>
          							<is_granted>no</is_granted>
          						</PermissionItem>
          						<PermissionItem>
          							<permission_name>account_notification</permission_name>
          							<is_granted>no</is_granted>
          						</PermissionItem>
          						<PermissionItem>
          							<permission_name>partner_tools</permission_name>
          							<is_granted>no</is_granted>
          						</PermissionItem>
          						<PermissionItem>
          							<permission_name>edit_partner_tools</permission_name>
          							<is_granted>no</is_granted>
          						</PermissionItem>
          					</permissions>
          				</AccountPermission>
          			</account_permissions>
          		</UserPermission>
                <user_permissions>
          <GetUsersResponseV2>
          

JSON Example:

{
             "GetUsersResponseV2": {
                "user_permissions": {
                   "UserPermission": {
                      "email": "testemail@cloudcheckr.com",
                      "created": "7/13/2016 6:38:05 PM",
                      "last_login": "7/14/2016 7:34:53 PM",
                      "role": "BasicUser",
                      "logon_rules": {
                         "LogOnRule": [
                            {
                               "rule": "forms",
                               "is_granted": "yes"
                            },
                            {
                               "rule": "sso",
                               "is_granted": "no"
                            },
                            {
                               "rule": "ldap",
                               "is_granted": "yes"
                            }
                         ]
                      },
                      "account_permissions": {
                         "AccountPermission": {
                            "account": "My_Sample_Account1",
                            "permissions": {
                               "PermissionItem": [
                                  {
                                     "permission_name": "cost_report",
                                     "is_granted": "no"
                                  },
                                  {
                                     "permission_name": "blended_cost",
                                     "is_granted": "no"
                                  },
                                  {
                                     "permission_name": "credits",
                                     "is_granted": "no"
                                  },
                                  {
                                     "permission_name": "resource_utilization_reports",
                                     "is_granted": "no"
                                  },
                                  {
                                     "permission_name": "trending_reports",
                                     "is_granted": "no"
                                  },
                                  {
                                     "permission_name": "change_monitoring",
                                     "is_granted": "no"
                                  },
                                  {
                                     "permission_name": "best_practices",
                                     "is_granted": "no"
                                  },
                                  {
                                     "permission_name": "unblended_cost",
                                     "is_granted": "no"
                                  },
                                  {
                                     "permission_name": "list_cost",
                                     "is_granted": "no"
                                  },
                                  {
                                     "permission_name": "edit_emails",
                                     "is_granted": "no"
                                  },
                                  {
                                     "permission_name": "automation",
                                     "is_granted": "no"
                                  },
                                  {
                                     "permission_name": "alert_reports",
                                     "is_granted": "yes"
                                  },
                                  {
                                     "permission_name": "security_reports",
                                     "is_granted": "no"
                                  },
                                  {
                                     "permission_name": "inventory_reports",
                                     "is_granted": "no"
                                  },
                                  {
                                     "permission_name": "savings_reports",
                                     "is_granted": "no"
                                  },
                                  {
                                     "permission_name": "account_notification",
                                     "is_granted": "no"
                                  },
                                  {
                                     "permission_name": "partner_tools",
                                     "is_granted": "no"
                                  },
                                  {
                                     "permission_name": "edit_partner_tools",
                                     "is_granted": "no"
                                  }
                               ]
                            }
                         }
                      }
                   }
                }
             }
          }
          

Grant Account

The API method “grant_account” is used to grant access to a CloudCheckr user to see a specific AWS account that has been registered in CloudCheckr.

IMPORTANT: This call can only be made using Admin-Level Access Keys.

The preferred HTTP method for this call is POST.

XML call:

https://api.cloudcheckr.com/api/account.xml/grant_account?access_key=[access_key]&email=[email address]&use_account=[account_name]

JSON call:

https://api.cloudcheckr.com/api/account.json/grant_account?access_key=[access_key]&email=[email address]&use_account=[account_name]

INPUT PARAMETERS

This call accepts these parameters. The user will only be granted permissions to the parameters entered unless the all_access parameter is used. If the all_access parameter is used, no further parameters need to be specified as the account will be granted access to all reports available within the account.

  • access_key (required) – Admin-Level Access Key is required for this call.
  • email (required) – the email address of the CloudCheckr user.
  • use_account (required) – the name of the CloudCheckr account the user can access. If adding multiple account names, use just “accounts” with account names separated by commas.
  • all_access (optional) – if this set to true, the user will have access to all reports within the account.  If this is set to true, none of the other parameters listed below are required.  Accepts “yes”, “1”, “y”.
  • cost_report (optional) – whether the user can access the cost reports within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • blended_cost (optional) – whether the user can view blended costs within the cost reports. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • unblended_cost (optional) – whether the user can view unblended costs within the cost reports. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • list_cost (optional) – whether the user can view list costs within the cost reports. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • resource_utilization_reports (optional) – whether the user can access the resource utilization reports within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • trending_reports (optional) – whether the user can access the trending reports within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • change_monitoring (optional) – whether the user can access the change monitoring report within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • best_practices (optional) – whether the user can access the best practice report within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.

OUTPUT

XML & JSON Example:

{
          "Code":200,
          "Message":"OK"
          }

Remove User

The API method, “remove_user”, is used to delete a CloudCheckr user.

IMPORTANT: This call can only be made using Admin-Level Access Keys.

The preferred HTTP method for this call is POST.

XML call:

https://api.cloudcheckr.com/api/account.xml/remove_user?access_key=[access_key]&email=[email address]

JSON call:

https://api.cloudcheckr.com/api/account.json/remove_user?access_key=[access_key]&email=[email address]

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Admin-Level Access Key is required for this call.
  • email (required) – the email address of the new user.

OUTPUT

XML & JSON Example:

{
          "Code":200,
          "Message":"OK"
          }

Remove Users From Group

The API method, “remove_users_from_group”, is used to remove users from a group.

The preferred HTTP method for this call is POST.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
group_id string required; group ID
user_ids list <string> required; user IDs
use_account string required; friendly name of the account in the application; must be a payer account in CloudCheckr*
use_cc_account_id string required; account ID used in the application; must be a payer account in CloudCheckr*
use_aws_account_id string required; the 12-digit AWS account ID; must be a payer account in CloudCheckr*
One of the * parameters must be defined.

API CALL URL:

https://api.cloudcheckr.com/api/account.[json|xml]/remove_users_from_group?access_key=your_admin_access_key

REQUEST EXAMPLE:

curl -X POST \
               -- https://api.cloudcheckr.com/api/account.[json|xml]/remove_users_from_group?access_key=your_admin_access_key&use_cc_account_id=1234\
               -- header 'cache-control: no-cache' \
               -- header 'content-type: application/[json|xml]' \
               -- data '{
                  "group_id": "53CFAD80-D351-4144-8920-32170A6F4A0",
                  "user_ids": ["8B65E388-8A0B-4B5A-A12B-8B0325D0ABF4", "683C1113-1FF0-4F8B-AA3D-9288D2ED615A,"]
               }
          

RESPONSE EXAMPLE:
XML:

<RemoveUsersFromGroupResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <Status>
              <Code>200</Code>
              <Message>OK</Message>
            </Status>
          </RemoveUsersFromGroupResponse>

JSON:

{
              "Code": 200,
              "Message": "OK"
          }
          

Revoke Account

The API method “revoke_account” is used to revoke access from a CloudCheckr user to see a specific AWS account that has been registered in CloudCheckr.

IMPORTANT: This call can only be made using Admin-Level Access Keys.

The preferred HTTP method for this call is POST.

XML call:

https://api.cloudcheckr.com/api/account.xml/revoke_account?access_key=[access_key]&email=[email address]&use_account=[account_name1]

JSON call:

https://api.cloudcheckr.com/api/account.json/revoke_account?access_key=[access_key]&email=[email address]&use_account=[account_name1]

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Admin-Level Access Key is required for this call.
  • email (required) – the email address of the CloudCheckr user.
  • use_account (required) – the name of the CloudCheckr account the user will no longer be able to access. If revoking access to multiple accounts, use just “accounts” with account names separated by commas.
  • use_cc_account_id (required — either this field or ‘use_account’) – The CloudCheckr ID number for the AWS account within the application.

OUTPUT

XML & JSON Example:

{
          "Code":200,
          "Message":"OK"
          }

Tag Account

The API method “tag_account” is used to apply a tag to an account, which can then be used to build Multi-Account Views.

The preferred HTTP method for this call is POST.

XML call:

https://api.cloudcheckr.com/api/account.xml/tag_account?access_key=[access_key]&account_name=MyAccountName&account_tag=MyTag

JSON call:

https://api.cloudcheckr.com/api/account.json/tag_account?access_key=[access_key]&account_name=MyAccountName&account_tag=MyTag

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – standard Access Key required for all API calls.
  • account_name (required) – name of the account the tag will be applied to.
  • account_tag (required) – name of the tag that will be added to the account.

OUTPUT

XML & JSON Example:

{
          "Code":200,
          "Message":"OK"
          }
          

Untag Account

The API method, “untag_account”, is used to remove an account-level tag from an account. As a result, the selected account will no longer be included in any Multi-Account Views (MAVs) reports that use this account-level tag.

The preferred HTTP method for this call is POST.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
account_name string required; name of the account where you want to remove the account-level tag
account_tag string required; name of the account-level tag that you want to untag in the selected account

ENDPOINT URL:

https://api.cloudcheckr.com/api/account.[json|xml]/untag_account

JSON/XML CALL EXAMPLE:

curl --request POST \
            -- 'https://api.cloudcheckr.com/api/account.[json|xml]/untag_account?access_key=[access key]
            -- header 'cache-control: no-cache' \
            -- header 'content-type: application/[json|xml]' \
            -- data '{
          	'account_name': 'my account name',
                  'account_tag': 'my account tag'
                 	}
          

SUCCESSFUL JSON/XML RESPONSE:

{
              "Code": 200,
              "Message": "OK"
          }
          

Ignore Best Practice

The API method, “ignore_best_practice”, is used to add or remove an ignore from a best practice check with an optional ignore reason and expiration date.

To ignore a best practice check, go to the left navigation pane, choose Best Practices, click the Security  tab, select a best practice, and click Ignore Check.

INPUT PARAMETERS:

Parameter Type Description
 access_key string required; admin-level API key
 bpc_id string required; unique ID for selected security best practice
 ignored_reason  string  optional; explanation for why best practice should be ignored
 unignore  string  optional; enter a value of true to remove the ignore best practice check configuration
 expire_date  string  optional; select the date on which the Ignore Best Practice check configuration will be removed
 use_acount  string  optional; provide the account where the Ignore Best Practice check will be applied
 use_cc_acount_id  string  optional; provide the account id of the account where the Ignore Best Practice check will be applied
 use_cloud_acount_id  string  optional; provide the cloud account id of the account where the Ignore Best Practice check will be applied

ENDOINT URL:

https://api.cloudcheckr.com/api/best_practice.[json|xml]/ignore_best_practice

JSON/XML CALL EXAMPLE :

curl --request POST \
            -- 'https://api.cloudcheckr.com/api/best_practice.[json|xml]/ignore_best_practice?access_key=18V9B1760170426TKNL01W5R526CG079YH3O9YT8L0A5PNIXU6S84WC0GEX9AS23&bpc_id=BPC_ID'
            -- header 'cache-control: no-cache' \
            -- header 'content-type: application/[json|xml]' \
            -- data '{
          	"ignored_reason": "IGNORED_REASON",
                  "unignore": "TRUE",
                  "expire_date": "EXPIRE_DATE",
                  "use_account": "USE_ACCOUNT",
                  "use_cc_account_id": "USE_CC_ACCOUNT_ID",
                  "use_cloud_account_id": "USE_CLOUD_ACCOUNT_ID"
          	}
          

SUCCESSFUL JSON/XML RESPONSE:

{
              "Code": 200,
              "Message": "Ignore Successful"
          }
          

Add Custom Billing Charge - Fixed

The API method, “add_custom_billing_charge_fixed”, is used to add a custom billing charge that applies a fixed charge or credit.

To add a fixed charge or credit, go to the left navigation pane, choose Cost > AWS Partner Tools > Configure > Custom Billing Charges, click New Custom Charge, and select Add a fixed charge or credit.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
startDate DateTime required; start date for the custom billing charge
endDate DateTime required/optional; end date for the custom billing charge; custom billing charges with no end date will apply until the end of time
amount decimal required; sets the fixed charge (positive value) or credit (negative value) dollar amount
oneTime string *required/optional; applies the fixed charge or credit as a one-time occurence to the custom billing charge
monthlyRecurring string *required/optional; applies the fixed credit or charge as a monthly recurring amount to the custom billing charge
description string required; human-friendly description of the custom billing charge
accounts List<string> optional; comma-separated list of accounts where the custom billing charge can be applied; defaults to all accounts
accountsInvert boolean optional; applies the NOT logical operator to selected accounts in the previous parameter; defaults to false
use_account string **optional/required; friendly name of the account in CloudCheckr where the custom billing charge can be applied (must be payer account!)
use_cc_account_id string **optional/required; account ID of the account in CloudCheckr where the custom billing charge can be applied (must be a payer account!)
use_aws_account_id string **optional/required; the 12-digit AWS account ID where the custom billing charge can be applied (must be payer account)

* = one of these parameters must be defined
** = one of these parameters must be defined

The end date is only required if you select the Monthly recurring option.

ENDPOINT URL:

https://api.cloudcheckr.com/api/billing.[json|xml]/add_custom_billing_charge_fixed

JSON/XML CALL EXAMPLE:

curl --request POST \
            'https://api.cloudcheckr.com/api/billing.[json|xml]/add_custom_billing_charge_fixed?access_key=your_admin_access_key&use_cc_account_id=1234' \
            --header 'cache-control: no-cache' \
            --header 'content-type: application/[json|xml]' \
            --data '{
          	"startDate": "1970-01-01",
                  "endDate": "2063-04-05",
                  "description": "example custom billing charge",
          	"amount": "dollar amount",
                  "oneTime": "true or false",
                  "monthlyRecurring": "true or false",
          	"accounts": ["215011050627,245990094719"],
                  "accountInvert": "true"
          	}
          

SUCCESSFUL JSON/XML RESPONSE:

{
              "Code": 200,
              "Message": "OK"
          }

Add Custom Billing Charge - Monthly Percent

The API method, “add_custom_billing_charge_monthly_percent”, is used to add a custom billing charge that applies a monthly percent discount or premium.

To add a custom monthly precent discount or premium, go to the left navigation pane, choose Cost > AWS Partner Tools > Configure > Custom Billing Charges, click New Custom Charge, and select Add a monthly percent charge or credit.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
description string required; human-friendly description of the custom billing charge
percentageValue decimal required; sets the charge (positive value) or credit (negative value) percentage
minimumCharge decimal optional; applies a minimum charge/credit threshold to the custom billing charge
maximumCharge decimal optional; applies a maximum charge/credit threshold to the custom billing charge
tiers List<Tier> optional; applies the custom billing charge to a monetary tier range
applyPercentageTo CostBasline required; indicates the cost type  that the custom billing charge will apply to
stack boolean optional; enables custom stack ordering; defaults to false
stackOrder integer optional; sets stack order if previous parameter is true
accounts List<string> optional; comma-separated list of accounts where the custom billing charge can be applied; defaults to all accounts
accountsInvert boolean optional; applies the NOT logical operator to selected accounts in the previous parameter; defaults to false
region List<string> optional; comma-separated list of region(s) where the custom billing charge can be applied; defaults to all; accepts region id’s as valid values
regionInvert boolean optional; applies the NOT logical operator to selected regions in the previous parameter; defaults to false
awsService List<string> optional; comma-separated list of AWS services where the custom billing charge can be applied; defaults to all
awsServiceInvert boolean optional; applies the NOT logical operator to selected AWS services in the previous parameter; defaults to false
operation List<string> optional; comma-separated list of AWS operations where the custom billing charge can be applied; defaults to all
operationInvert boolean optional; applies the NOT logical operator to selected AWS operations in the previous parameter; defaults to false
usageType List<string> optional; comma-separated list of AWS usage types where the custom billing charge can be applied; defaults to all
usageTypeInvert boolean optional; applies the NOT logical operator to selected AWS usage types in the previous parameter; defaults to false
tag List<string> optional; comma-separated list of tag key/value pairs where the custom billing charge can be applied; defaults to all
tagInvert boolean optional; applies the NOT logical operator to selected tag key/value pairs in the previous parameter; defaults to false
startDate DateTime required; start date for the custom billing charge
endDate DateTime optional; end date for the custom billing charge; custom billing charges with no end date will apply until the end of time
use_account string *optional/required; friendly name of the account in CloudCheckr where the custom billing charge is applied (must be payer account!)
use_cc_account_id string *optional/required; account ID of the account in CloudCheckr where the custom billing charge is applied (must be a payer account)
use_aws_account_id string *optional/required; the 12-digit AWS account ID where the custom billing charge is applied (must be payer account)

* = one of these parameters must be defined

ENDPOINT URL:

https://api.cloudcheckr.com/api/billing.[json|xml]/add_custom_billing_charge_monthly_percent

JSON/XML CALL EXAMPLE:

curl --request POST \
            'https://api.cloudcheckr.com/api/billing.[json|xml]/add_custom_billing_charge_monthly_percent?access_key=your_admin_access_key&use_cc_account_id=1234' \
            --header 'cache-control: no-cache' \
            --header 'content-type: application/[json|xml]' \
            --data '{
          	"description": "example custom billing charge",
          	"percentageValue": 10.5,
          	"minimumCharge": 5000, "maximumCharge": 10000,
          	"stack": "true", "stackOrder": 1,
          	"tiers": [{
          		"From": 0,
          		"To": 1000,
          		"Charge": 25
          	},
          	{
          		"From": 1001,
          		"To": 2000,
          		"Charge": -10
          	}],
          	"costBaseline": "ListCost",
          	"accounts": ["215011050627,245990094719"],
          	"region": ["1","2"], "RegionInvert": "true",
          	"operation": ["AbortMultipartUpload","AssociateAddress"],
          	"usageType": ["ActiveConfigRules","APN1-ActiveConfigRules"],
          	"tag": ["Customer | test123", "Customer | Testtag"],
          	"startDate": "1970-01-01", "endDate": "2063-04-05"
          }

SUCCESSFUL JSON/XML RESPONSE:

{
              "Code": 200,
              "Message": "OK"
          }

Add Custom Billing Charge - Percent All Charges

The API method, “add_custom_billing_charge_percent_all_charges”, is used to add a percent discount or premium for all charges.

To add this custom billing charge, go to the left navigation pane, choose Cost > AWS Partner Tools > Configure > Custom Billing Charges,  click New Custom Charge, and select Add a percent discount or premium for all charges from the Custom Billing Charges page.

INPUT PARAMETERS:

Parameter Type Description
Access_key string required; admin-level API key
Description string required; human-friendly description of the custom billing charge
PercentageValue decimal required; sets the discount (negative value) or premium (positive value) percentage
ApplyPercentageTo CostBasline required; indicates which cost type the custom billing charge will apply to
Account List<string> optional; comma-separated list of accounts where the custom billing charge can be applied; defaults to all accounts
Region List<string> optional; comma-separated list of region(s) where the custom billing charge can be applied; defaults to all; accepts region id’s as valid values
regionInvert boolean optional; applies the NOT logical operator to selected regions in the previous parameter; defaults to false
 AWSService List<string> optional; comma-separated list of AWS services where the custom billing charge can be applied; defaults to all
AWSServiceInvert boolean optional; applies the NOT logical operator to selected AWS services in the previous parameter; defaults to false
Operation List<string> optional; comma-separated list of AWS operations where the custom billing charge can be applied; defaults to all
operationInvert boolean optional; applies the NOT logical operator to selected operations in the previous parameter; defaults to false
 UsageType  List<string> optional; comma-separated list of AWS usage types where the custom billing charge can be applied; defaults to all
UsageTypeInvert boolean optional; applies the NOT logical operator to selected usage types in the previous parameter; defaults to false
Tag List<string> optional; comma-separated list of tag key/value pairs where the custom billing charge can be applied; defaults to all
TagInvert boolean optional; applies the NOT logical operator to selected tags in the previous parameter; defaults to false
 StartDate  DateTime required; start date for the custom billing charge
 EndDate  DateTime optional; end date for the custom billing charge
use_account string *optional/required; friendly name of the account in CloudCheckr where the custom billing charge is applied (must be payer account!)
use_cc_account_id string *optional/required; account ID of the account in CloudCheckr where the custom billing charge is applied (must be a payer account)
use_aws_account_id string *optional/required; the 12-digit AWS account ID where the custom billing charge is applied (must be payer account)

* = one of these parameters must be defined

ENDPOINT URL:

https://api.cloudcheckr.com/api/billing.[json|xml]/add_custom_billing_charge_percent_all_charges

JSON/XML CALL EXAMPLE:

curl-- request POST \
              'https://api.cloudcheckr.com/api/billing.[json|xml]/add_custom_billing_charge_percent_all_charges?use_cc_account_id=7&access_key=your_admin_access_key' \
              --header 'cache-control: no-cache'\
              --header 'content-type: application/[json|xml]'\
              --data '{
          	"Description": "TEST DESCRIPTION",
          	"ApplyPercentTo": "ListCost",
          	"PercentageValue": 5,
                  "StartDate": "2013-01-01",
          	"EndDate": "2014-01-01",
          	"Account": ["103237659442","949195593353","443094636793"],
          	"Region": ["16","4","2"],
                  "UsageType": [""CAN1-EUC1-AWS-Out-Bytes","HeavyUsage:m4.large","UGW1-TimedStorage-RRS-ByteHrs"],
          	"Operation": ["SetQueueAttributes","RunInstances:0002:SV012","PutObject"],
          	"AWSService":["AmazonSimpleDB","AmazonEC2","AmazonSQS"],
          	"Tag": ["Name | WebTemplateNew","aws:cloudformation:stack-id | arn:aws:cloudformation:us-west-2:949195593353:stack\/awseb-e-4uypmi4ubg-stack\/f2837e90-8b2a-11e6-8349-50a686fc37d2","Name | DevServer"],
          }
          

SUCCESSFUL JSON/XML RESPONSE:

{
              "Id": 460,
              "Code": 200,
              "Message": "OK"
          }

Add Undiscovered AWS Account ID

The API method, “add_undiscovered_aws_account_id”, allows Partner System Admin customers to set up an account family, without creating a new CloudCheckr project, before an account is available in the Detailed Billing Report (DBR).

This newly added account ID can be used in account families, custom charges, and in any place where a normal AWS account ID is used. Accounts added this way also function normally for current endpoints, so endpoints like modify_account_family can use this account as a parameter.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
add_aws_account_id string required; the 12-digit AWS account ID of the undiscovered AWS account
use_account string *optional/required; friendly name of the account in CloudCheckr
use_cc_account_id string *optional/required; the CloudCheckr ID of the account
use_aws_account_id string *optional/required; the 12-digit AWS account ID

* = you must define at least one of these parameters

ENDPOINT URL:

https://api.cloudcheckr.com/api/billing.[json|xml]/add_undiscovered_aws_account_id

JSON/XML CALL EXAMPLE:

curl --request POST \
            'https://api.cloudcheckr.com/api/billing.[json|xml]/add_undiscovered_aws_account_id?access_key={YOUR ACCESS KEY}'&use_cc_account_id={YOUR CC ACCOUNT ID}
            --header 'cache-control: no-cache' \
            --header 'content-type: application/[json|xml]' \
            --data '{
          	"add_aws_account_id": "AWS_ACCOUNT_ID",
                  	}

SUCCESSFUL JSON/XML RESPONSE:

{
              "Code": 200,
              "Message": "Account with AwsId {request_Id} added."
          }
          

Create Account Family

The API method, “create_account_family”, is used to create a new account family in a payer account.

INPUT PARAMETERS:

Parameter Type Description
access_key (required) string required; admin-level access key required for all API calls
name (required) string required; name for the new account family
accounts (required) string required; comma-separated list of AWS account IDs to link to the account family
email string optional; email address associated with the account family
invoice_id string optional; custom invoice ID displayed on an invoice
address string optional; mailing address associated with the account family
additional_info string optional; text in the Additional Info text box
recalculate_support_charges string optional; indicates status of recalculation of AWS Support charges. Accepts “yes”, “1”, “y”, “no, “0”, or “n”.
support_charge_apply_by_account string optional; indicates if customer will apply support charges by account. Accepts “yes”, “1”, “y”, “no, “0”, or “n”.
suppress_support_charges string optional; indicates if customer will supress support charges. Accepts “yes”, “1”, “y”, “no, “0”, or “n”.
do_not_enforce_minimum_charge string optional; indicates if customer will ignore the $100 minimum AWS support charges. Accepts “yes”, “1”, “y”, “no, “0”, or “n”.
support_charge_broken_out string optional; indicates if payee support charges will be displayed by account within account families. Accepts “yes”, “1”, “y”, “no, “0”, or “n”.
create_mav_for_family string optional; create or delete a MAV based on this account family. Accepts “yes”, “1”, “y”, “no, “0”, or “n”.
project_code string optional; a customer’s internal project code
payment_term integer optional; payment terms for the account family used to populate a due date when creating invoices

This field requires two numeric values or may be left blank.
use_account string *required/optional; friendly name of the account in the application
use_cc_account_id string *required/optional; account ID used in the application
use_aws_account_id string *required/optional; the 12-digit AWS account ID

* = one of these parameters must be defined

ENDPOINT URL:

https://api.cloudcheckr.com/api/billing.[json|xml]/create_account_family?access_key=[admin_access_key]&use_cc_account_id=1234

JSON/XML CALL EXAMPLE:

curl --request POST \
            -- 'https://api.cloudcheckr.com/api/billing.[json|xml]/create_account_family?access_key=[admin_access_key]&use_cc_account_id=1234'\
            -- header 'cache-control: no-cache' \
            -- header 'content-type: application/[json|xml]' \
            -- data '{
          	"(required) admin-level access_key": "someValHere",
          	"(required) name": "someValHere",
          	"(required) accounts": "someValHere",
          	"email": "someValHere",
          	"invoice_id": "someValHere",
          	"address": "someValHere",
          	"additional_info": "someValHere",
          	"recalculate_support_charges": "someValHere",
          	"support_charge_apply_by_account": "someValHere",
          	"suppress_support_charges": "someValHere",
          	"do_not_enforce_minimum_charge": "someValHere",
          	"support_charge_broken_out": "someValHere",
          	"create_mav_for_family": "someValHere",
          	"project_code": "someValHere",
          	"payment_term": "someValHere
          		}

SUCCESSFUL JSON/XML RESPONSE:

{
                        "Code":200,
                        "Message":"OK"
          }

Custom Billing Charge

The API method, “custom_billing_charge”, is used to delete an existing custom billing charge.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
Id string required; custom billing charge Id
use_account string *optional/required; friendly name of the account in CloudCheckr where the custom billing charge can be applied (must be payer account!)
use_cc_account_id string *optional/required; account ID of the account in CloudCheckr where the custom billing charge can be applied (must be a payer account!)
use_aws_account_id string *optional/required; the 12-digit AWS account ID where the custom billing charge can be applied (must be payer account)

*= one of these parameters must be defined

ENDPOINT URL:

https://api.cloudcheckr.com/api/billing.[json|xml]/custom_billing_charge

JSON/XML EXAMPLE:

curl -- request DELETE \
              'https://api.cloudcheckr.com/api/billing.[json|xml]/custom_billing_charge?access_key=access_key]&use_account=[CloudCheckr account name]' \
              --header 'cache-control: no-cache'\
              --header 'content-type: application/[json|xml]'\
              --data '{
          	"Id": "custom billing charge Id",
          	}'
          

SUCCESSFUL JSON/XML RESPONSE:

{
                        "Code":200,
                        "Message":"OK"
          }

Delete Account Family

The API method, “delete_account_family”, is used to delete an existing account family in a CloudCheckr payer account.

INPUT PARAMETERS:

Parameter Type Description
access_key (required) string required; admin-level access key required for all API calls
name (required) string required; name of the account family to be deleted
use_account string *required/optional; friendly name of the account in the application
use_cc_account_id string *required/optional; account ID used in the application
use_aws_account_id string *required/optional; the 12-digit AWS account ID

* = one of these parameters must be defined

ENDPOINT URL:

https://api.cloudcheckr.com/api/billing.json/delete_account_family?access_key=[admin_access_key]&use_cc_account_id=1234

JSON/XML CALL EXAMPLE:

curl --request POST \
            -- 'https://api.cloudcheckr.com/api/billing.[json|xml]delete_account_family?access_key=[admin_access_key]&use_cc_account_id=1234'\
            -- header 'cache-control: no-cache' \
            -- header 'content-type: application/[json|xml]' \
            -- data '{
          	"(required) admin-level access_key": "someValHere",
          	"(required) name": "someValHere"
          		}

SUCCESSFUL JSON/XML RESPONSE:

{
                        "Code":200,
                        "Message":"OK"
          }

Delete Custom Billing Charge

The API method, “delete_custom_billing_charge”, is used to delete an existing custom billing charge.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
Id string required; custom billing charge Id
use_account string *optional/required; friendly name of the account in CloudCheckr where the custom billing charge can be applied (must be payer account!)
use_cc_account_id string *optional/required; account ID of the account in CloudCheckr where the custom billing charge can be applied (must be a payer account!)
use_aws_account_id string *optional/required; the 12-digit AWS account ID where the custom billing charge can be applied (must be payer account)

*= one of these parameters must be defined

ENDPOINT URL:

https://api.cloudcheckr.com/api/billing.[json|xml]/delete_custom_billing_charge

JSON/XML CALL EXAMPLE:

curl-- request POST \
              'https://api.cloudcheckr.com/api/billing.[json|xml]/delete_custom_billing_charge?access_key=access_key]&use_account=[CloudCheckr account name]' \
              --header 'cache-control: no-cache'\
              --header 'content-type: application/[json|xml]'\
              --data '{
          	"Id": "custom billing charge Id",
          	}'
          

SUCCESSFUL JSON/XML RESPONSE:

{
                        "Code":200,
                        "Message":"OK"
          }

Delete Custom Billing Charge - Fixed

The API method, “delete_custom_billing_charge_fixed”, is used to delete an existing custom billing charge that applies a fixed charge or credit.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
Id string required; custom billing charge Id
use_account string *optional/required; friendly name of the account in CloudCheckr where the custom billing charge can be applied (must be payer account!)
use_cc_account_id string *optional/required; account ID of the account in CloudCheckr where the custom billing charge can be applied (must be a payer account!)
use_aws_account_id string *optional/required; the 12-digit AWS account ID where the custom billing charge can be applied (must be payer account)

*= one of these parameters must be defined

ENDPOINT URL:

https://api.cloudcheckr.com/api/billing.[json|xml]/delete_custom_billing_charge_fixed

JSON/XML EXAMPLE:

curl-- request POST \
              'https://api.cloudcheckr.com/api/billing.[json|xml]/delete_custom_billing_charge_fixed?access_key=access_key]&use_account=[CloudCheckr account name]' \
              --header 'cache-control: no-cache'\
              --header 'content-type: application/[json|xml]'\
              --data '{
          	"Id": "custom billing charge Id",
          	}'
          

SUCCESSFUL JSON/XML RESPONSE:

{
                        "Code":200,
                        "Message":"OK"
          }

Delete Custom Billing Charge - Monthly Percent

The API method, “delete_custom_billing_charge_monthly_percent”, is used to delete an existing custom billing charge that applies a monthly percent charge or credit.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
Id string required; custom billing charge Id
use_account string *optional/required; friendly name of the account in CloudCheckr where the custom billing charge can be applied (must be payer account!)
use_cc_account_id string *optional/required; account ID of the account in CloudCheckr where the custom billing charge can be applied (must be a payer account!)
use_aws_account_id string *optional/required; the 12-digit AWS account ID where the custom billing charge can be applied (must be payer account)

*= one of these parameters must be defined

ENDPOINT URL:

https://api.cloudcheckr.com/api/billing.[json|xml]/delete_custom_billing_charge_monthly_percent

JSON/XML CALL EXAMPLE:

curl-- request POST \
              'https://api.cloudcheckr.com/api/billing.[json|xml]/delete_custom_billing_charge_monthly_percent?access_key=access_key]&use_account=[CloudCheckr account name]' \
              --header 'cache-control: no-cache'\
              --header 'content-type: application/[json|xml]'\
              --data '{
          	"Id": "custom billing charge Id",
          	}'
          

SUCCESSFUL JSON/XML RESPONSE:

{
                        "Code":200,
                        "Message":"OK"
          }

Delete Custom Billing Charge - Percent All Charges

The API method, “delete_custom_billing_charge_percent_all_charges”, is used to delete delete an existing custom billing charge that applies a percent discount or premium for all charges.
INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
Id string required; custom billing charge Id
use_account string *optional/required; friendly name of the account in CloudCheckr where the custom billing charge can be applied (must be payer account!)
use_cc_account_id string *optional/required; account ID of the account in CloudCheckr where the custom billing charge can be applied (must be a payer account!)
use_aws_account_id string *optional/required; the 12-digit AWS account ID where the custom billing charge can be applied (must be payer account)

*= one of these parameters must be defined

ENDPOINT URL:

https://api.cloudcheckr.com/api/billing.[json|xml]/delete_custom_billing_charge_percent_all_charges

JSON/XML CALL EXAMPLE:

curl-- request POST \
              'https://api.cloudcheckr.com/api/billing.[json|xml]/delete_custom_billing_charge_percent_all_charges?access_key=access_key]&use_account=[CloudCheckr account name]' \
              --header 'cache-control: no-cache'\
              --header 'content-type: application/[json|xml]'\
              --data '{
          	"Id": "custom billing charge Id",
          	}'
          

SUCCESSFUL JSON/XML RESPONSE:

{
                        "Code":200,
                        "Message":"OK"
          }

Edit Custom Billing Charge - Fixed

The API method, “edit_custom_billing_charge_fixed”, is used to edit a custom billing charge that applies a fixed charge or credit.

To edit a fixed charge or credit, go to the left navigation pane, choose Cost > AWS Partner Tools > Configure > Custom Billing Charges, click New Custom Charge, and select Add a fixed charge or credit.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
startDate DateTime required; start date for the custom billing charge
endDate DateTime required/optional; end date for the custom billing charge; custom billing charges with no end date will apply until the end of time
amount decimal required; sets the fixed charge (positive value) or credit (negative value) dollar amount
oneTime string *required/optional; applies the fixed charge or credit as a one-time occurence to the custom billing charge
monthlyRecurring string *required/optional; applies the fixed credit or charge as a monthly recurring amount to the custom billing charge
description string required; human-friendly description of the custom billing charge
accounts List<string> optional; comma-separated list of accounts where the custom billing charge can be applied; defaults to all accounts
accountsInvert boolean optional; applies the NOT logical operator to selected accounts in the previous parameter; defaults to false
use_account string **optional/required; friendly name of the account in CloudCheckr where the custom billing charge can be applied (must be payer account)
use_cc_account_id string **optional/required; account ID of the account in CloudCheckr where the custom billing charge can be applied (must be a payer account)
use_aws_account_id string **optional/required; the 12-digit AWS account ID where the custom billing charge can be applied (must be payer account)

* = one of these parameters must be defined
** = one of these parameters must be defined

The end date is only required if you select the Monthly recurring option.

ENDPOINT URL:

https://api.cloudcheckr.com/api/billing.[json|xml]/add_custom_billing_charge_fixed

JSON/XML CALL EXAMPLE:

curl --request POST \
            'https://api.cloudcheckr.com/api/billing.[json|xml]/add_custom_billing_charge_fixed?access_key=your_admin_access_key&use_cc_account_id=1234' \
            --header 'cache-control: no-cache' \
            --header 'content-type: application/[json|xml]' \
            --data '{
          	"startDate": "1970-01-01",
                  "endDate": "2063-04-05",
                  "description": "example custom billing charge",
          	"amount": "dollar amount",
                  "oneTime": "true or false",
                  "monthlyRecurring": true or false,
          	"accounts": ["215011050627,245990094719"],
                  "accountInvert": "true"
          	}
          

SUCCESSFUL JSON/XML RESPONSE:

{
              "Code": 200,
              "Message": "OK"
          }

Edit Custom Billing Charge - Monthly Percent

The API method, “edit_custom_billing_charge_monthly_percent”, is used to edit a custom billing charge from the Cost > AWS Partner Tools > Configure > Custom Billing Charges page (“Premium for all charges” type ONLY!).

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
id long required; ID of the custom billing charge to edit
description string optional; human-friendly description of the custom billing charge
percentageValue decimal optional; sets the charge (positive value) or credit (negative value) percentage
minimumCharge decimal optional; applies a minimum charge/credit threshold to the custom billing charge
maximumCharge decimal optional; applies a maximum charge/credit threshold to the custom billing charge
tiers List<Tier> optional; applies the custom billing charge to a monetary tier range
applyPercentageTo CostBasline optional; indicates which cost type the custom billing charge will apply to
stack boolean optional; enables custom stack ordering; defaults to false
stackOrder integer optional; sets stack order if previous parameter is true
accounts List<string> optional; comma-separated list of accounts where the custom billing charge can be applied; defaults to all accounts
accountsInvert boolean optional; applies the NOT logical operator to selected accounts in the previous parameter; defaults to false
region List<string> optional; comma-separated list of region(s) where the custom billing charge can be applied; defaults to all; accepts region id’s as valid values
regionInvert boolean optional; applies the NOT logical operator to selected regions in the previous parameter; defaults to false
awsService List<string> optional; comma-separated list of AWS services where the custom billing charge can be applied; defaults to all
awsServiceInvert boolean optional; applies the NOT logical operator to selected AWS services in the previous parameter; defaults to false
operation List<string> optional; comma-separated list of AWS operations where the custom billing charge can be applied; defaults to all
operationInvert boolean optional; applies the NOT logical operator to selected AWS operations in the previous parameter; defaults to false
usageType List<string> optional; comma-separated list of AWS usage types where the custom billing charge can be applied; defaults to all
usageTypeInvert boolean optional; applies the NOT logical operator to selected AWS usage types in the previous parameter; defaults to false
tag List<string> optional; comma-separated list of tag key/value pairs where the custom billing charge can be applied; defaults to all
tagInvert boolean optional; applies the NOT logical operator to selected tag key/value pairs in the previous parameter; defaults to false
startDate DateTime optional; start date for the custom billing charge
endDate DateTime optional; end date for the custom billing charge; custom billing charges with no end date will apply until the end of time
use_account string * optional/required; friendly name of the account in CloudCheckr where the custom billing charge can be applied (must be a payer account)
use_cc_account_id string * optional/required; account ID of the account in CloudCheckr where the custom billing charge can be applied (must be a payer account)
use_aws_account_id string * optional/required; the 12-digit AWS account ID where the custom billing charge can be applied (must be a payer account)

* = one of these parameters must be defined

ENDPOINT URL:

https://api.cloudcheckr.com/api/billing.[json|xml]/edit_custom_billing_charge_monthly_percent

JSON/XML CALL EXAMPLE:

curl --request POST \
            --url 'https://api.cloudcheckr.com/api/billing.[json|xml]/edit_custom_billing_charge_monthly_percent?access_key=your_admin_access_key&use_cc_account_id=1234' \
            --header 'cache-control: no-cache' \
            --header 'content-type: application/[json|xml]' \
            --data '{
          	"id": 179,
          	"percentageValue": 42
          }

SUCCESSFUL JSON/XML RESPONSE:

{
              "Id": <new ID value>,
              "Code": 200,
              "Message": "OK"
          }
          

Edit Custom Billing Charge - Percent All Charges

The API method, edit_custom_billing_charge_percent_all_charges, is used to edit the percent discount or premium for all charges.

To edit this custom billing charge, go to the left navigation pane, and choose Cost > AWS Partner Tools > Configure > Custom Billing Charges. From the Custom Billing Charge page, select a charge from the table with a type, Premium/Discount for all charges, and click Edit.
INPUT PARAMETERS:

Parameter Type Description
Access_key string required; admin-level API key
Description string required; human-friendly description of the custom billing charge
PercentageValue decimal required; sets the discount (negative value) or premium (positive value) percentage
ApplyPercentageTo CostBasline required; indicates which cost type the custom billing charge will apply to
Account List<string> optional; comma-separated list of accounts where the custom billing charge can be applied; defaults to all accounts
Region List<string> optional; comma-separated list of region(s) twhere the custom billing charge can be applied; defaults to all; accepts region id’s as valid values
 AWSService List<string> optional; comma-separated list of AWS services where the custom billing charge can be applied; defaults to all
Operation List<string> optional; comma-separated list of AWS operations the custom billing charge applies to; defaults to all
 UsageType  List<string> optional; comma-separated list of AWS usage types where the custom billing charge can be applied; defaults to all
Tag List<string> optional; comma-separated list of tag key/value pairs where the custom billing charge can be applied; defaults to all
 StartDate  DateTime required; start date for the custom billing charge
 EndDate  DateTime optional; end date for the custom billing charge
use_account string *optional/required; friendly name of the account in CloudCheckr where the custom billing charge is applied (must be payer account!)
use_cc_account_id string *optional/required; account ID of the account in CloudCheckr where the custom billing charge is applied (must be a payer account)
use_aws_account_id string *optional/required; the 12-digit AWS account ID where the custom billing charge is applied (must be payer account)

* = one of these parameters must be defined

ENDPOINT URL:

https://api.cloudcheckr.com/api/billing.[json|xml]/edit_custom_billing_charge_percent_all_charges

JSON/XML CALL EXAMPLE:

curl-- request POST \
             'https://api.cloudcheckr.com/api/billing.[json|xml]/edit_custom_billing_charge_percent_all_charges?use_cc_account_id=7&access_key=your_admin_access_key' \
             --header 'cache-control: no-cache'\
             --header 'content-type: application/[json|xml]'\
             --data '{
          	"Description": "TEST DESCRIPTION",
          	"ApplyPercentTo": "ListCost",
          	"PercentageValue": 5,
                  "StartDate": "2013-01-01",
          	"EndDate": "2014-01-01",
          	"Account": ["103237659442","949195593353","443094636793"],
          	"Region": ["16","4","2"],
                  "UsageType": [""CAN1-EUC1-AWS-Out-Bytes","HeavyUsage:m4.large","UGW1-TimedStorage-RRS-ByteHrs"],
          	"Operation": ["SetQueueAttributes","RunInstances:0002:SV012","PutObject"],
          	"AWSService":["AmazonSimpleDB","AmazonEC2","AmazonSQS"],
          	"Tag": ["Name | WebTemplateNew","aws:cloudformation:stack-id | arn:aws:cloudformation:us-west-2:949195593353:stack\/awseb-e-4uypmi4ubg-stack\/f2837e90-8b2a-11e6-8349-50a686fc37d2","Name | DevServer"],
          }
          

SUCCESSFUL JSON/XML RESPONSE:

{
              "Id": 460,
              "Code": 200,
              "Message": "OK"
          }

Get Account Family V2

The API method, “get_account_family_v2”, is used to return a complete list of all account families in a payer account.

INPUT PARAMETERS:

Parameter Type Description
access_key (required) string required; admin-level access key required for all API calls
name (required) string required; name of the account family to be deleted
use_account string *required/optional; friendly name of the account in the application
use_cc_account_id string *required/optional; account ID used in the application
use_aws_account_id string *required/optional; the 12-digit AWS account ID

* = one of these parameters must be defined

XML CALL EXAMPLE:

<GetAccountFamilyResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
              <Code>0</Code>
              <AccountFamilies>
                  <AccountFamily>
                      <Name>123456789 (AccountFamilyExample)</Name>
                      <Accounts>
                          <string>123456789 (AccountFamilyExample)</string>
                      </Accounts>
                  </AccountFamily>
              </AccountFamilies>
              <UnmappedAccounts>
                  <string>9876543210 (UnmappedAccountExample)</string>
              </UnmappedAccounts>
          </GetAccountFamilyResponse>
          

JSON CALL EXAMPLE:

{
          "GetAccountFamilyResponse": {
          "Code": "0",
          "AccountFamilies": {
          "AccountFamily": {
          "Name": "123456789 (AccountFamilyExample)",
          "Accounts": {
          "string": "123456789 (AccountFamilyExample)"
          }
          }
          },
          "UnmappedAccounts": {
          "string": "9876543210 (UnmappedAccountExample)"
             },
            }
          }

Get Billing Dashboard V2

The API method “get_billing_dashboard_v2” is used to export the Billing and Cost Management Dashboard.

XML call:

https://api.cloudcheckr.com/api/billing.xml/get_billing_dashboard_v2?access_key=[access_key]

JSON call:

https://api.cloudcheckr.com/api/billing.json/get_billing_dashboard_v2?access_key=[access_key]

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Standard Access Key required for all API calls
  • cost_type (optional) – Can use Blended, Unblended, or List. Defaults to Blended if not given.
  • use_account (required) – The name of the account you are making the call for, where the name is the name of the account added in CloudCheckr.
  • use_cc_account_id (required) – The CloudCheckr ID of the account you are making the call for. The ID is returned when using the method ‘account/add_accountv3′ to register the account in CloudCheckr.

OUTPUT:

XML Example:

<GetDashboardResponseV2 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
          	<DashboardSummaries>
             <DashboardSummary>
                <AccountName>2150 AWS QA</AccountName>
                <LastMonth>
                   <month>6/1/2016 12:00:00 AM</month>
                   <cost>909.765</cost>
                </LastMonth>
                <ThisMonth>
                   <month>7/1/2016 12:00:00 AM</month>
                   <cost>1073.514</cost>
                </ThisMonth>
                <Forecast>
                   <month>7/1/2016 12:00:00 AM</month>
                   <cost>1140.8925714285714285714285714</cost>
                </Forecast>
                <SendByService>
                   <DashboardService>
                      <service>AmazonEC2</service>
                      <cost>556.224</cost>
                   </DashboardService>
                   <DashboardService>
                      <service>DirectoryService</service>
                      <cost>169.375</cost>
                   </DashboardService>
                   <DashboardService>
                      <service>AWSSupportBusiness</service>
                      <cost>100.000</cost>
                   </DashboardService>
                   <DashboardService>
                      <service>AmazonS3</service>
                      <cost>99.313</cost>
                   </DashboardService>
                   <DashboardService>
                      <service>AmazonCloudTrail</service>
                      <cost>64.960</cost>
                   </DashboardService>
                   <DashboardService>
                      <service>AmazonKinesis</service>
                      <cost>30.645</cost>
                   </DashboardService>
                   <DashboardService>
                      <service>AmazonRDS</service>
                      <cost>21.598</cost>
                   </DashboardService>
                   <DashboardService>
                      <service>Others</service>
                      <cost>31.399</cost>
                   </DashboardService>
                     </SendByService>
                   </DashboardSummary>
                  </DashboardSummaries>
          GetDashboardResponseV2>

JSON Example:

{
            "DashboardSummaries": {
              "DashboardSummary": {
                "AccountName": "2150 AWS QA",
                "LastMonth": {
                  "month": "6/1/2016 12:00:00 AM",
                  "cost": "909.765"
                },
                "ThisMonth": {
                  "month": "7/1/2016 12:00:00 AM",
                  "cost": "1073.514"
                },
                "Forecast": {
                  "month": "7/1/2016 12:00:00 AM",
                  "cost": "1140.8925714285714285714285714"
                },
                "SendByService": {
                  "DashboardService": [
                    {
                      "service": "AmazonEC2",
                      "cost": "556.224"
                    },
                    {
                      "service": "DirectoryService",
                      "cost": "169.375"
                    },
                    {
                      "service": "AWSSupportBusiness",
                      "cost": "100.000"
                    },
                    {
                      "service": "AmazonS3",
                      "cost": "99.313"
                    },
                    {
                      "service": "AmazonCloudTrail",
                      "cost": "64.960"
                    },
                    {
                      "service": "AmazonKinesis",
                      "cost": "30.645"
                    },
                    {
                      "service": "AmazonRDS",
                      "cost": "21.598"
                    },
                    {
                      "service": "Others",
                      "cost": "31.399"
                    }
                  ]
                }
              }
            }
          }

Get Custom Billing Charges V2

The API method, “get_custom_billing_charges_v2”, is used to return any custom billing charges from the Cost > AWS Partner Tools > Configure > Custom Billing Charges page.

INPUT PARAMETERS:

Parameter Type Description
access_key string required, admin-level API key
accounts string optional; comma-separated list of AWS account IDs; only returns custom charges that contain one of the accounts from the list

ENDPOINT URL:

https://api.cloudcheckr.com/api/billing.[json|xml]/get_custom_billing_charges_v2?access_key=your_admin_access_key&accounts=111111111111

CURL EXAMPLE:

curl --request GET \
            --'https://api.cloudcheckr.com/api/billing.[json|xml]/get_custom_billing_charges_v2?access_key=your_admin_access_key' \
            --header 'cache-control: no-cache' \
            --header 'content-type: application/[json|xml]' \
            --data '{
          	"accounts": 1111111111111,
          	 }
          

SUCCESSFUL JSON RESPONSE:

{
             "CustomBillingCharges":
             [
                 {
                   "Id":101,
                   "StartDate":"1/1/2018",
                   "EndDate":"N/A",
                   "Type":"Monthly Tier",
                   "ChargeValue":"Tiers",
                   "Description":"A Sample Tiered Charge for EC2",
                   "ResourceId":"",
                   "Stack":true,
                   "StackOrder":1,
                   "Account":"111111111111,222222222222,333333333333",
                   "Region":"All Regions"
                }
             ]
          }
          

Get Custom Billing Charges V3

The API method, “get_custom_billing_charges_v3”, is used to return any custom billing charges from the Custom Billing Charges page. Version 3 of this call displays the custom charge tiers if applicable.

  • This call can only be made using an admin-level access key.
  • The HTTP method for this call is GET.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level access key
use_cc_account_id string required; the CloudCheckr ID of the account that you are making the call for;  use the “get_accounts_v4” call to get this ID

API CALL URL:

https://api.cloudcheckr.com/api/billing.[json|xml]/get_custom_billing_charges_v3?access_key=your_admin_access_key&use_cc_account_id=1234

OUTPUT:

RESPONSE EXAMPLE:
XML:

<GetCustomBillingChargesResponseV3 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
              <CustomBillingCharges>
                  <GetCustomBillingChargesItemResponse xsi:type="GetCustomBillingChargesItemResponse_V3">
                      <StartDate>9/1/2017</StartDate>
                      <EndDate>N/A</EndDate>
                      <Type>Monthly Tier</Type>
                      <ChargeValue>Tiers</ChargeValue>
                      <Description>Service Charge</Description>
                      <ResourceId />
                      <Stack>false</Stack>
                      <StackOrder>0</StackOrder>
                      <Account>123456789123</Account>
                      <Region>All Regions</Region>
                      <Id>781</Id>
                      <Tiers>
                          <Tier>
                              <From>0.0000000000</From>
                              <To>10000000.0000000000</To>
                              <Charge>35.0000000000</Charge>
                          </Tier>
                      </Tiers>
                  </GetCustomBillingChargesItemResponse>
                  <GetCustomBillingChargesItemResponse xsi:type="GetCustomBillingChargesItemResponse_V3">
                      <StartDate>8/1/2017</StartDate>
                      <EndDate>N/A</EndDate>
                      <Type>Monthly Premium</Type>
                      <ChargeValue>10.00%</ChargeValue>
                      <Description>Monthly Percent Custom Charge</Description>
                      <ResourceId />
                      <Stack>false</Stack>
                      <StackOrder>0</StackOrder>
                      <Account>All Accounts</Account>
                      <Region>All Regions</Region>
                      <Id>386</Id>
                      <Tiers />
                  </GetCustomBillingChargesItemResponse>
              </CustomBillingCharges>
          </GetCustomBillingChargesResponseV3>

OUTPUT:

JSON:

{
              "CustomBillingCharges": [
                  {
                      "Tiers": [
                          {
                              "From": 0,
                              "To": 10000000,
                              "Charge": 35
                          }
                      ],
                      "Id": 781,
                      "StartDate": "9/1/2017",
                      "EndDate": "N/A",
                      "Type": "Monthly Tier",
                      "ChargeValue": "Tiers",
                      "Description": "Service Charge",
                      "ResourceId": "",
                      "Stack": false,
                      "StackOrder": 0,
                      "Account": "123456789123",
                      "Region": "All Regions"
                  },
                  {
                      "Tiers": [],
                      "Id": 386,
                      "StartDate": "8/1/2017",
                      "EndDate": "N/A",
                      "Type": "Monthly Premium",
                      "ChargeValue": "10.00%",
                      "Description": "Monthly Percent Custom Charge",
                      "ResourceId": "",
                      "Stack": false,
                      "StackOrder": 0,
                      "Account": "All Accounts",
                      "Region": "All Regions"
                  }
              ]
          }

Modify Account Family

The API method, “modify_account_family”, is used to modify an existing account family in a payer account.

INPUT PARAMETERS:

Parameter Type Description
access_key (required) string required; admin-level access key required for all API calls
name (required) string required; name for the account family
accounts (required) string required; comma-separated list of AWS account IDs to link to the account family
email string optional; email address associated with the account family
invoice_id string optional; custom invoice ID displayed on an invoice
address string optional; mailing address associated with the account family
additional_info string optional; text in the Additional Info text box
recalculate_support_charges string optional; indicates status of recalculation of AWS Support charges. Accepts “yes”, “1”, “y”, “no, “0”, or “n”.
support_charge_apply_by_account string optional; indicates if customer will apply support charges by account. Accepts “yes”, “1”, “y”, “no, “0”, or “n”.
suppress_support_charges string optional; indicates if customer will supress support charges. Accepts “yes”, “1”, “y”, “no, “0”, or “n”.
do_not_enforce_minimum_charge string optional; indicates if customer will ignore the $100 minimum AWS support charges. Accepts “yes”, “1”, “y”, “no, “0”, or “n”.
support_charge_broken_out string optional; indicates if payee support charges will be displayed by account within account families. Accepts “yes”, “1”, “y”, “no, “0”, or “n”.
create_mav_for_family string optional; create or delete a MAV based on this account family. Accepts “yes”, “1”, “y”, “no, “0”, or “n”.
project_code string optional; a customer’s internal project code
payment_term integer optional; payment terms for the account family used to populate a due date when creating invoices

This field requires two numeric values or may be left blank.
use_account string *required/optional; friendly name of the account in the application
use_cc_account_id string *required/optional; account ID used in the application
use_aws_account_id string *required/optional; the 12-digit AWS account ID

* = one of these parameters must be defined

ENDPOINT URL:

https://api.cloudcheckr.com/api/billing.[json|xml]/modify_account_family?access_key=[admin_access_key]&use_cc_account_id=1234

JSON/XML CALL EXAMPLE:

curl --request POST \
            -- 'https://api.cloudcheckr.com/api/billing.[json|xml]/modify_account_family?access_key=[admin_access_key]&use_cc_account_id=1234'\
            -- header 'cache-control: no-cache' \
            -- header 'content-type: application/[json|xml]' \
            -- data '{
          	"(required) admin-level access_key": "someValHere",
          	"(required) name": "someValHere",
          	"(required) accounts": "someValHere",
          	"email": "someValHere",
          	"invoice_id": "someValHere",
          	"address": "someValHere",
          	"additional_info": "someValHere",
          	"recalculate_support_charges": "someValHere",
          	"support_charge_apply_by_account": "someValHere",
          	"suppress_support_charges": "someValHere",
          	"do_not_enforce_minimum_charge": "someValHere",
          	"support_charge_broken_out": "someValHere",
          	"create_mav_for_family": "someValHere",
          	"project_code": "someValHere",
          	"payment_term": "someValHere"
          		}

SUCCESSFUL JSON/XML RESPONSE:

{
                        "Code":200,
                        "Message":"OK"
          }

Modify Account Family - Copy DBR

The API method, “modify_account_family_copy_dbr”, is used to modify an existing account family’s “Copy DBR” configuration in a payer account.

INPUT PARAMETERS:

Parameter Type Description
access_key (required) string required; admin-level access key required for all API calls
name (required) string required; name for the new account family
accounts (required) string required; comma-separated list of AWS account IDs to link to the account family
email string optional; email address associated with the account family
invoice_id string optional; custom invoice ID displayed on an invoice
address string optional; mailing address associated with the account family
additional_info string optional; text in the Additional Info text box
recalculate_support_charges string optional; indicates status of recalculation of AWS Support charges. Accepts “yes”, “1”, “y”, “no, “0”, or “n”.
support_charge_apply_by_account string optional; indicates if customer will apply support charges by account. Accepts “yes”, “1”, “y”, “no, “0”, or “n”.
suppress_support_charges string optional; indicates if customer will supress support charges. Accepts “yes”, “1”, “y”, “no, “0”, or “n”.
do_not_enforce_minimum_charge string optional; indicates if customer will ignore the $100 minimum AWS support charges. Accepts “yes”, “1”, “y”, “no, “0”, or “n”.
support_charge_broken_out string optional; indicates if payee support charges will be displayed by account within account families. Accepts “yes”, “1”, “y”, “no, “0”, or “n”.
create_mav_for_family string optional; create or delete a MAV based on this account family. Accepts “yes”, “1”, “y”, “no, “0”, or “n”.
project_code string optional; a customer’s internal project code
payment_term integer optional; payment terms for the account family used to populate a due date when creating invoices

This field requires two numeric values or may be left blank.
account_family_name (required) string optional; name of the account family whose Copy DBR configuration the customer wants to modify
bucket_name (required) string optional; name of the S3 bucket that the DBR will be copied to
cost_type (required) string optional; Amazon or custom cost.

Amazon cost will create Blended and Unblended; custom will create custom or list cost.
include_all_tags (required) string optional; a yes will copy all tag columns from thepayer DBR (even if there is no data). A no will copy only tag columns with data. Accepts “yes”, “1”, “y”, “no, “0”, or “n”.
use_account string *required/optional; friendly name of the account in the application
use_cc_account_id string *required/optional; account ID used in the application
use_aws_account_id string *required/optional; the 12-digit AWS account ID

* = one of these parameters must be defined

ENDPOINT URL:

https://api.cloudcheckr.com/api/billing.[json|xml]/modify_account_family_copy_dbr?access_key=[admin_access_key]&use_cc_account_id=1234

JSON/XML CALL EXAMPLE:

curl --request POST \
            -- 'https://api.cloudcheckr.com/api/billing.[json|xml]/cmodify_account_family_copy_dbr?access_key=[admin_access_key]&use_cc_account_id=1234'\
            -- header 'cache-control: no-cache' \
            -- header 'content-type: application/[json|xml]' \
            -- data '{
          	"(required) admin-level access_key": "someValHere",
          	"(required) name": "someValHere",
          	"(required) accounts": "someValHere",
                  "(required) aws_use_account_upload: "someValHere",
          	"email": "someValHere",
          	"invoice_id": "someValHere",
          	"address": "someValHere",
          	"additional_info": "someValHere",
          	"recalculate_support_charges": "someValHere",
          	"support_charge_apply_by_account": "someValHere",
          	"suppress_support_charges": "someValHere",
          	"do_not_enforce_minimum_charge": "someValHere",
          	"support_charge_broken_out": "someValHere",
          	"create_mav_for_family": "someValHere",
                  "account_family_name": "someValHere",
                  "bucket_name": "someValHere",
                  "cost_type": "someValHere",
                  "include_all_tags": "someValHere",
                  "project_id": "someValHere",
          	"payment_term": "someValHere"
          		}

SUCCESSFUL JSON/XML RESPONSE:

{
                        "Code":200,
                        "Message":"OK"
          }

Forgot Password

The API method, “forgot_password”, is used to reset a user’s password. The method will return the password reset link and a password reset key.

The preferred HTTP method is POST.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
email string required; user’s email address


API CALL URL:

https://api.cloudcheckr.com/api/account.[json|xml]/forgot_password?access_key=your_admin_access_key

REQUEST EXAMPLE:

curl -X POST \
               -- https://api.cloudcheckr.com/api/account.[json|xml]/forgot_password?access_key=your_admin_access_key\
               -- header 'cache-control: no-cache' \
               -- header 'content-type: application/[json|xml]' \
               -- data '{
                      "email": "user1@domain.com",
                 }
          

RESPONSE EXAMPLE:
XML:

<ForgotPasswordResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance>
               <status>
                 <reset_link>https://app.cloudcheckr.com/LogOn/#!/resetPassword</reset_link>
                 <key>reset key</key>
                 <code>200</code>
                 <message>Password Reset Successful</message>
               </status>
          </ForgotPasswordResponse>

JSON:

{
              "ResetLink": "https://app.cloudcheckr.com/LogOn/#!/resetPassword",
              "Key": [RESET KEY],
              "Code": 200,
              "Message": "Password Reset Successful"
          }

Get SAML Providers

The API method, “get_saml_providers”, is used to get a list of Security Assertion Markup Language (SAML) providers for the customer.

The accepted HTTP method for this call is GET.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key

API CALL URL:

https://api.cloudcheckr.com/api/admin.[json|xml]/get_saml_providers?access_key=your_admin_access_key

REQUEST EXAMPLE:

curl -X GET \
               -- https://api.cloudcheckr.com/api/admin.[json|xml]/get_saml_providers?access_key=your_admin_access_key\
               -- header 'cache-control: no-cache' \
               -- header 'content-type: application/[json|xml]' \
          

RESPONSE EXAMPLE:
XML:

<GetSamlProvidersResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance>
               <results>
                 <SamlProvider>OneLogin</SamlProvider>
                 <SamlProvider>PingOne</SamlProvider>
               </results>
               <status>
                 <code>0</code>
                 <message>null</message>
               </status>
          </GetSamlProvidersResponse>

JSON:

{
             "saml_providers": ["OneLogin", "PingOne"],
             "code":0,
             "message": null
          }

Edit User

The API method, “edit_user”, is used to edit the attributes of a user.

  • The accepted HTTP method for this call is POST.
  • This call can only be made using admin-level access keys.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
email string required; email address of the user
role string optional; the role of the user
auth_types list optional; the authorization type for the user
sso_provider lstring optional; name of the SSO provider
user_id string required; user ID
use_account string required; friendly name of the account in the application; must be a payer account in CloudCheckr*
use_cc_account_id string required; account ID used in the application; must be a payer account in CloudCheckr*
use_aws_account_id string required; the 12-digit AWS account ID; must be a payer account in CloudCheckr*

API CALL URL:

https://api.cloudcheckr.com/api/account.[json|xml]/edit_user?access_key=your_admin_access_key

REQUEST EXAMPLE:

curl -X POST \
               -- https://api.cloudcheckr.com/api/account.[json|xml]/edit_user?access_key=your_admin_access_key\
               -- header 'cache-control: no-cache' \
               -- header 'content-type: application/[json|xml]' \
               -- data '{
                        "email": "email2@cloudcheckr.com",
                        "role": "User",
                        "auth_types": "saml",
                        "sso_provider": "clear"
                        }
          

RESPONSE EXAMPLE:
XML:

<EditUserResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance>
               <email>email2@cloudcheckr.com</email>
               <role>user</role>
               <AuthTypes>saml</AuthTypes>
               <SsoProvider>clear</SsoProvider>
          </EditUserResponse>

JSON:

{
             "code":200,
             "message": OK
          }

Read Child SAML SSO Settings

The API method, “read_child_saml_sso_settings”, is used to read and return the first SSO configuration it finds. The call will return an error if more than one SSO configuration is found.

  • This call requires the partner sys admin for the admin-level API key. The partner_id is the child for the admin-level API key.
  • The preferred HTTP method for this call is GET.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
partner_id string required; child for the admin-level API key

API CALL URL:

https://api.cloudcheckr.com/api/admin.[json|xml]/read_child_saml_sso_settings?access_key=your_admin_access_key&partner_id=4'\

REQUEST EXAMPLE:

curl -X GET \
               -- https://api.cloudcheckr.com/api/admin.[json|xml]/read_child_saml_sso_settings?access_key=your_admin_access_key&partner_id=4'\
               -- header 'cache-control: no-cache' \
               -- header 'content-type: application/[json|xml]' \
          

RESPONSE EXAMPLE:
XML:

<ReadChildSamlSsoSettingsResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance>
               <enabled>true</enabled>
               <AutoProvisionedUserRole>null</AutoProvisionedUserRole>
               <IdpMetadata>This big metadata here</IdpMetadata>
               <code>200</code>
               <message>OK</message>
          </ReadChildSamlSsoSettingsResponse>

JSON:

{
              "enabled": true,
              "auto_provisioned_user_role": null,
              "idp_metadata": "THIS BIG METADATA HERE",
              "Code": 200,
              "Message": "OK"
          }

Read Child SAML SSO Settings V2

The API method, “read_child_saml_sso_settings_v2”, is used to read and return all of the SSO configurations for a child customer.

  • This call requires the partner sys admin for the admin-level API key. The partner_id is the child for the admin-level API key.
  • The preferred HTTP method for this call is GET.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
partner_id string required; child for the admin-level API key

API CALL URL:

https://api.cloudcheckr.com/api/admin.[json|xml]/read_child_saml_sso_settings_v2?access_key=your_admin_access_key&partner_id=4'\

REQUEST EXAMPLE:

curl -X GET \
               -- https://api.cloudcheckr.com/api/admin.[json|xml]/read_child_saml_sso_settings_v2?access_key=your_admin_access_key&partner_id=4'\
               -- header 'cache-control: no-cache' \
               -- header 'content-type: application/[json|xml]' \
          

RESPONSE EXAMPLE:
XML:

<ReadChildSamlSsoSettingsResponseV2 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance>
               <enabled>false</enabled>
               <saml_provider_info>
                 <auto_provisioned_user_role>null</auto_provisioned_user_role>
                 <IdpMetadata>This big metadata here</IdpMetadata>
              </saml_provider_info>
                 <code>200</code>
                 <message>OK</message>
          </ReadChildSamlSsoSettingsResponseV2>

JSON:

{
              "enabled": false,
              "auto_provisioned_user_role": null,
              "idp_metadata": "THIS BIG METADATA HERE",
              "Code": 200,
              "Message": "OK"
          }

Write Child SAML SSO Settings

The API method, “write_child_saml_sso_settings”, is used to create a new SAML configuration or to update a SAML configuration for child customers.

  • This call requires the partner sys admin for the admin-level API key. The partner_id is the child for the admin-level API key.
  • The preferred HTTP method for this call is POST.

INPUT PARAMETERS:

Parameter Type Description
access_key string required; admin-level API key
partner_id string required; child for the admin-level API key
enable boolean optional; indicates if the SAML SSO settings are enabled
auto_provisioned_user_role string optional; indicates the type of user role
idp_metadata string optional; metadata for the new configuration
sso_provider string optional; name of the SSO provider

API CALL URL:

https://api.cloudcheckr.com/api/admin.[json|xml]/write_child_saml_sso_settings?access_key=your_admin_access_key&partner_id=4'\

REQUEST EXAMPLE:

curl -X POST \
               -- https://api.cloudcheckr.com/api/admin.[json|xml]/write_child_saml_sso_settings?access_key=your_admin_access_key&partner_id=4'\
               -- header 'cache-control: no-cache' \
               -- header 'content-type: application/[json|xml]' \
               -- data '{
                       "partner_id": "4",
                       "enable": "false",
                       "auto_provisioned_user_role": "User",
                       "idp_metadata": "This big metadata here",
                       "sso_provider": "PingOne  child 1"
           }
          

RESPONSE EXAMPLE:
XML:

<WriteChildSamlSsoSettingsResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance>
               <status>
               <code>0</code>
               <message>OK</message>
          </WriteChildSamlSsoSettingsResponse>

JSON:

{
               "Code": 200,
              "Message": "OK"
          }

How did we do?