Admin API Reference Guide
- Using Access Keys
- Preferred HTTP Methods
- API Calls
- Add Access Control Lists Per Account Per Group
- Add Account V3
- Add API Key
- Add MAV Account
- Add Tag
- Add User
- Add Users
- Add User To Group
- Clone Group
- Copy User
- Create Group
- Delete Access Control List From Group
- Delete Account
- Delete Group
- Delete Tag
- Edit Account Email Settings
- Edit Account Name
- Edit Credential
- Get Access Control List
- Get Access Control List By ID
- Get Access Control List Per Group
- Get Account
- Get Account Email Settings
- Get Account Level Tags V2
- Get Accounts By Group
- Get Accounts V2
- Get Accounts V4
- Get External ID
- Get Group
- Get Groups
- Get Groups V2
- Get User
- Get Users
- Get Users By Group
- Get Users V2
- Grant Account
- Remove User
- Remove Users From Group
- Revoke Account
- Tag Account
- Untag Account
- Ignore Best Practice
- Add Custom Billing Charge - Fixed
- Add Custom Billing Charge - Monthly Percent
- Add Custom Billing Charge - Percent All Charges
- Add Undiscovered AWS Account ID
- Create Account Family
- Custom Billing Charge
- Delete Account Family
- Delete Custom Billing Charge
- Delete Custom Billing Charge - Fixed
- Delete Custom Billing Charge - Monthly Percent
- Delete Custom Billing Charge - Percent All Charges
- Edit Custom Billing Charge - Fixed
- Edit Custom Billing Charge - Monthly Percent
- Edit Custom Billing Charge - Percent All Charges
- Get Account Family V2
- Get Billing Dashboard V2
- Get Custom Billing Charges V2
- Get Custom Billing Charges V3
- Modify Account Family
- Modify Account Family - Copy DBR
- Forgot Password
- Get SAML Providers
- Edit User
- Read Child SAML SSO Settings
- Read Child SAML SSO Settings V2
- Write Child SAML SSO Settings
CloudCheckr allows for the creation of two different types of access keys. Account-level access keys can only make calls against a single account. Admin-level access keys allow users to make calls against any of their accounts within CloudCheckr. They also allow API users to make account-management related calls that cannot be executed using account-level access keys.
CloudCheckr is revamping its API documentation to ensure that it reflects the best practices for REST and to improve overall consistency. We will restructure each call to include these sections:
| Section | Description |
| Input Parameters | Options that you pass with the endpoint to influence a response.
Identifies if a parameter is required or optional, the data type, and the parameter description. |
| API Call URL | Identifies the common path for the API (highlighted in yellow) and the end path of the endpoint (highlighted in light blue).
 |
| Request Example | Includes a sample request that shows the endpoint and a few key parameters.
Formatted in curl since it’s language-agnostic. Includes the header information and the method (GET or POST in most cases). |
| Response Example | Shows a sample response for all of the parameters passed in the request example.
Includes examples in XML and JSON. |
Attempting to make any of these calls using a general API access key will result in an error. You may also use admin-level API keys to make the other calls found in the general API Reference guide.
When using an admin-level access keys to make those calls you must add one of the following parameter to your calls:
- use_account – the name of the account you are making the call for, where the name is the name of the account added in CloudCheckr.
- use_cc_account_id – the ID of the account you are making the call for. The ID is returned when using the method ‘account/add_account_v3′ to register the account in CloudCheckr.
XML Call:
https://api.cloudcheckr.com/api/best_practice.xml/get_best_practices?access_key=[access_key]&use_account=[MyAccount]
https://api.cloudcheckr.com/api/best_practice.xml/get_best_practices?access_key=[access_key]&use_cc_account_id=[MyAccountId]
JSON Call:
https://api.cloudcheckr.com/api/best_practice.json/get_best_practices?access_key=[access_key]&use_account=[MyAccount]
https://api.cloudcheckr.com/api/best_practice.json/get_best_practices?access_key=[access_key]&use_cc_account_id=[MyAccountId]
Using Access Keys
CloudCheckr requires an access key to be passed as a parameter to all API calls.
Click here for details on creating and managing access keys.
Example of Using an Access Key:
https://api.cloudcheckr.com/api/change_monitoring.json/get_changes?access_key=[access_key]
Preferred HTTP Methods
When using libraries such as curl, you may need to indicate the HTTP method to use (POST or GET). The CloudCheckr API accepts both POST and GET in most API calls. However, we recommend you use the preferred HTTP method when possible.
The preferred HTTP method for each call is GET unless specifically noted in the API CALLS section.
For more information on HTTP methods, click here: http://www.w3schools.com/tags/ref_httpmethods.asp.
API Calls
Add Access Control Lists Per Account Per Group
The API method, “add_access_control_lists_per_account_per_group”, is used to add access control lists per account per group.
The preferred HTTP method for this call is POST.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| acls | list <string> | required; unique alphanumeric ID for each access control list (acl) |
| group_id | string | required; group ID |
| use_account | string | required/optional; friendly name of the account in CloudCheckr; must be a payer account in CloudCheckr* |
| use_cc_account_id | string | required/optional; unique account ID used in CloudCheckr; must be a payer account in CloudCheckr* |
| use_aws_account_id | string | required/optional; the 12-digit AWS account ID; must be a payer account in CloudCheckr* |
One of the * parameters must be defined.
API CALL URL:
https://api.cloudcheckr.com/api/account.[json|xml]/add_access_control_lists_per_account_per_group?access_key=your_admin_access_key&use_account=AWS Main
REQUEST EXAMPLE:
curl -X POST \
-- https://api.cloudcheckr.com/api/account.[json|xml]/add_access_control_lists_per_account_per_group?
access_key=your_admin_access_key&use_account=AWS Main\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
-- data '{
"group_id": "315ED648-DA56-4713-98DB-7D0A434A31F9",
"acls": ["dd82ecd7-c590-490f-9b3a-f22990a1b500[CC_Delimiter]16b586a1-4459-46e1-b348-8c24dd5cfb7f",
"dd82ecd7-c590-490f-9b3a-f22990a1b500[CC_Delimiter]e5c59d38-f3a1-4aac-aa48-a9823c1413ed"]
RESPONSE EXAMPLE:
XML:
<AddAccessControlListsPerAccountPerGroupResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance>
<results>
<id>315ed648-da56-4713-98db-7d0a434a31f9<
/id>
<code>
0<
/code>
<message>
null<
/message>
<
/results>
</AddAccessControlListsPerAccountPerGroupResponse>
JSON:
{
"Id": "315ed648-da56-4713-98db-7d0a434a31f9",
"Code": 0,
"Message": null
}
Add Account V3
The API method, “add_account_v3”, is used to register an AWS account with CloudCheckr. This method will return a unique ID, “cc_account_id”, to enhance security for the newly-created account. Customers can use “cc_account_id” for the parameter, “use_cc_account_id”, when making calls to the admin-level API.
- The preferred HTTP method for this call is POST.
- AWS secret keys typically contain special characters. To submit as a parameter on the URL, you must URL encode it. Click here for details.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| account_name | string | required; the name of the AWS account to register with CloudCheckr |
| user_name | string | optional; the name of the user that will have access to this account. If no user is specified, the first administrator of the account will be applied |
| aws_access_key | string | optional; the access key of the IAM user whose credentials will be used to connect CloudCheckr to your AWS account |
| aws_secret_key | string | optional; the secret key of the IAM user whose credentials will be used to connect CloudCheckr to your AWS account |
| account_tag | string | optional; the tag for the account to be used within a Multi-Account View (MAV) |
| emails | list <string> | optional; the email address(es) that will populate the account’s email settings and determine who receives the automated reports.
If this parameter is not used, the email address used when registering the CloudCheckr account will be populated in this field.
|
| payer_use_account | string | optional; the name of the payer account |
| payee_aws_account_id | string | optional; the AWS account ID associated with the payee account |
| use_account | string | required/optional; friendly name of the account in CloudCheckr; must be a payer account in CloudCheckr* |
| use_cc_account_id | string | required/optional; unique account ID used in CloudCheckr; must be a payer account in CloudCheckr* |
| use_aws_account_id | string | required/optional; the 12-digit AWS account ID; must be a payer account in CloudCheckr* |
You will only need to define one of the * parameters if you want the new account to be linked to a payer account; if you do not want to link a payer account, then none of the three * parameters are needed.
API CALL URL:
https://api.cloudcheckr.com/api/account.[json|xml]/add_account_v3?access_key=your_admin_access_key
REQUEST EXAMPLE:
The Request Example uses the “cc_account_id” to show what the URL would look like if a customer needed a new account linked to a payer account.
curl -X POST \
-- https://api.cloudcheckr.com/api/account.[json|xml]/add_account_v3?access_key=your_admin_access_key&use_cc_account_id=1234\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
-- data '{
"account_name": "api added aws account",
}
RESPONSE EXAMPLE:
XML:
<AddAccountV3Response xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance> <
status>
<account_status>Success</account_status>
<cc_account_id>38</cc_account_id>
<credential_status>No credentials given. Can use the following role_account_id and role_external_id to create cross-account role within AWS.</credential_status>
<role_account_id>352813966789</role_account_id>
<cc_external_id>CC-69CFBFCA8BF21FA123BA566A6DAAB227</cc_external_id>
</status>
</AddAccountV3Response>
JSON:
{
"account_status": "Success",
"cc_account_id": 38,
"credential_status": "No credentials given. Can use the following role_account_id and role_external_id to create cross-account role within AWS.",
"role_account_id": "352813966789",
"cc_external_id": "CC-69CFBFCA8BF21FA123BA566A6DAAB227"
}
You can use the “role_account_id” and “cc_external_id” to create a role using the AWS Command Line Interface (CLI). See the
Create Role topic in the AWS documentation for more information.
Add API Key
The API method, “add_api_key”, is used to create a new CloudCheckr API key for a specific account.
You cannot create admin-level API keys with this method.
The preferred HTTP method for this call is POST.
XML Call:
https://api.cloudcheckr.com/api/account.xml/add_api_key?access_key=[access_key]&accounts=[account_name]
JSON Call:
https://api.cloudcheckr.com/api/account.json/add_api_key?access_key=[access_key]&accounts=[account_name]
INPUT PARAMETERS
This call accepts these parameters:
- access_key (required) – standard access key required for all API calls.
- accounts (required) – name(s) of the account(s) for which an API key is being created. Accepts multiple accounts.
OUTPUT
XML Example:
<AddApiKeyResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<CreationStatuses>
<string>
Created access key for Account: [ACCOUNT] Key: [ACCESS_KEY]
</string>
</CreationStatuses>
</AddApiKeyResponse>
JSON Example:
{
"CreationStatuses": [
"Created access key for Account: [ACCOUNT] Key: [ACCESS_KEY]"
]
}
Add MAV Account
The API method, “add_mav_account”, is used to create a new Multi-View Account (MAV).
Important: This call can only be made using admin-level access keys.
The preferred HTTP method for this call is POST.
XML Call:
https://api.cloudcheckr.com/api/account.xml/add_mav_account?access_key=[access_key]&account_name=[account_name]
JSON Call:
https://api.cloudcheckr.com/api/account.json/add_mav_account?access_key=[access_key]&account_name=[account_name]
INPUT PARAMETERS
This call accepts these parameters:
- access_key (required) – Admin-level access key required for all API calls.
- account_name (required) – name of the new MAV account(s).
- account_tags_to_set (optional) – comma-separated list of tags to apply to the MAV. The tag must exist.
- for_all_accounts (optional) – true or false or 1 or 0 values. Same impact as having the “This Multi-Account View should include ALL ACCOUNTS” checked in the UI.
OUTPUT
XML & JSON Example:
{
"Code":200,
"Message":"OK"
}
Add Tag
The API method, “tag_account”, is used to create an account-level tag, enable the account-level tag, and apply this tag to account(s), which can then be used to build Multi-Account Views (MAVs).
The preferred HTTP method for this call is POST.
XML Call:
https://api.cloudcheckr.com/api/account.xml/add_tag?access_key=[access_key]&account_name=MyAccountName&tag_name=MyAccountLevelTagName&accounts=MyAccount1,MyAccount2
JSON Call:
https://api.cloudcheckr.com/api/account.json/add_tag?access_key=[access_key]&account_name=MyAccountName&tag_name=MyAccountLevelTagName&accounts=MyAccount1,MyAccount2
INPUT PARAMETERS
This call accepts these parameters:
- access_key (required) – Admin-level access key required for all API calls.
- tag_name (required) – name of the account-level tag.
- account_name (required) – name of the account where the tag will be applied.
- accounts (required) – name(s) of the accounts that will be added to the tag. Multiple accounts must be separated by a commma e.g. “,”.
OUTPUT
XML & JSON Example:
{
"Code":200,
"Message":"OK"
}
Add User
The API method, “add_user”, creates a new CloudCheckr user.
The preferred HTTP method for this call is POST.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required, admin-level API key |
| list <string> | required; the email address of the new user | |
| account_access | list <string> | required; the name of the CloudCheckr account(s) the user can access; separate multiple account names by commas as shown in the example(s) |
| user_role | string | required; the level of access for the new user; accepts ReadonlyUser, BasicUser, BasicPlusUser, User, or Administrator |
| group | string | optional; the name of the group associated with the new user |
| cost_report | boolean | optional; defines whether the user can access the cost reports within the account; accepts “yes”, “1”, “y”, “no, “0”, or “n” |
| blended_cost | boolean | optional; defines whether the user can view blended costs within the cost reports; accepts “yes”, “1”, “y”, “no, “0”, or “n” |
| unblended_cost | boolean | optional; defines whether the user can view unblended costs within the cost reports; accepts “yes”, “1”, “y”, “no, “0”, or “n” |
| list_cost | boolean | optional; defines whether the user can view list costs within the cost reports; accepts “yes”, “1”, “y”, “no, “0”, or “n” |
| resource_utilization_reports | boolean | optional; defines whether the user can access the resource utilization reports within the account; accepts “yes”, “1”, “y”, “no, “0”, or “n” |
| trending_reports | boolean | optional; defines whether the user can access the trending reports within the account; accepts “yes”, “1”, “y”, “no, “0”, or “n” |
| change_monitoring | boolean | optional; defines whether the user can access the change monitoring report within the account; accepts “yes”, “1”, “y”, “no, “0”, or “n” |
| best_practices | boolean | optional; defines whether the user can access the best practice report within the account; accepts “yes”, “1”, “y”, “no, “0”, or “n” |
| edit_emails | boolean | optional; identifies if the customer can modify email addresses associated with the user |
| all_access | boolean | optional; if this set to true, the user will have access to all reports within the account and none of the other parameters listed below are required; accepts “yes”, “1”, or “y” |
| password | string | optional; sets the password for the new user |
| automation | boolean | optional; allows the new user to access the associated report |
| savings | boolean | optional; allows the new user to access the associated report |
| alerts | boolean | optional; allows the new user to access the associated report |
| inventory | boolean | optional; allows the new user to access the associated report |
| security | boolean | optional; allows the new user to access the associated report |
| account_notification | boolean | optional; allows the new user to receive notifications from any associated accounts |
| partner_tools | boolean | optional; allows the new user to access the partner tools |
| edit_partner_tools | boolean | optional; allows the new user to modify the configuration of the partner tools |
| see_api_keys | boolean | optional; makes the API key visible to the new user |
| auth_types | boolean | optional; allows the new user access to authorization types |
| use_default_provider | boolean | optional; allows the new user to use the default provider configuration |
| sso_provider | string | optional; indicates that the new user has an SSO association |
| use_account | string | required/optional; friendly name of the account in CloudCheckr; must be a payer account in CloudCheckr* |
| use_cc_account_id | string | required/optional; unique account ID used in CloudCheckr; must be a payer account in CloudCheckr* |
| use_aws_account_id | string | required/optional; the 12-digit AWS account ID; must be a payer account in CloudCheckr* |
One of the * parameters must be defined.
API CALL URL:
https://api.cloudcheckr.com/api/account.[json|xml]/add_user?access_key=your_admin_access_key
REQUEST EXAMPLE:
curl -X POST \
-- https://api.cloudcheckr.com/api/account.[json|xml]/add_user?access_key=your_admin_access_key&use_cc_account_id=1234\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
-- data '{
"email": "newUser@cloudcheckr.com",
"account_access": "AWS Main",
"user_role": "user",
"cost_report": "no",
"auth_types": "saml",
"group": "g2",
"use_default_provider": "true",
"sso_provider": "PingOne"
}
RESPONSE EXAMPLE:
XML:
<AddUserResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance> <CreationStatuses>Created new user with email: newUser@cloudcheckr.com</CreationStatuses>
</AddUserResponse>
JSON:
{
"CreationStatuses": [
"Created new user with email: newUser32i34i32ke@cloudcheckr.com"
]
}
Add Users
The API method, “add_users”, creates multiple CloudCheckr users.
The preferred HTTP method for this call is POST.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required, admin-level API key |
| string | required; the email address of the new user | |
| account_access | list <string> | required; the name of the CloudCheckr account(s) the user can access; separate multiple account names by commas as shown in the example(s) |
| user_role | string | required; the level of access for the new user; accepts ReadonlyUser, BasicUser, BasicPlusUser, User, or Administrator |
| group | string | optional; the name of the group associated with the new user |
| cost_report | boolean | optional; defines whether the user can access the cost reports within the account; accepts “yes”, “1”, “y”, “no, “0”, or “n” |
| blended_cost | boolean | optional; defines whether the user can view blended costs within the cost reports; accepts “yes”, “1”, “y”, “no, “0”, or “n” |
| unblended_cost | boolean | optional; defines whether the user can view unblended costs within the cost reports; accepts “yes”, “1”, “y”, “no, “0”, or “n” |
| list_cost | boolean | optional; defines whether the user can view list costs within the cost reports; accepts “yes”, “1”, “y”, “no, “0”, or “n” |
| resource_utilization_reports | boolean | optional; defines whether the user can access the resource utilization reports within the account; accepts “yes”, “1”, “y”, “no, “0”, or “n” |
| trending_reports | boolean | optional; defines whether the user can access the trending reports within the account; accepts “yes”, “1”, “y”, “no, “0”, or “n” |
| change_monitoring | boolean | optional; defines whether the user can access the change monitoring report within the account; accepts “yes”, “1”, “y”, “no, “0”, or “n” |
| best_practices | boolean | optional; defines whether the user can access the best practice report within the account; accepts “yes”, “1”, “y”, “no, “0”, or “n” |
| edit_emails | boolean | optional; identifies if the customer can modify email addresses associated with the user |
| all_access | boolean | optional; if this set to true, the user will have access to all reports within the account and none of the other parameters listed below are required; accepts “yes”, “1”, or “y” |
| password | string | optional; sets the password for the new user |
| automation | boolean | optional; allows the new user to access the associated report |
| savings | boolean | optional; allows the new user to access the associated report |
| alerts | boolean | optional; allows the new user to access the associated report |
| inventory | boolean | optional; allows the new user to access the associated report |
| security | boolean | optional; allows the new user to access the associated report |
| account_notification | boolean | optional; allows the new user to receive notifications from any associated accounts |
| partner_tools | boolean | optional; allows the new user to access the partner tools |
| edit_partner_tools | boolean | optional; allows the new user to modify the configuration of the partner tools |
| see_api_keys | boolean | optional; makes the API key visible to the new user |
| auth_types | boolean | optional; allows the new user access to authorization types |
| use_default_provider | boolean | optional; allows the new user to use the default provider configuration |
| sso_provider | string | optional; indicates that the new user has an SSO association |
| use_account | string | required/optional; friendly name of the account in CloudCheckr; must be a payer account in CloudCheckr* |
| use_cc_account_id | string | required/optional; unique account ID used in CloudCheckr; must be a payer account in CloudCheckr* |
| use_aws_account_id | string | required/optional; the 12-digit AWS account ID; must be a payer account in CloudCheckr* |
One of the * parameters must be defined.
API CALL URL:
https://api.cloudcheckr.com/api/account.[json|xml]/add_users?access_key=your_admin_access_key
REQUEST EXAMPLE:
curl -X POST \
-- https://api.cloudcheckr.com/api/account.[json|xml]/add_users?access_key=your_admin_access_key&use_cc_account_id=1234\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
-- data '{
"email": "newUser@cloudcheckr.com",
"account_access": "AWS Main",
"user_role": "user",
"cost_report": "no",
"group": "g2",
"use_default_provider": 'true",
"sso_provider": "PingOne"
}
RESPONSE EXAMPLE:
XML:
<AddUsersResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance> <CreationStatuses>
<status>Created new user with email: newUser48f@cloudcheckr.com</status>
<status>Created new user with email: newUserk39dk@cloudcheckr.com</status>
</CreationStatuses>
</AddUsersResponse>
JSON:
{
"CreationStatuses": [
"Created new user with email: newUser48f@cloudcheckr.com@cloudcheckr.com",
"Created new user with email: newUserk39dk@cloudcheckr.com"
]
}
Add User To Group
The API method, “add_user_to_group”, is used to add a new user group in CloudCheckr to manage users and permissions at the group level.
The preferred HTTP method for this call is POST.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| group_id | string | required; group ID associated with the selected group |
| user_ids | list <string> | required; IDs of the users; comma-separated list |
| use_account | string | required/optional; friendly name of the account in CloudCheckr; must be a payer account in CloudCheckr* |
| use_cc_account_id | string | required/optional; unique account ID used in CloudCheckr; must be a payer account in CloudCheckr* |
| use_aws_account_id | string | required/optional; the 12-digit AWS account ID; must be a payer account in CloudCheckr* |
One of the * parameters must be defined.
API CALL URL:
https://api.cloudcheckr.com/api/account.[json|xml]/add_user_to_group?access_key=your_admin_access_key
REQUEST EXAMPLE:
curl -X POST \
-- https://api.cloudcheckr.com/api/account.[json|xml]/add_user_to_group?access_key=your_admin_access_key&use_cc_account_id=1234\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
-- data '{
"group_id": "e85446b9-8821-41a6-9558-7550756dd899",
"user_ids": ["8B65E388-8A0B-4B5A-A12B-8B0325D0ABF4", "683C1113-1FF0-4F8B-AA3D-9288D2ED615A"]
}
RESPONSE EXAMPLE:
XML:
<AddUserToGroupResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<status>
<Code>200</Code>
<Message>OK</Message>
</status>
</AddUserToGroupResponse>
JSON:
{
"Code": 200,
"Message": "OK"
}
Clone Group
The API method, “clone_group”, creates a copy of an existing group without the users.
The preferred HTTP method for this call is POST.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| group_id | string | required; group ID |
| name | string | required; name |
| use_account | string | required; friendly name of the account in the application |
| use_cc_account_id | string | required; account ID used in the application |
| use_aws_account_id | string | required; the 12-digit AWS account ID |
ENDPOINT URL:
https://api.cloudcheckr.com/api/account.[json|xml]/clone_group
JSON/XML CALL EXAMPLE:
curl --request POST \
-- 'https://api.cloudcheckr.com/api/account.[json|xml]/clone_group?access_key=your_admin_access_key&use_cc_account_id=1234'\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
-- data '{
"(required)access_key": "someValHere",
"(required)group_id": "someValHere",
"(required)name": "someValHere",
"use_account": "someValHere",
"use_cc_account_id": "someValHere",
"use_aws_account_id": "someValHere",
}
SUCCESSFUL JSON/XML RESPONSE:
{
"Code": 200,
"Message": "OK"
}
Copy User
The API method “copy user” is used to create a new CloudCheckr user with the exact permissions as an existing user.
IMPORTANT: This call can only be made using admin-level access keys.
The preferred HTTP method for this call is POST.
XML call:
https://api.cloudcheckr.com/api/account.xml/copy_user?access_key=[access_key]&email_to_copy=[existing_user_email]&emails=[new_user_email]
JSON call:
https://api.cloudcheckr.com/api/account.json/copy_user?access_key=[access_key]&email_to_copy=[existing_user_email]&emails=[new_user_email]
INPUT PARAMETERS
This call accepts these parameters:
- access_key (required) – Admin-Level Access Key is required for this call.
- email_to_copy (required) – The email address of the existing user.
- emails (required) – The email address(es) of the new user(s).
- use_account (required — either this field or ‘use_cc_account_id’) – The name of the AWS account within CloudCheckr.
- use_cc_account_id (required — either this field or ‘use_account’) – The CloudCheckr ID number for the AWS account within the application.
You can also use this call to add multiple users at once. Simply include all of the emails required, separated by commas.
OUTPUT
XML Example:
<CopyUserResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance> <CreationStatuses>Created new user with email: mytest@mytest.me</CopyUserResponse>
JSON Example:
{
"CreationStatuses": [
"Created new user with email: mytest@mytest.me"
]
}
Create Group
The API method, “create_group”, is used to create a group.
The preferred HTTP method for this call is POST.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| name | string | required; name of the group you want to create |
| use_cc_account_id | integer | required; account ID used in the application |
ENDPOINT URL:
https://api.cloudcheckr.com/api/account.[json|xml]/create_group
JSON/XML CALL EXAMPLE:
curl --request POST \
-- 'https://api.cloudcheckr.com/api/account.[json|xml]/create_group?access_key=your_admin_access_key&use_cc_account_id=1234'\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
-- data '{
"(required)access_key": "someValHere",
"(required)name": "someValHere",
}
SUCCESSFUL JSON/XML RESPONSE:
{
"Code": 200,
"Message": "OK"
}
Delete Access Control List From Group
The API method, “delete_access_control_list_from_group”, is used to delete an access control list from a group.
The preferred HTTP method for this call is POST.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| group_id | string | required; ID of the user group |
| acls | list <string> | required; access control lists (ACLs) |
| use_account | string | required/optional; friendly name of the account in CloudCheckr; must be a payer account in CloudCheckr* |
| use_cc_account_id | string | required/optional; unique account ID used in CloudCheckr; must be a payer account in CloudCheckr* |
| use_aws_account_id | string | required/optional; the 12-digit AWS account ID; must be a payer account in CloudCheckr* |
One of the * parameters must be defined.
API CALL URL:
https://api.cloudcheckr.com/api/account.[json|xml]/delete_access_control_list_from_groupaccess_key=your_admin_access_key&use_account=AWS Main
REQUEST EXAMPLE:
curl -X POST \
-- https://api.cloudcheckr.com/api/account.[json|xml]/delete_access_control_list_from_group?access_key=your_admin_access_key&use_account=AWS Main\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
-- data '{
"group_id": "315ED648-DA56-4713-98DB-7D0A434A31F9",
"acls": ["dd82ecd7-c590-490f-9b3a-f22990a1b500[CC_Delimiter]16b586a1-4459-46e1-b348-8c24dd5cfb7f",
"dd82ecd7-c590-490f-9b3a-f22990a1b500[CC_Delimiter]e5c59d38-f3a1-4aac-aa48-a9823c1413ed"]
}
RESPONSE EXAMPLE:
XML:
<DeleteAccessControlListFromGroupResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<Status>
<Code>200</Code>
<Message>OK</Message>
</Status>
</DeleteAccessControlListFromGroupResponse>
JSON:
{
"Code": 200,
"Message": "OK"
}
Delete Account
The API method “delete_account” is used to remove an AWS account that has been registered with CloudCheckr.
IMPORTANT: This call can only be made using Admin-Level Access Keys.
The preferred HTTP method for this call is POST.
XML call:
https://api.cloudcheckr.com/api/account.xml/delete_account?access_key=[access_key]&account_name=MyAccountName
JSON call:
https://api.cloudcheckr.com/api/account.json/delete_account?access_key=[access_key]&account_name=MyAccountName
INPUT PARAMETERS
This call accepts these parameters:
- access_key (required) – Admin-Level Access Key is required for this call.
- account_name (required) – the name of the AWS account that will be removed from CloudCheckr.
OUTPUT
XML & JSON Example:
{
"Code":200,
"Message":"OK"
}
Delete Group
The API method, “delete_group”, is used to delete the group with the specified ID.
The preferred HTTP method for this call is POST.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| group_id | string | required; group ID |
| string | required; email address of the user | |
| user_id | string | required; user ID |
| use_account | string | required; friendly name of the account in the application |
| use_cc_account_id | string | required; account ID used in the application |
| use_aws_account_id | string | required; the 12-digit AWS account ID |
ENDPOINT URL:
https://api.cloudcheckr.com/api/account.[json|xml]/delete_group
JSON/XML CALL EXAMPLE:
curl --request POST \
-- 'https://api.cloudcheckr.com/api/account.[json|xml]/delete_group?access_key=your_admin_access_key&use_cc_account_id=1234'\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
-- data '{
"(required)(admin level)access_key": "someValHere",
"(required)group_id": "someValHere",
"email": "someValHere",
"user_id": "someValHere",
"use_account": "someValHere",
"use_cc_account_id": "someValHere",
"use_aws_account_id": "someValHere",
}
SUCCESSFUL JSON/XML RESPONSE:
{
"Code": 200,
"Message": "OK"
}
Delete Tag
The API method, “delete_tag”, is used to delete an account-level tag in Multi-Account Views. If you delete an account-level tag, it will impact any account that uses this tag to build its Multi-Account Views (MAVs).
The preferred HTTP method for this call is POST.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| account_name | string | required; name of the account that contains the tag |
| account_tag | string | required; name of the account-level tag that will be deleted |
ENDPOINT URL:
https://api.cloudcheckr.com/api/account.[json|xml]/delete_tag
JSON/XML CALL EXAMPLE:
curl --request POST \
-- 'https://api.cloudcheckr.com/api/account.[json|xml]/delete_tag?access_key=[access key]
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
-- data '{
'account_name': 'my account name',
'account_tag': 'my account tag'
}
SUCCESSFUL JSON/XML RESPONSE:
{
"Code": 200,
"Message": "OK"
}
Edit Account Email Settings
The API method “edit_account_email_settings” is used to configure a CloudCheckr account’s primary email address(es) for delivery of report emails.
IMPORTANT: This call can only be made using Admin-Level Access Keys.
The preferred HTTP method for this call is POST.
XML call:
https://api.cloudcheckr.com/api/account.xml/edit_account_email_settings?access_key=[access_key]&use_account=[account_name]&emails=[email_address]&alert_health_all=1
JSON call:
https://api.cloudcheckr.com/api/account.json/edit_account_email_settings?access_key=[access_key]&use_account=[account_name]&emails=[email_address]&alert_health_all=1
INPUT PARAMETERS
This call accepts these parameters:
If you want a report email to be enabled, you must always explicitly define it as enabled. If you omit a report email parameter (e.g. best_practices), then the result for that report email will default to false.
Also, when using edit_account_email_settings, you will identify which AWS account to edit by using either use_account or use_cc_account_id.
- access_key (required) – Admin-Level Access Key is required for this call.
- use_account (required — either this field or ‘use_cc_account_id’) – The name of the AWS account within CloudCheckr that will have its credentials changed.
- use_cc_account_id (required — either this field or ‘use_account’) – The CloudCheckr ID number for the AWS account within the application.
- emails (required) – The email address(es) to be added as the primary recipient(s) for this account.
- alert_daily_billing (required) – true or false or 1 or 0 values
- alert_health_affected (required) – true or false or 1 or 0 values
- alert_health_all (required) – true or false or 1 or 0 values
- change_monitoring (required) – true or false or 1 or 0 values
- best_practices (required) – true or false or 1 or 0 values
- daily_bill_summary (required) – true or false or 1 or 0 values
- monthly_bill_summary (required) – true or false or 1 or 0 values
- daily_consolidated_bill_summary (required) – true or false or 1 or 0 values
- monthly_consolidated_bill_summary (required) – true or false or 1 or 0 values
- inventory_summary_report (required) – true or false or 1 or 0 values
- ec2_trending_report (required) – true or false or 1 or 0 values
- s3_summary_report (required) – true or false or 1 or 0 values
- ec2_resource_utilization_report (required) – true or false or 1 or 0 values
OUTPUT
XML & JSON Example:
{
"Code":200,
"Message":"OK"
}
Edit Account Name
The API method, “edit_accountname”, is used to edit the account name to better fit with the naming conventions used within your deployment.
The preferred HTTP method for this call is POST.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key
Alternatively, you can use an account API key to rename the account.
|
| account_name | string | required; name of the Cloudcheckr account |
| use_account | string | required/optional; friendly name of the account in CloudCheckr* |
| use_cc_account_id | string | required/optional; unique account ID used in CloudCheckr* |
| use_aws_account_id | string | required/optional; the 12-digit AWS account ID* |
If you use an admin-level API key, you must define one of the * parameters.
ENDPOINT URL:
https://api.cloudcheckr.com/api/account.[json|xml]/edit_accountname
JSON/XML CALL EXAMPLE:
curl --request POST \
-- https://api.cloudcheckr.com/api/account.[json|xml]/edit_accountname?access_key=[access key]
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
-- data '{
'account_name': CloudCheckr Support',
}
SUCCESSFUL JSON/XML RESPONSE:
{
"Code": 200,
"Message": "OK"
}
Edit Credential
The API method, “edit_credential”, is used to add or change the AWS credentials on an AWS account that has been registered with CloudCheckr.
The preferred HTTP method for this call is POST.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key
Alternatively, you can use an account API key to rename the account.
|
| aws_access_key | string | required/optional; the access key of the IAM user whose credentials will be used to connect CloudCheckr to your AWS account* |
| aws_secret_key | string | required/optional; the secret key of the IAM user whose credentials will be used to connect CloudCheckr to your AWS account* |
| use_account | string | required/optional; friendly name of the account in CloudCheckr* |
| use_aws_account_id | string | required/optional; the 12-digit AWS account ID* |
| aws_role_arn | string | required/optional; AWS role ARN parameter that gets generated when you create a role in AWS using CLI*
See the Create Role topic in the AWS documentation for more information. |
One of the * parameters must be defined.
API CALL URL:
https://api.cloudcheckr.com/api/account.[json|xml]/edit_credential/
REQUEST EXAMPLE:
https://api.cloudcheckr.com/api/account.[json|xml]/edit_credential?use_account=CloudCheckrDev&aws_role_arn=arn:aws:iam::215011050627:role/restricted_iam_role
RESPONSE EXAMPLE:
{
"Code":200,
"Message":"OK"
}
Get Access Control List
The API method, “get_access_control_list”, is used to return the access control list.
The preferred HTTP method for this call is POST.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| section | string | required; section name |
| use_cc_account_id | string | required; account ID used in the application |
ENDPOINT URL:
https://api.cloudcheckr.com/api/account.[json|xml]/get_access_control_list
JSON/XML CALL EXAMPLE:
curl --request POST \
-- 'https://api.cloudcheckr.com/api/account.[json|xml]/get_access_control_list?access_key=your_admin_access_key&use_cc_account_id=1234'\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
-- data '{
"(required)access_key": "someValHere",
"section": "someValHere",
}
SUCCESSFUL JSON/XML RESPONSE:
{
"Code": 200,
"Message": "OK"
}
Get Access Control List By ID
The API method, “get_access_control_list_by_id”, is used to return the access control list by ID.
The preferred HTTP method for this call is POST.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| id | string | required; ID of the ACL item |
| use_account | string | required; friendly name of the account in the application |
| use_cc_account_id | string | required; account ID used in the application |
| use_aws_account_id | string | required; the 12-digit AWS account ID |
ENDPOINT URL:
https://api.cloudcheckr.com/api/account.[json|xml]/get_access_control_list_by_id
JSON/XML CALL EXAMPLE:
curl --request POST \
-- 'https://api.cloudcheckr.com/api/account.[json|xml]/get_access_control_list_by_id&access_key=your_admin_access_key&use_cc_account_id=1234'\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
-- data '{
"(required)(admin level)access_key": "someValHere",
"(required)id": "someValHere",
"use_account": "someValHere",
"use_cc_account_id": "someValHere",
"use_aws_account_id": "someValHere",
}
SUCCESSFUL JSON/XML RESPONSE:
{
"Code": 200,
"Message": "OK"
}
Get Access Control List Per Group
The API method, “get_access_control_list_per_group”, is used to return the access control list by group.
The preferred HTTP method for this call is POST.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| group_id | string | required; ID of the group |
| use_account | string | required/optional: friendly name of the account in CloudCheckr; must be a payer account in CloudCheckr* |
| use_cc_account_id | string | required/optional: unique account ID used in CloudCheckr; must be a payer account in CloudCheckr* |
| use_aws_account_id | string | required/optional: the 12-digit AWS account ID; must be a payer account in CloudCheckr* |
One of the * parameters must be defined.
API CALL URL:
https://api.cloudcheckr.com/api/account.[json|xml]/get_access_control_list_per_group?access_key=your_admin_access_key&use_account=AWS Main&group_id=315ED648-DA56-4713-98DB-7D0A434A31F9
REQUEST EXAMPLE:
curl -X GET \
-- https://api.cloudcheckr.com/api/account.[json|xml]/get_access_control_list_per_group?access_key=your_admin_access_key&use_account=AWS Main&group_id=315ED648-DA56-4713-98DB-7D0A434A31F9\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
RESPONSE EXAMPLE:
XML:
<GetAccessControlListPerGroupResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance>
<acl>
<id>dd82ecd7-c590-490f-9b3a-f22990a1b500[CC_Delimiter]bde7a10b-6e76-4ce5-918c-5c4821b4f3bd</id>
<name>Inventory Summary</name>
<section>Inventory</section>
<code>0</code>
<message>null</message>
</acl>
<acl>
<id>dd82ecd7-c590-490f-9b3a-f22990a1b500[CC_Delimiter]4adf637d-667a-4530-a6a4-e8b4e5fcd340</id>
<name>Map Overlay</name>
<section>Inventory</section>
<code>0</code>
<message>null</message>
</acl>
<acl>
<id>dd82ecd7-c590-490f-9b3a-f22990a1b500[CC_Delimiter]08d18f15-1e86-40f7-bc8f-37f8bc27f1b7</id>
<nameTagged Resources</name>
<section>Inventory</section>
<code>0</code>
<message>null</message>
</acl>
</GetAccessControlListPerGroupResponse>
JSON:
{
"Acls": [
{
"Id": "dd82ecd7-c590-490f-9b3a-f22990a1b500[CC_Delimiter]bde7a10b-6e76-4ce5-918c-5c4821b4f3bd",
"Name": "Inventory Summary",
"Section": "Inventory",
"Code": 0,
"Message": null
},
{
"Id": "dd82ecd7-c590-490f-9b3a-f22990a1b500[CC_Delimiter]4adf637d-667a-4530-a6a4-e8b4e5fcd340",
"Name": "Map Overlay",
"Section": "Inventory",
"Code": 0,
"Message": null
},
{
"Id": "dd82ecd7-c590-490f-9b3a-f22990a1b500[CC_Delimiter]08d18f15-1e86-40f7-bc8f-37f8bc27f1b7",
"Name": "Tagged Resources",
"Section": "Inventory",
"Code": 0,
"Message": null
}
]
}
Get Account
The API method, “get_account”, is used to retrieve an account.
The preferred HTTP method for this call is GET.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| account_id | string | required; account ID |
API CALL URL:
https://api.cloudcheckr.com/api/account.[json|xml]/get_account
REQUEST EXAMPLE:
curl -X GET\
-- https://api.cloudcheckr.com/api/account.[json|xml]/get_account?access_key=your_admin_access_key&account_id=3'\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
RESPONSE EXAMPLE:
XML:
<GetAccountResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<Code>0</Code>
<Id>3</Id>
<Name>Account 1234</Name>
<Provider>Amazon Web Services</Provider>
<Type>General</Type>
<AccountId>1234222333</AccountId>
<HasCredentials>true</HasCredentials>
<Note>Don't click here anymore</Note>
<LastUpdated>2018-04-19T20:10:59</LastUpdated>
</GetAccountResponse>
JSON:
{
"Code": "0",
"Id": "3",
"Name": "Account 1234",
"Provider": "Amazon Web Services",
"Type": "General",
"AccountId": "1234222333",
"HasCredentials": "true",
"Note": "Don't click here anymore",
"LastUpdated": "2018-04-19T20:10:59"
}
Get Account Email Settings
The API method, “get_account_email_settings”, is used to return a complete list of all email settings in a CloudCheckr account.
- This call can only be made using admin-level access keys.
- The preferred HTTP method for this call is GET.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required, admin-level API key |
| use_account | string | required/optional; friendly name of the account in CloudCheckr; must be a payer account in CloudCheckr* |
| use_cc_account_id | string | required/optional; unique account ID used in CloudCheckr; must be a payer account in CloudCheckr* |
| use_aws_account_id | string | required/optional: the 12-digit AWS account ID; must be a payer account in CloudCheckr* |
One of the * parameters must be defined.
API CALL URL:
https://api.cloudcheckr.com/api/account.[json|xml]/get_account_email_settings?access_key=your_admin_access_key&use_cc_account_id=1234'
REQUEST EXAMPLE:
curl -X GET \
-- https://api.cloudcheckr.com/api/account.[json|xml]/get_account_email_settings?access_key=your_admin_access_key&use_cc_account_id=1234'\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
RESPONSE EXAMPLE:
XML:
<GetAccountEmailSettingsResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<accounts_and_email_settings>
<AccountAndEmailSettings>
<ProjectName>Account_Name_Example</ProjectName>
<EmailReportRecipients>
<EmailAddresses>email1@cloudcheckr.com, email2@cloudcheckr.com</EmailAddresses>
</EmailReportRecipients>
<AlertEmailSettings>
<EnableDailyCostAlert>true</EnableDailyCostAlert>
<AwsCostThreshold>10</AwsCostThreshold>
<EnableAwsHealthAlerts>false</EnableAwsHealthAlerts>
<EnableAwsHealthAlertsIfAffects>true</EnableAwsHealthAlertsIfAffects>
</AlertEmailSettings>
<DailyEmailSettings>
<EnableDailyChangeMonitoring>false</EnableDailyChangeMonitoring>
<EnableDailyBestPractice>false</EnableDailyBestPractice>
<EnableDailyBillForceUsingCloudWatch>false</EnableDailyBillForceUsingCloudWatch>
<EnableDailyAwsConsolidatedBillingSummary>true</EnableDailyAwsConsolidatedBillingSummary>
<EnableDailyChangeMonitoringAwsConfig>false</EnableDailyChangeMonitoringAwsConfig>
<EnableAutomation>false</EnableAutomation>
<EnableImproperlyTaggedResources>false</EnableImproperlyTaggedResources>
<EnableDailyCloudTrailSummary>false</EnableDailyCloudTrailSummary>
<DailyBestPracticeEmailSettings>
<EnableHighImportance>false</EnableHighImportance>
<EnableMediumImportance>false</EnableMediumImportance>
<EnableLowImportance>false</EnableLowImportance>
<EnableInformationalImportance>false</EnableInformationalImportance>
<EnableSecurityType>false</EnableSecurityType>
<EnableCostType>false</EnableCostType>
<EnableUsageType>false</EnableUsageType>
<EnableAvailabilityType>false</EnableAvailabilityType>
<EnableTrustedAdvisorType>false</EnableTrustedAdvisorType>
</DailyBestPracticeEmailSettings>
</DailyEmailSettings>
<WeeklyEmailSettings>
<EnableWeeklyInventory>true</EnableWeeklyInventory>
<EnableWeeklyS3Summary>true</EnableWeeklyS3Summary>
<EnableWeeklyEc2Trend>true</EnableWeeklyEc2Trend>
<EnableWeeklyS3Trend>false</EnableWeeklyS3Trend>
<EnableWeeklyEc2Utilization>true</EnableWeeklyEc2Utilization>
<EnableWeeklyBestPractice>false</EnableWeeklyBestPractice>
<WeeklyBestPracticeEmailSettings>
<EnableHighImportanceWeekly>false</EnableHighImportanceWeekly>
<EnableMediumImportanceWeekly>false</EnableMediumImportanceWeekly>
<EnableLowImportanceWeekly>false</EnableLowImportanceWeekly>
<EnableInformationalImportanceWeekly>false</EnableInformationalImportanceWeekly>
<EnableSecurityTypeWeekly>false</EnableSecurityTypeWeekly>
<EnableCostTypeWeekly>false</EnableCostTypeWeekly>
<EnableUsageTypeWeekly>false</EnableUsageTypeWeekly>
<EnableAvailabilityTypeWeekly>false</EnableAvailabilityTypeWeekly>
</WeeklyBestPracticeEmailSettings>
</WeeklyEmailSettings>
<MonthlyEmailSettings>
<EnableMonthlyCost>false</EnableMonthlyCost>
<EnableMonthlyAwsConsolidatedBillingSummary>false</EnableMonthlyAwsConsolidatedBillingSummary>
<EnableMonthlyBestPractice>false</EnableMonthlyBestPractice>
<DaysSelectedMonthly />
<MonthlyBestPracticeEmailSettings>
<EnableHighImportanceMonthly>false</EnableHighImportanceMonthly>
<EnableMediumImportanceMonthly>false</EnableMediumImportanceMonthly>
<EnableLowImportanceMonthly>false</EnableLowImportanceMonthly>
<EnableInformationalImportanceMonthly>false</EnableInformationalImportanceMonthly>
<EnableSecurityTypeMonthly>false</EnableSecurityTypeMonthly>
<EnableCostTypeMonthly>false</EnableCostTypeMonthly>
<EnableUsageTypeMonthly>false</EnableUsageTypeMonthly>
<EnableAvailabilityTypeMonthly>false</EnableAvailabilityTypeMonthly>
</MonthlyBestPracticeEmailSettings>
</MonthlyEmailSettings>
</AccountAndEmailSettings>
</accounts_and_email_settings>
</GetAccountEmailSettingsResponse>
JSON:
{
"GetAccountEmailSettingsResponse": {
"accounts_and_email_settings": {
"AccountAndEmailSettings": {
"ProjectName": "Account_Name_Example",
"EmailReportRecipients": {
"EmailAddresses": "email1@cloudcheckr.com, email2@cloudcheckr.com"
},
"AlertEmailSettings": {
"EnableDailyCostAlert": "true",
"AwsCostThreshold": "10",
"EnableAwsHealthAlerts": "false",
"EnableAwsHealthAlertsIfAffects": "true"
},
"DailyEmailSettings": {
"EnableDailyChangeMonitoring": "false",
"EnableDailyBestPractice": "false",
"EnableDailyBillForceUsingCloudWatch": "false",
"EnableDailyAwsConsolidatedBillingSummary": "true",
"EnableDailyChangeMonitoringAwsConfig": "false",
"EnableAutomation": "false",
"EnableImproperlyTaggedResources": "false",
"EnableDailyCloudTrailSummary": "false",
"DailyBestPracticeEmailSettings": {
"EnableHighImportance": "false",
"EnableMediumImportance": "false",
"EnableLowImportance": "false",
"EnableInformationalImportance": "false",
"EnableSecurityType": "false",
"EnableCostType": "false",
"EnableUsageType": "false",
"EnableAvailabilityType": "false",
"EnableTrustedAdvisorType": "false"
}
},
"WeeklyEmailSettings": {
"EnableWeeklyInventory": "true",
"EnableWeeklyS3Summary": "true",
"EnableWeeklyEc2Trend": "true",
"EnableWeeklyS3Trend": "false",
"EnableWeeklyEc2Utilization": "true",
"EnableWeeklyBestPractice": "false",
"WeeklyBestPracticeEmailSettings": {
"EnableHighImportanceWeekly": "false",
"EnableMediumImportanceWeekly": "false",
"EnableLowImportanceWeekly": "false",
"EnableInformationalImportanceWeekly": "false",
"EnableSecurityTypeWeekly": "false",
"EnableCostTypeWeekly": "false",
"EnableUsageTypeWeekly": "false",
"EnableAvailabilityTypeWeekly": "false"
}
},
"MonthlyEmailSettings": {
"EnableMonthlyCost": "false",
"EnableMonthlyAwsConsolidatedBillingSummary": "false",
"EnableMonthlyBestPractice": "false",
"DaysSelectedMonthly": "",
"MonthlyBestPracticeEmailSettings": {
"EnableHighImportanceMonthly": "false",
"EnableMediumImportanceMonthly": "false",
"EnableLowImportanceMonthly": "false",
"EnableInformationalImportanceMonthly": "false",
"EnableSecurityTypeMonthly": "false",
"EnableCostTypeMonthly": "false",
"EnableUsageTypeMonthly": "false",
"EnableAvailabilityTypeMonthly": "false"
}
}
}
}
}
Get Account Level Tags V2
The API method “get_account_level_tags_v2”, returns enabled account-level tags in three ways:
When called with only an access key, the call returns all account-level tags enabled in this customer, grouped by project name.
When called with a general account specified, the call returns all account-level tags enabled on that general account.
When called with a Multi-Account View specified, the call returns a list of accounts associated with the MAV and all enabled tags in the MAV.
Using call against general accounts:
The preferred HTTP method for this call is GET.
XML call:
https://api.cloudcheckr.com/api/account.xml/get_account_level_tags_v2?access_key=[access_key]
JSON call:
https://api.cloudcheckr.com/api/account.json/get_account_level_tags_v2?access_key=[access_key]
INPUT PARAMETERS
This call accepts these parameters:
- access_key (required) – Admin-Level Access Key is required for this call.
- use_account (optional) – Account name is used here; returns enabled account-level tags from specific account(s).
OUTPUT
XML Example:
<AccountLevelTagsReponse
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<AccountItems>
<AccountItem>
<AccountName>My General Account Name</AccountName>
<TagsNames>
<string>MyAccountLevelTag1</string>
<string>MyAccountLevelTag2</string>
</TagsNames>
</AccountItem>
</AccountItems>
</AccountLevelTagsReponse>
JSON Example:
{
"AccountLevelTagsReponse": {
"-xmlns:xsd": "http://www.w3.org/2001/XMLSchema",
"-xmlns:xsi": "http://www.w3.org/2001/XMLSchema-instance",
"AccountItems": {
"AccountItem": {
"AccountName": "My General Account Name",
"TagsNames": {
"string": [
"MyAccountLevelTag1",
"MyAccountLevelTag2"
]
}
}
}
}
}
Using the call against Multi-Account Views:
XML call:
https://api.cloudcheckr.com/api/account.xml/get_account_level_tags_v2?access_key=[access_key]&use_account=[MAV account name]
JSON call:
https://api.cloudcheckr.com/api/account.json/get_account_level_tags_v2?access_key=[access_key]&use_account=[MAV account name]
INPUT PARAMETERS
This call accepts these parameters:
- access_key (required) – Admin-Level Access Key is required for this call.
- use_account (required)- Account name is used here; returns enabled account-level tags from MAV account(s).
OUTPUT
XML Example:
<AccountLevelTagsReponse
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<AccountItems>
<AccountItem>
<AccountName>My MAV Account Name</AccountName>
<TagsNames>
<string>MyAccountLevelTag1</string>
<string>MyAccountLevelTag2</string>
</TagsNames>
</AccountItem>
</AccountItems>
</AccountLevelTagsReponse>
JSON Example:
{
"AccountLevelTagsReponse": {
"-xmlns:xsd": "http://www.w3.org/2001/XMLSchema",
"-xmlns:xsi": "http://www.w3.org/2001/XMLSchema-instance",
"AccountItems": {
"AccountItem": {
"AccountName": "My MAV Account Name",
"TagsNames": {
"string": [
"MyAccountLevelTag1",
"MyAccountLevelTag2"
]
}
}
}
}
}
Get Accounts By Group
The API method, “get_accounts_by_group”, is used to return a list of accounts based by a group ID.
The preferred HTTP method for this call is POST.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| group_id | string | required; ID of the group |
| use_account | string | required; friendly name of the account in the application |
| use_cc_account_id | string | required; account ID used in the application |
| use_aws_account_id | string | required; the 12-digit AWS account ID |
ENDPOINT URL:
https://api.cloudcheckr.com/api/account.[json|xml]/get accounts_by_group
JSON/XML CALL EXAMPLE:
curl --request POST \
-- 'https://api.cloudcheckr.com/api/account.[json|xml]/get_accounts_by_group?access_key=your_admin_access_key&use_cc_account_id=1234'\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
-- data '{
"(required)(admin-level)access_key": "someValHere",
"(required)group_id": "someValHere",
"use_account": "someValHere",
"use_cc_account_id": "someValHere",
"use_aws_account_id": "someValHere",
}
SUCCESSFUL JSON/XML RESPONSE:
{
"Code": 200,
"Message": "OK"
}
Get Accounts V2
The API method, “get_accounts_v2”, is used to return a complete list of all AWS accounts registered in CloudCheckr. This call will return an ID for each account that can be used for the parameter, “use_cc_account_id”, when making calls to the admin-level API. It will also include the AWS account ID.
This call can only be made using admin-level access keys.
The preferred HTTP method for this call is GET.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required, admin-level API key |
| use_account | string | required/optional; friendly name of the account in CloudCheckr; must be a payer account in CloudCheckr* |
| use_cc_account_id | string | required/optional; unique account ID used in CloudCheckr; must be a payer account in CloudCheckr* |
| use_aws_account_id | string | required/optional; the 12-digit AWS account ID; must be a payer account in CloudCheckr* |
One of the * parameters must be defined.
API CALL URL:
https://api.cloudcheckr.com/api/account.[json|xml]/get_accounts_v2?access_key=[access_key]
REQUEST EXAMPLE:
curl -X GET \
-- https://api.cloudcheckr.com/api/account.[json|xml]/get_accounts_v2?access_key=your_admin_access_key'\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
RESPONSE EXAMPLE:
XML:
<GetAccountsResponse2 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<accounts_and_users>
<AccountAndUsernames>
<account_name>AWS Account1</account_name>
<cc_account_id>1</cc_account_id>
<aws_account_id>123456789012</aws_account_id>
<user_names>
<string>user@domain.com</string>
</user_names>
</AccountAndUsernames>
</accounts_and_users>
</GetAccountsResponse2>
JSON:
{
"accounts_and_users": [
{
"account_name": "AWS Account1",
"cc_account_id": "1",
"user_names":
"aws_account_id":"123456789012" [
"user@domain.com"
]
},
{
"accounts_and_users": [
{
"account_name": "AWS Account2",
"cc_account_id": "2",
"user_names":
"aws_account_id":"234567890123" [
"user@domain.com"
]
},
{
"accounts_and_users": [
{
"account_name": "AWS Account3",
"cc_account_id": "3",
"user_names":
"aws_account_id":"345678901234" [
"user@domain.com"
]
}
]
}
Get Accounts V4
The API method, “get_accounts_v4”, is used to return a complete list of all AWS and Azure accounts registered in CloudCheckr. This call will return an ID for each account that can be used for the parameter, “use_cc_account_id”, when making calls to the admin-level API. For AWS, it will include the AWS account ID and for Azure, it will include the Subscription ID.
This call can only be made using admin-level access keys.
The preferred HTTP method for this call is GET.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required, admin-level API key |
| use_account | string | required/optional; friendly name of the account in CloudCheckr; must be a payer account in CloudCheckr* |
| use_cc_account_id | string | required/optional; unique account ID used in CloudCheckr; must be a payer account in CloudCheckr* |
| use_aws_account_id | string | required/optional; the 12-digit AWS account ID; must be a payer account in CloudCheckr* |
One of the * parameters must be defined.
API CALL URL:
https://api.cloudcheckr.com/api/account.[json|xml]/get_accounts_v4?access_key=[access_key]
REQUEST EXAMPLE:
curl -X GET \
-- https://api.cloudcheckr.com/api/account.[json|xml]/get_accounts_v4?access_key=your_admin_access_key'\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
RESPONSE EXAMPLE:
XML:
<GetAccountsResponse4 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<accounts_and_users>
<AccountAndUsernames4>
<account_name>AWS Account Name</account_name>
<cc_account_id>1</cc_account_id>
<user_names>
<string>user@domain.com</string>
</user_names>
<aws_account_id>123456789012</aws_account_id>
<externalId>CC-99999999999999999999999999999999</externalId>
</AccountAndUsernames4>
<AccountAndUsernames4>
<account_name>Azure Subscription</account_name>
<cc_account_id>2</cc_account_id>
<user_names>
<string>user@domain.com</string>
</user_names>
<externalId>CC-88888888888888888888888888888888</externalId>
<azure_account_id>11111111-2222-3333-4444-555555555555</azure_account_id>
</AccountAndUsernames4>
</accounts_and_users>
</GetAccountsResponse4>
JSON:
{
"accounts_and_users": {
"accounts_and_users": [
{
"azure_account_id": null,
"externalId": "CC-99999999999999999999999999999999",
"aws_account_id": "123456789012",
"account_name": "AWS Account Name",
"cc_account_id": "1",
"user_names": [
"user@domain.com"
]
},
{
"azure_account_id": "11111111-2222-3333-4444-555555555555",
"externalId": "CC-88888888888888888888888888888888",
"aws_account_id": null,
"account_name": "Azure Subscription",
"cc_account_id": "2",
"user_names": [
"user@domain.com"
]
}
]
}
Get External ID
The API method, “get_external_id”, is used to retrieve external IDs if you require an external ID to be associated with a specific CloudCheckr account.
The preferred HTTP method for this call is GET.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| use_account | string | required/optional; friendly name of the account in CloudCheckr |
API CALL URL:
https://api.cloudcheckr.com/api/account.[json|xml]/get_external_id?access_key=00000&use_account=CloudCheckrDev'
REQUEST EXAMPLE:
curl -X GET \
-- https://api.cloudcheckr.com/api/account.[json|xml]/get_external_id?access_key=00000&use_account=CloudCheckrDev'
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
RESPONSE EXAMPLE:
XML:
<GetExternalIdResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance>
<ExternalIds>
<cc_external_id>CC-8B02A95B24EAA7179E8118C1216A9BFA</cc_external_id>
<role_account_id>352813966189</role_account_id>
<cc_account_name>CloudCheckrDev</cc_account_name>
</ExternalIds>
</GetExternalIdResponse>
JSON:
{
"ExternalIds":[
{
"cc_external_id":"CC-8B02A95B24EAA7179E8118C1216A9BFA",
"role_account_id":"352813966189",
"cc_account_name":"CloudCheckrDev"
}
]
}
Get Group
The API method, “get_group”, is used to retrieve a group.
The preferred HTTP method for this call is POST.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| group_id | string | required; ID of the group |
| use_account | string | required; friendly name of the account in the application |
| use_cc_account_id | string | required; account ID used in the application |
| use_aws_account_id | string | required; the 12-digit AWS account ID |
ENDPOINT URL:
https://api.cloudcheckr.com/api/account.[json|xml]/get_group
JSON/XML CALL EXAMPLE:
curl --request POST \
-- 'https://api.cloudcheckr.com/api/account.[json|xml]/get_group?access_key=your_admin_access_key&use_cc_account_id=1234'\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
-- data '{
"(required)(admin-level)access_key": "someValHere",
"(required)group_id": "someValHere",
"use_account": "someValHere",
"use_cc_account_id": "someValHere",
"use_aws_account_id": "someValHere",
}
SUCCESSFUL JSON/XML RESPONSE:
{
"Code": 200,
"Message": "OK"
}
Get Groups
The API method, “get_groups”, is used to return the groups.
The preferred HTTP method for this call is GET.
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| string | required; optional; email address associated with the group | |
| user_id | string | optional; user ID associated with the group |
| use_account | string | required/optional; friendly name of the account in the application; ; must be a payer account in CloudCheckr* |
| use_cc_account_id | string | required/optional; unique account ID used in the application; must be a payer account in CloudCheckr* |
| use_aws_account_id | string | required/optional; the 12-digit AWS account ID; must be a payer account in CloudCheckr* |
One of the * parameters must be defined.
API CALL URL:
https://api.cloudcheckr.com/api/account.[json|xml]/get_groups?access_key=your_admin_access_key
REQUEST EXAMPLE:
curl -X GET \
-- https://api.cloudcheckr.com/api/account.[json|xml]/get_groups?access_key=your_admin_access_key&use_cc_account_id=1234\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
RESPONSE EXAMPLE:
XML:
<GetGroupsResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance>
<GroupNames>
<GroupName>g2</GroupName>
<GroupName>g3</GroupName>
</GroupNames>
</GetGroupsResponse>
JSON:
{
"GroupNames": [
"g2",
"g3"
]
}
Get Groups V2
The API method, “get_groups_v2”, is used to return the groups.
The preferred HTTP method for this call is POST.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| string | required; email address of a user | |
| user_id | string | required; ID of a user |
| use_account | string | required; friendly name of the account in the application |
| use_cc_account_id | string | required; account ID used in the application |
| use_aws_account_id | string | required; the 12-digit AWS account ID |
ENDPOINT URL:
https://api.cloudcheckr.com/api/account.[json|xml]/get_groups_v2
JSON/XML CALL EXAMPLE:
curl --request POST\
-- 'https://api.cloudcheckr.com/api/account.[json|xml]/get_groups_v2?access_key=your_admin_access_key&use_cc_account_id=1234'\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
-- data '{
"(required)(admin level)access_key": "someValHere",
"email": "someValHere",
"user_id": "someValHere",
"use_account": "someValHere",
"use_cc_account_id": "someValHere",
"use_aws_account_id": "someValHere",
}
SUCCESSFUL JSON/XML RESPONSE:
{
"Code": 200,
"Message": "OK"
}
Get User
The API method, “get_user”, is used to return a user.
The preferred HTTP method for this call is POST.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| user_id | string | required; ID of the user |
| use_account | string | required; friendly name of the account in the application |
| use_cc_account_id | string | required; account ID used in the application |
| use_aws_account_id | string | required; the 12-digit AWS account ID |
ENDPOINT URL:
https://api.cloudcheckr.com/api/account.[json|xml]/get_user
JSON/XML CALL EXAMPLE:
curl --request POST \
-- 'https://api.cloudcheckr.com/api/account.[json|xml]/get_user?access_key=your_admin_access_key&use_cc_account_id=1234'\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
-- data '{
"(required)(admin-level)access_key": "someValHere",
"(required)user_id": "someValHere",
"use_account": "someValHere",
"use_cc_account_id": "someValHere",
"use_aws_account_id": "someValHere",
}
SUCCESSFUL JSON/XML RESPONSE:
{
"Code": 200,
"Message": "OK"
}
Get Users
The API method, “get_users”, is used to return a list of users.
The preferred HTTP method for this call is GET.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| use_account | string | required/optional; friendly name of the account in CloudCheckr; must be a payer account in CloudCheckr* |
| use_cc_account_id | string | required/optional; unique account ID used in CloudCheckr; must be a payer account in CloudCheckr* |
| use_aws_account_id | string | required/optional: the 12-digit AWS account ID; must be a payer account in CloudCheckr* |
One of the * parameters must be defined.
API CALL URL:
https://api.cloudcheckr.com/api/account.[json|xml]/get_users?access_key=your_admin_access_key
REQUEST EXAMPLE:
curl -X GET \
-- https://api.cloudcheckr.com/api/account.[json|xml]/get_users?access_key=your_admin_access_key&use_cc_account_id=1234\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
RESPONSE EXAMPLE:
XML:
<GetUsersResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance>
<users_and_accounts>
<user>
<username>newuser1.lastname@cloudcheckr.com</username>
<account_names>AWS Main,VMware Local,VMware Remote,test,Azure Main,api added aws account</account_names>
</user>
<user>
<username>newuser2.lastname@cloudcheckr.com</username>
<account_names>AWS Main,VMware Local,VMware Remote,test,Azure Main,api added aws account</account_names>
</user>
<user>
<username>newuser3.lastname@cloudcheckr.com</username>
<account_names>AWS Main,VMware Local,VMware Remote,test,Azure Main,api added aws account</account_names>
</user>
</users_and_accounts>
</GetUsersResponse>
JSON:
{
"users_and_accounts": [
{
"username": "newuser1.lastname@cloudcheckr.com",
"account_names": [
"AWS Main",
"VMware Local",
"VMware Remote",
"test",
"Azure Main",
"api added aws account"
]
},
{
"username": "newuser2.lastname@cloudcheckr.com",
"account_names": [
"AWS Main",
"VMware Local",
"VMware Remote",
"test",
"Azure Main",
"api added aws account"
]
},
{
"username": "newuser3.lastname@cloudcheckr.com",
"account_names": [
"AWS Main",
"VMware Local",
"VMware Remote",
"test",
"Azure Main",
"api added aws account"
]
}
]
}
Get Users By Group
The API method, “get_users_by_group”, is used to return a list of users by group.
The preferred HTTP method for this call is POST.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| group_id | string | required; ID of the group |
| use_account | string | required/optional; friendly name of the account in CloudCheckr; must be a payer account in CloudCheckr* |
| use_cc_account_id | string | required/optional; unique account ID used in CloudCheckr; must be a payer account in CloudCheckr* |
| use_aws_account_id | string | required/optional; the 12-digit AWS account ID; must be a payer account in CloudCheckr* |
One of the * parameters must be defined.
API CALL URL:
https://api.cloudcheckr.com/api/account.[json|xml]/get_users_by_group?access_key=your_admin_access_key&use_account=AWS Main&group_id=315ED648-DA56-4713-98DB-7D0A434A31F9
REQUEST EXAMPLE:
curl -X GET \
-- https://api.cloudcheckr.com/api/account.[json|xml]/get_users_by_group?access_key=your_admin_access_key&use_account=AWS Main&group_id=315ED648-DA56-4713-98DB-7D0A434A31F9
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
RESPONSE EXAMPLE:
XML:
<GetUsersByGroupResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<UsersByGroup>
<user>
<group_id>eaa0e024-c166-4552-84cc-1d1350c5640c</group_id>
<email>newuser1.lastname@cloudcheckr.com</email>
</user>
<user>
<group_id>5820046e-0597-4425-bb39-46ae1c6ecb8d</group_id>
<email>usernewtest@cloudcheckr.com</email>
</user>
</UsersByGroup>
</GetUsersByGroupResponse>
JSON:
{
"Users": [
{
"Id": "eaa0e024-c166-4552-84cc-1d1350c5640c",
"Email": "newuser1.lastname@cloudcheckr.com"
},
{
"Id": "5820046e-0597-4425-bb39-46ae1c6ecb8d",
"Email": "usernewtest@cloudcheckr.com"
}
]
}
Get Users V2
The API method “get_users_v2” is used to return a complete list of all CloudCheckr users, their created and last login dates, and details regarding the accounts they can access.
IMPORTANT: This call can only be made using Admin-Level Access Keys.
The preferred HTTP method for this call is GET.
XML call:
https://api.cloudcheckr.com/api/account.xml/get_users_v2?access_key=[access_key]
JSON call:
https://api.cloudcheckr.com/api/account.json/get_users_v2?access_key=[access_key]
INPUT PARAMETERS
This call accepts these parameters:
- access_key (required) – Admin-Level Access Key is required for this call.
- email – Allows filtering to user email. Will return all users if parameter not present.
OUTPUT
XML Example:
<GetUsersResponseV2 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<user_permissions>
<UserPermission>
<email>testemail@cloudcheckr.com</email>
<created>7/13/2016 6:38:05 PM</created>
<last_login>7/14/2016 7:34:53 PM</last_login>
<role>BasicUser</role>
<logon_rules>
<LogOnRule>
<rule>forms</rule>
<is_granted>yes</is_granted>
</LogOnRule>
<LogOnRule>
<rule>sso</rule>
<is_granted>no</is_granted>
</LogOnRule>
<LogOnRule>
<rule>ldap</rule>
<is_granted>yes</is_granted>
</LogOnRule>
</logon_rules>
<account_permissions>
<AccountPermission>
<account>My_Sample_Account1</account>
<permissions>
<PermissionItem>
<permission_name>cost_report</permission_name>
<is_granted>no</is_granted>
</PermissionItem>
<PermissionItem>
<permission_name>blended_cost</permission_name>
<is_granted>no</is_granted>
</PermissionItem>
<PermissionItem>
<permission_name>credits</permission_name>
<is_granted>no</is_granted>
</PermissionItem>
<PermissionItem>
<permission_name>resource_utilization_reports</permission_name>
<is_granted>no</is_granted>
</PermissionItem>
<PermissionItem>
<permission_name>trending_reports</permission_name>
<is_granted>no</is_granted>
</PermissionItem>
<PermissionItem>
<permission_name>change_monitoring</permission_name>
<is_granted>no</is_granted>
</PermissionItem>
<PermissionItem>
<permission_name>best_practices</permission_name>
<is_granted>no</is_granted>
</PermissionItem>
<PermissionItem>
<permission_name>unblended_cost</permission_name>
<is_granted>no</is_granted>
</PermissionItem>
<PermissionItem>
<permission_name>list_cost</permission_name>
<is_granted>no</is_granted>
</PermissionItem>
<PermissionItem>
<permission_name>edit_emails</permission_name>
<is_granted>no</is_granted>
</PermissionItem>
<PermissionItem>
<permission_name>automation</permission_name>
<is_granted>no</is_granted>
</PermissionItem>
<PermissionItem>
<permission_name>alert_reports</permission_name>
<is_granted>yes</is_granted>
</PermissionItem>
<PermissionItem>
<permission_name>security_reports</permission_name>
<is_granted>no</is_granted>
</PermissionItem>
<PermissionItem>
<permission_name>inventory_reports</permission_name>
<is_granted>no</is_granted>
</PermissionItem>
<PermissionItem>
<permission_name>savings_reports</permission_name>
<is_granted>no</is_granted>
</PermissionItem>
<PermissionItem>
<permission_name>account_notification</permission_name>
<is_granted>no</is_granted>
</PermissionItem>
<PermissionItem>
<permission_name>partner_tools</permission_name>
<is_granted>no</is_granted>
</PermissionItem>
<PermissionItem>
<permission_name>edit_partner_tools</permission_name>
<is_granted>no</is_granted>
</PermissionItem>
</permissions>
</AccountPermission>
</account_permissions>
</UserPermission>
<user_permissions>
<GetUsersResponseV2>
JSON Example:
{
"GetUsersResponseV2": {
"user_permissions": {
"UserPermission": {
"email": "testemail@cloudcheckr.com",
"created": "7/13/2016 6:38:05 PM",
"last_login": "7/14/2016 7:34:53 PM",
"role": "BasicUser",
"logon_rules": {
"LogOnRule": [
{
"rule": "forms",
"is_granted": "yes"
},
{
"rule": "sso",
"is_granted": "no"
},
{
"rule": "ldap",
"is_granted": "yes"
}
]
},
"account_permissions": {
"AccountPermission": {
"account": "My_Sample_Account1",
"permissions": {
"PermissionItem": [
{
"permission_name": "cost_report",
"is_granted": "no"
},
{
"permission_name": "blended_cost",
"is_granted": "no"
},
{
"permission_name": "credits",
"is_granted": "no"
},
{
"permission_name": "resource_utilization_reports",
"is_granted": "no"
},
{
"permission_name": "trending_reports",
"is_granted": "no"
},
{
"permission_name": "change_monitoring",
"is_granted": "no"
},
{
"permission_name": "best_practices",
"is_granted": "no"
},
{
"permission_name": "unblended_cost",
"is_granted": "no"
},
{
"permission_name": "list_cost",
"is_granted": "no"
},
{
"permission_name": "edit_emails",
"is_granted": "no"
},
{
"permission_name": "automation",
"is_granted": "no"
},
{
"permission_name": "alert_reports",
"is_granted": "yes"
},
{
"permission_name": "security_reports",
"is_granted": "no"
},
{
"permission_name": "inventory_reports",
"is_granted": "no"
},
{
"permission_name": "savings_reports",
"is_granted": "no"
},
{
"permission_name": "account_notification",
"is_granted": "no"
},
{
"permission_name": "partner_tools",
"is_granted": "no"
},
{
"permission_name": "edit_partner_tools",
"is_granted": "no"
}
]
}
}
}
}
}
}
}
Grant Account
The API method “grant_account” is used to grant access to a CloudCheckr user to see a specific AWS account that has been registered in CloudCheckr.
IMPORTANT: This call can only be made using Admin-Level Access Keys.
The preferred HTTP method for this call is POST.
XML call:
https://api.cloudcheckr.com/api/account.xml/grant_account?access_key=[access_key]&email=[email address]&use_account=[account_name]
JSON call:
https://api.cloudcheckr.com/api/account.json/grant_account?access_key=[access_key]&email=[email address]&use_account=[account_name]
INPUT PARAMETERS
This call accepts these parameters. The user will only be granted permissions to the parameters entered unless the all_access parameter is used. If the all_access parameter is used, no further parameters need to be specified as the account will be granted access to all reports available within the account.
- access_key (required) – Admin-Level Access Key is required for this call.
- email (required) – the email address of the CloudCheckr user.
- use_account (required) – the name of the CloudCheckr account the user can access. If adding multiple account names, use just “accounts” with account names separated by commas.
- all_access (optional) – if this set to true, the user will have access to all reports within the account. If this is set to true, none of the other parameters listed below are required. Accepts “yes”, “1”, “y”.
- cost_report (optional) – whether the user can access the cost reports within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
- blended_cost (optional) – whether the user can view blended costs within the cost reports. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
- unblended_cost (optional) – whether the user can view unblended costs within the cost reports. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
- list_cost (optional) – whether the user can view list costs within the cost reports. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
- resource_utilization_reports (optional) – whether the user can access the resource utilization reports within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
- trending_reports (optional) – whether the user can access the trending reports within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
- change_monitoring (optional) – whether the user can access the change monitoring report within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
- best_practices (optional) – whether the user can access the best practice report within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
OUTPUT
XML & JSON Example:
{
"Code":200,
"Message":"OK"
}
Remove User
The API method, “remove_user”, is used to delete a CloudCheckr user.
IMPORTANT: This call can only be made using Admin-Level Access Keys.
The preferred HTTP method for this call is POST.
XML call:
https://api.cloudcheckr.com/api/account.xml/remove_user?access_key=[access_key]&email=[email address]
JSON call:
https://api.cloudcheckr.com/api/account.json/remove_user?access_key=[access_key]&email=[email address]
INPUT PARAMETERS
This call accepts these parameters:
- access_key (required) – Admin-Level Access Key is required for this call.
- email (required) – the email address of the new user.
OUTPUT
XML & JSON Example:
{
"Code":200,
"Message":"OK"
}
Remove Users From Group
The API method, “remove_users_from_group”, is used to remove users from a group.
The preferred HTTP method for this call is POST.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| group_id | string | required; group ID |
| user_ids | list <string> | required; user IDs |
| use_account | string | required; friendly name of the account in the application; must be a payer account in CloudCheckr* |
| use_cc_account_id | string | required; account ID used in the application; must be a payer account in CloudCheckr* |
| use_aws_account_id | string | required; the 12-digit AWS account ID; must be a payer account in CloudCheckr* |
One of the * parameters must be defined.
API CALL URL:
https://api.cloudcheckr.com/api/account.[json|xml]/remove_users_from_group?access_key=your_admin_access_key
REQUEST EXAMPLE:
curl -X POST \
-- https://api.cloudcheckr.com/api/account.[json|xml]/remove_users_from_group?access_key=your_admin_access_key&use_cc_account_id=1234\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
-- data '{
"group_id": "53CFAD80-D351-4144-8920-32170A6F4A0",
"user_ids": ["8B65E388-8A0B-4B5A-A12B-8B0325D0ABF4", "683C1113-1FF0-4F8B-AA3D-9288D2ED615A,"]
}
RESPONSE EXAMPLE:
XML:
<RemoveUsersFromGroupResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<Status>
<Code>200</Code>
<Message>OK</Message>
</Status>
</RemoveUsersFromGroupResponse>
JSON:
{
"Code": 200,
"Message": "OK"
}
Revoke Account
The API method “revoke_account” is used to revoke access from a CloudCheckr user to see a specific AWS account that has been registered in CloudCheckr.
IMPORTANT: This call can only be made using Admin-Level Access Keys.
The preferred HTTP method for this call is POST.
XML call:
https://api.cloudcheckr.com/api/account.xml/revoke_account?access_key=[access_key]&email=[email address]&use_account=[account_name1]
JSON call:
https://api.cloudcheckr.com/api/account.json/revoke_account?access_key=[access_key]&email=[email address]&use_account=[account_name1]
INPUT PARAMETERS
This call accepts these parameters:
- access_key (required) – Admin-Level Access Key is required for this call.
- email (required) – the email address of the CloudCheckr user.
- use_account (required) – the name of the CloudCheckr account the user will no longer be able to access. If revoking access to multiple accounts, use just “accounts” with account names separated by commas.
- use_cc_account_id (required — either this field or ‘use_account’) – The CloudCheckr ID number for the AWS account within the application.
OUTPUT
XML & JSON Example:
{
"Code":200,
"Message":"OK"
}
Tag Account
The API method “tag_account” is used to apply a tag to an account, which can then be used to build Multi-Account Views.
The preferred HTTP method for this call is POST.
XML call:
https://api.cloudcheckr.com/api/account.xml/tag_account?access_key=[access_key]&account_name=MyAccountName&account_tag=MyTag
JSON call:
https://api.cloudcheckr.com/api/account.json/tag_account?access_key=[access_key]&account_name=MyAccountName&account_tag=MyTag
INPUT PARAMETERS
This call accepts these parameters:
- access_key (required) – standard Access Key required for all API calls.
- account_name (required) – name of the account the tag will be applied to.
- account_tag (required) – name of the tag that will be added to the account.
OUTPUT
XML & JSON Example:
{
"Code":200,
"Message":"OK"
}
Untag Account
The API method, “untag_account”, is used to remove an account-level tag from an account. As a result, the selected account will no longer be included in any Multi-Account Views (MAVs) reports that use this account-level tag.
The preferred HTTP method for this call is POST.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| account_name | string | required; name of the account where you want to remove the account-level tag |
| account_tag | string | required; name of the account-level tag that you want to untag in the selected account |
ENDPOINT URL:
https://api.cloudcheckr.com/api/account.[json|xml]/untag_account
JSON/XML CALL EXAMPLE:
curl --request POST \
-- 'https://api.cloudcheckr.com/api/account.[json|xml]/untag_account?access_key=[access key]
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
-- data '{
'account_name': 'my account name',
'account_tag': 'my account tag'
}
SUCCESSFUL JSON/XML RESPONSE:
{
"Code": 200,
"Message": "OK"
}
Ignore Best Practice
The API method, “ignore_best_practice”, is used to add or remove an ignore from a best practice check with an optional ignore reason and expiration date.
To ignore a best practice check, go to the left navigation pane, choose Best Practices, click the Security tab, select a best practice, and click Ignore Check.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| bpc_id | string | required; unique ID for selected security best practice |
| ignored_reason | string | optional; explanation for why best practice should be ignored |
| unignore | string | optional; enter a value of true to remove the ignore best practice check configuration |
| expire_date | string | optional; select the date on which the Ignore Best Practice check configuration will be removed |
| use_acount | string | optional; provide the account where the Ignore Best Practice check will be applied |
| use_cc_acount_id | string | optional; provide the account id of the account where the Ignore Best Practice check will be applied |
| use_cloud_acount_id | string | optional; provide the cloud account id of the account where the Ignore Best Practice check will be applied |
ENDOINT URL:
https://api.cloudcheckr.com/api/best_practice.[json|xml]/ignore_best_practice
JSON/XML CALL EXAMPLE :
curl --request POST \
-- 'https://api.cloudcheckr.com/api/best_practice.[json|xml]/ignore_best_practice?access_key=18V9B1760170426TKNL01W5R526CG079YH3O9YT8L0A5PNIXU6S84WC0GEX9AS23&bpc_id=BPC_ID'
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
-- data '{
"ignored_reason": "IGNORED_REASON",
"unignore": "TRUE",
"expire_date": "EXPIRE_DATE",
"use_account": "USE_ACCOUNT",
"use_cc_account_id": "USE_CC_ACCOUNT_ID",
"use_cloud_account_id": "USE_CLOUD_ACCOUNT_ID"
}
SUCCESSFUL JSON/XML RESPONSE:
{
"Code": 200,
"Message": "Ignore Successful"
}
Add Custom Billing Charge - Fixed
The API method, “add_custom_billing_charge_fixed”, is used to add a custom billing charge that applies a fixed charge or credit.
To add a fixed charge or credit, go to the left navigation pane, choose Cost > AWS Partner Tools > Configure > Custom Billing Charges, click New Custom Charge, and select Add a fixed charge or credit.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| startDate | DateTime | required; start date for the custom billing charge |
| endDate | DateTime | required/optional; end date for the custom billing charge; custom billing charges with no end date will apply until the end of time |
| amount | decimal | required; sets the fixed charge (positive value) or credit (negative value) dollar amount |
| oneTime | string | *required/optional; applies the fixed charge or credit as a one-time occurence to the custom billing charge |
| monthlyRecurring | string | *required/optional; applies the fixed credit or charge as a monthly recurring amount to the custom billing charge |
| description | string | required; human-friendly description of the custom billing charge |
| accounts | List<string> | optional; comma-separated list of accounts where the custom billing charge can be applied; defaults to all accounts |
| accountsInvert | boolean | optional; applies the NOT logical operator to selected accounts in the previous parameter; defaults to false |
| use_account | string | **optional/required; friendly name of the account in CloudCheckr where the custom billing charge can be applied (must be payer account!) |
| use_cc_account_id | string | **optional/required; account ID of the account in CloudCheckr where the custom billing charge can be applied (must be a payer account!) |
| use_aws_account_id | string | **optional/required; the 12-digit AWS account ID where the custom billing charge can be applied (must be payer account) |
* = one of these parameters must be defined
** = one of these parameters must be defined
The end date is only required if you select the Monthly recurring option.
ENDPOINT URL:
https://api.cloudcheckr.com/api/billing.[json|xml]/add_custom_billing_charge_fixed
JSON/XML CALL EXAMPLE:
curl --request POST \
'https://api.cloudcheckr.com/api/billing.[json|xml]/add_custom_billing_charge_fixed?access_key=your_admin_access_key&use_cc_account_id=1234' \
--header 'cache-control: no-cache' \
--header 'content-type: application/[json|xml]' \
--data '{
"startDate": "1970-01-01",
"endDate": "2063-04-05",
"description": "example custom billing charge",
"amount": "dollar amount",
"oneTime": "true or false",
"monthlyRecurring": "true or false",
"accounts": ["215011050627,245990094719"],
"accountInvert": "true"
}
SUCCESSFUL JSON/XML RESPONSE:
{
"Code": 200,
"Message": "OK"
}
Add Custom Billing Charge - Monthly Percent
The API method, “add_custom_billing_charge_monthly_percent”, is used to add a custom billing charge that applies a monthly percent discount or premium.
To add a custom monthly precent discount or premium, go to the left navigation pane, choose Cost > AWS Partner Tools > Configure > Custom Billing Charges, click New Custom Charge, and select Add a monthly percent charge or credit.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| description | string | required; human-friendly description of the custom billing charge |
| percentageValue | decimal | required; sets the charge (positive value) or credit (negative value) percentage |
| minimumCharge | decimal | optional; applies a minimum charge/credit threshold to the custom billing charge |
| maximumCharge | decimal | optional; applies a maximum charge/credit threshold to the custom billing charge |
| tiers | List<Tier> | optional; applies the custom billing charge to a monetary tier range |
| applyPercentageTo | CostBasline | required; indicates the cost type that the custom billing charge will apply to |
| stack | boolean | optional; enables custom stack ordering; defaults to false |
| stackOrder | integer | optional; sets stack order if previous parameter is true |
| accounts | List<string> | optional; comma-separated list of accounts where the custom billing charge can be applied; defaults to all accounts |
| accountsInvert | boolean | optional; applies the NOT logical operator to selected accounts in the previous parameter; defaults to false |
| region | List<string> | optional; comma-separated list of region(s) where the custom billing charge can be applied; defaults to all; accepts region id’s as valid values |
| regionInvert | boolean | optional; applies the NOT logical operator to selected regions in the previous parameter; defaults to false |
| awsService | List<string> | optional; comma-separated list of AWS services where the custom billing charge can be applied; defaults to all |
| awsServiceInvert | boolean | optional; applies the NOT logical operator to selected AWS services in the previous parameter; defaults to false |
| operation | List<string> | optional; comma-separated list of AWS operations where the custom billing charge can be applied; defaults to all |
| operationInvert | boolean | optional; applies the NOT logical operator to selected AWS operations in the previous parameter; defaults to false |
| usageType | List<string> | optional; comma-separated list of AWS usage types where the custom billing charge can be applied; defaults to all |
| usageTypeInvert | boolean | optional; applies the NOT logical operator to selected AWS usage types in the previous parameter; defaults to false |
| tag | List<string> | optional; comma-separated list of tag key/value pairs where the custom billing charge can be applied; defaults to all |
| tagInvert | boolean | optional; applies the NOT logical operator to selected tag key/value pairs in the previous parameter; defaults to false |
| startDate | DateTime | required; start date for the custom billing charge |
| endDate | DateTime | optional; end date for the custom billing charge; custom billing charges with no end date will apply until the end of time |
| use_account | string | *optional/required; friendly name of the account in CloudCheckr where the custom billing charge is applied (must be payer account!) |
| use_cc_account_id | string | *optional/required; account ID of the account in CloudCheckr where the custom billing charge is applied (must be a payer account) |
| use_aws_account_id | string | *optional/required; the 12-digit AWS account ID where the custom billing charge is applied (must be payer account) |
* = one of these parameters must be defined
ENDPOINT URL:
https://api.cloudcheckr.com/api/billing.[json|xml]/add_custom_billing_charge_monthly_percent
JSON/XML CALL EXAMPLE:
curl --request POST \
'https://api.cloudcheckr.com/api/billing.[json|xml]/add_custom_billing_charge_monthly_percent?access_key=your_admin_access_key&use_cc_account_id=1234' \
--header 'cache-control: no-cache' \
--header 'content-type: application/[json|xml]' \
--data '{
"description": "example custom billing charge",
"percentageValue": 10.5,
"minimumCharge": 5000, "maximumCharge": 10000,
"stack": "true", "stackOrder": 1,
"tiers": [{
"From": 0,
"To": 1000,
"Charge": 25
},
{
"From": 1001,
"To": 2000,
"Charge": -10
}],
"costBaseline": "ListCost",
"accounts": ["215011050627,245990094719"],
"region": ["1","2"], "RegionInvert": "true",
"operation": ["AbortMultipartUpload","AssociateAddress"],
"usageType": ["ActiveConfigRules","APN1-ActiveConfigRules"],
"tag": ["Customer | test123", "Customer | Testtag"],
"startDate": "1970-01-01", "endDate": "2063-04-05"
}
SUCCESSFUL JSON/XML RESPONSE:
{
"Code": 200,
"Message": "OK"
}
Add Custom Billing Charge - Percent All Charges
The API method, “add_custom_billing_charge_percent_all_charges”, is used to add a percent discount or premium for all charges.
To add this custom billing charge, go to the left navigation pane, choose Cost > AWS Partner Tools > Configure > Custom Billing Charges, click New Custom Charge, and select Add a percent discount or premium for all charges from the Custom Billing Charges page.
INPUT PARAMETERS:
| Parameter | Type | Description |
| Access_key | string | required; admin-level API key |
| Description | string | required; human-friendly description of the custom billing charge |
| PercentageValue | decimal | required; sets the discount (negative value) or premium (positive value) percentage |
| ApplyPercentageTo | CostBasline | required; indicates which cost type the custom billing charge will apply to |
| Account | List<string> | optional; comma-separated list of accounts where the custom billing charge can be applied; defaults to all accounts |
| Region | List<string> | optional; comma-separated list of region(s) where the custom billing charge can be applied; defaults to all; accepts region id’s as valid values |
| regionInvert | boolean | optional; applies the NOT logical operator to selected regions in the previous parameter; defaults to false |
| AWSService | List<string> | optional; comma-separated list of AWS services where the custom billing charge can be applied; defaults to all |
| AWSServiceInvert | boolean | optional; applies the NOT logical operator to selected AWS services in the previous parameter; defaults to false |
| Operation | List<string> | optional; comma-separated list of AWS operations where the custom billing charge can be applied; defaults to all |
| operationInvert | boolean | optional; applies the NOT logical operator to selected operations in the previous parameter; defaults to false |
| UsageType | List<string> | optional; comma-separated list of AWS usage types where the custom billing charge can be applied; defaults to all |
| UsageTypeInvert | boolean | optional; applies the NOT logical operator to selected usage types in the previous parameter; defaults to false |
| Tag | List<string> | optional; comma-separated list of tag key/value pairs where the custom billing charge can be applied; defaults to all |
| TagInvert | boolean | optional; applies the NOT logical operator to selected tags in the previous parameter; defaults to false |
| StartDate | DateTime | required; start date for the custom billing charge |
| EndDate | DateTime | optional; end date for the custom billing charge |
| use_account | string | *optional/required; friendly name of the account in CloudCheckr where the custom billing charge is applied (must be payer account!) |
| use_cc_account_id | string | *optional/required; account ID of the account in CloudCheckr where the custom billing charge is applied (must be a payer account) |
| use_aws_account_id | string | *optional/required; the 12-digit AWS account ID where the custom billing charge is applied (must be payer account) |
* = one of these parameters must be defined
ENDPOINT URL:
https://api.cloudcheckr.com/api/billing.[json|xml]/add_custom_billing_charge_percent_all_charges
JSON/XML CALL EXAMPLE:
curl-- request POST \
'https://api.cloudcheckr.com/api/billing.[json|xml]/add_custom_billing_charge_percent_all_charges?use_cc_account_id=7&access_key=your_admin_access_key' \
--header 'cache-control: no-cache'\
--header 'content-type: application/[json|xml]'\
--data '{
"Description": "TEST DESCRIPTION",
"ApplyPercentTo": "ListCost",
"PercentageValue": 5,
"StartDate": "2013-01-01",
"EndDate": "2014-01-01",
"Account": ["103237659442","949195593353","443094636793"],
"Region": ["16","4","2"],
"UsageType": [""CAN1-EUC1-AWS-Out-Bytes","HeavyUsage:m4.large","UGW1-TimedStorage-RRS-ByteHrs"],
"Operation": ["SetQueueAttributes","RunInstances:0002:SV012","PutObject"],
"AWSService":["AmazonSimpleDB","AmazonEC2","AmazonSQS"],
"Tag": ["Name | WebTemplateNew","aws:cloudformation:stack-id | arn:aws:cloudformation:us-west-2:949195593353:stack\/awseb-e-4uypmi4ubg-stack\/f2837e90-8b2a-11e6-8349-50a686fc37d2","Name | DevServer"],
}
SUCCESSFUL JSON/XML RESPONSE:
{
"Id": 460,
"Code": 200,
"Message": "OK"
}
Add Undiscovered AWS Account ID
The API method, “add_undiscovered_aws_account_id”, allows Partner System Admin customers to set up an account family, without creating a new CloudCheckr project, before an account is available in the Detailed Billing Report (DBR).
This newly added account ID can be used in account families, custom charges, and in any place where a normal AWS account ID is used. Accounts added this way also function normally for current endpoints, so endpoints like modify_account_family can use this account as a parameter.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| add_aws_account_id | string | required; the 12-digit AWS account ID of the undiscovered AWS account |
| use_account | string | *optional/required; friendly name of the account in CloudCheckr |
| use_cc_account_id | string | *optional/required; the CloudCheckr ID of the account |
| use_aws_account_id | string | *optional/required; the 12-digit AWS account ID |
* = you must define at least one of these parameters
ENDPOINT URL:
https://api.cloudcheckr.com/api/billing.[json|xml]/add_undiscovered_aws_account_id
JSON/XML CALL EXAMPLE:
curl --request POST \
'https://api.cloudcheckr.com/api/billing.[json|xml]/add_undiscovered_aws_account_id?access_key={YOUR ACCESS KEY}'&use_cc_account_id={YOUR CC ACCOUNT ID}
--header 'cache-control: no-cache' \
--header 'content-type: application/[json|xml]' \
--data '{
"add_aws_account_id": "AWS_ACCOUNT_ID",
}
SUCCESSFUL JSON/XML RESPONSE:
{
"Code": 200,
"Message": "Account with AwsId {request_Id} added."
}
Create Account Family
The API method, “create_account_family”, is used to create a new account family in a payer account.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key (required) | string | required; admin-level access key required for all API calls |
| name (required) | string | required; name for the new account family |
| accounts (required) | string | required; comma-separated list of AWS account IDs to link to the account family |
| string | optional; email address associated with the account family | |
| invoice_id | string | optional; custom invoice ID displayed on an invoice |
| address | string | optional; mailing address associated with the account family |
| additional_info | string | optional; text in the Additional Info text box |
| recalculate_support_charges | string | optional; indicates status of recalculation of AWS Support charges. Accepts “yes”, “1”, “y”, “no, “0”, or “n”. |
| support_charge_apply_by_account | string | optional; indicates if customer will apply support charges by account. Accepts “yes”, “1”, “y”, “no, “0”, or “n”. |
| suppress_support_charges | string | optional; indicates if customer will supress support charges. Accepts “yes”, “1”, “y”, “no, “0”, or “n”. |
| do_not_enforce_minimum_charge | string | optional; indicates if customer will ignore the $100 minimum AWS support charges. Accepts “yes”, “1”, “y”, “no, “0”, or “n”. |
| support_charge_broken_out | string | optional; indicates if payee support charges will be displayed by account within account families. Accepts “yes”, “1”, “y”, “no, “0”, or “n”. |
| create_mav_for_family | string | optional; create or delete a MAV based on this account family. Accepts “yes”, “1”, “y”, “no, “0”, or “n”. |
| project_code | string | optional; a customer’s internal project code |
| payment_term | integer | optional; payment terms for the account family used to populate a due date when creating invoices
This field requires two numeric values or may be left blank.
|
| use_account | string | *required/optional; friendly name of the account in the application |
| use_cc_account_id | string | *required/optional; account ID used in the application |
| use_aws_account_id | string | *required/optional; the 12-digit AWS account ID |
* = one of these parameters must be defined
ENDPOINT URL:
https://api.cloudcheckr.com/api/billing.[json|xml]/create_account_family?access_key=[admin_access_key]&use_cc_account_id=1234
JSON/XML CALL EXAMPLE:
curl --request POST \
-- 'https://api.cloudcheckr.com/api/billing.[json|xml]/create_account_family?access_key=[admin_access_key]&use_cc_account_id=1234'\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
-- data '{
"(required) admin-level access_key": "someValHere",
"(required) name": "someValHere",
"(required) accounts": "someValHere",
"email": "someValHere",
"invoice_id": "someValHere",
"address": "someValHere",
"additional_info": "someValHere",
"recalculate_support_charges": "someValHere",
"support_charge_apply_by_account": "someValHere",
"suppress_support_charges": "someValHere",
"do_not_enforce_minimum_charge": "someValHere",
"support_charge_broken_out": "someValHere",
"create_mav_for_family": "someValHere",
"project_code": "someValHere",
"payment_term": "someValHere
}
SUCCESSFUL JSON/XML RESPONSE:
{
"Code":200,
"Message":"OK"
}
Custom Billing Charge
The API method, “custom_billing_charge”, is used to delete an existing custom billing charge.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| Id | string | required; custom billing charge Id |
| use_account | string | *optional/required; friendly name of the account in CloudCheckr where the custom billing charge can be applied (must be payer account!) |
| use_cc_account_id | string | *optional/required; account ID of the account in CloudCheckr where the custom billing charge can be applied (must be a payer account!) |
| use_aws_account_id | string | *optional/required; the 12-digit AWS account ID where the custom billing charge can be applied (must be payer account) |
*= one of these parameters must be defined
ENDPOINT URL:
https://api.cloudcheckr.com/api/billing.[json|xml]/custom_billing_charge
JSON/XML EXAMPLE:
curl -- request DELETE \
'https://api.cloudcheckr.com/api/billing.[json|xml]/custom_billing_charge?access_key=access_key]&use_account=[CloudCheckr account name]' \
--header 'cache-control: no-cache'\
--header 'content-type: application/[json|xml]'\
--data '{
"Id": "custom billing charge Id",
}'
SUCCESSFUL JSON/XML RESPONSE:
{
"Code":200,
"Message":"OK"
}
Delete Account Family
The API method, “delete_account_family”, is used to delete an existing account family in a CloudCheckr payer account.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key (required) | string | required; admin-level access key required for all API calls |
| name (required) | string | required; name of the account family to be deleted |
| use_account | string | *required/optional; friendly name of the account in the application |
| use_cc_account_id | string | *required/optional; account ID used in the application |
| use_aws_account_id | string | *required/optional; the 12-digit AWS account ID |
* = one of these parameters must be defined
ENDPOINT URL:
https://api.cloudcheckr.com/api/billing.json/delete_account_family?access_key=[admin_access_key]&use_cc_account_id=1234
JSON/XML CALL EXAMPLE:
curl --request POST \
-- 'https://api.cloudcheckr.com/api/billing.[json|xml]delete_account_family?access_key=[admin_access_key]&use_cc_account_id=1234'\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
-- data '{
"(required) admin-level access_key": "someValHere",
"(required) name": "someValHere"
}
SUCCESSFUL JSON/XML RESPONSE:
{
"Code":200,
"Message":"OK"
}
Delete Custom Billing Charge
The API method, “delete_custom_billing_charge”, is used to delete an existing custom billing charge.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| Id | string | required; custom billing charge Id |
| use_account | string | *optional/required; friendly name of the account in CloudCheckr where the custom billing charge can be applied (must be payer account!) |
| use_cc_account_id | string | *optional/required; account ID of the account in CloudCheckr where the custom billing charge can be applied (must be a payer account!) |
| use_aws_account_id | string | *optional/required; the 12-digit AWS account ID where the custom billing charge can be applied (must be payer account) |
*= one of these parameters must be defined
ENDPOINT URL:
https://api.cloudcheckr.com/api/billing.[json|xml]/delete_custom_billing_charge
JSON/XML CALL EXAMPLE:
curl-- request POST \
'https://api.cloudcheckr.com/api/billing.[json|xml]/delete_custom_billing_charge?access_key=access_key]&use_account=[CloudCheckr account name]' \
--header 'cache-control: no-cache'\
--header 'content-type: application/[json|xml]'\
--data '{
"Id": "custom billing charge Id",
}'
SUCCESSFUL JSON/XML RESPONSE:
{
"Code":200,
"Message":"OK"
}
Delete Custom Billing Charge - Fixed
The API method, “delete_custom_billing_charge_fixed”, is used to delete an existing custom billing charge that applies a fixed charge or credit.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| Id | string | required; custom billing charge Id |
| use_account | string | *optional/required; friendly name of the account in CloudCheckr where the custom billing charge can be applied (must be payer account!) |
| use_cc_account_id | string | *optional/required; account ID of the account in CloudCheckr where the custom billing charge can be applied (must be a payer account!) |
| use_aws_account_id | string | *optional/required; the 12-digit AWS account ID where the custom billing charge can be applied (must be payer account) |
*= one of these parameters must be defined
ENDPOINT URL:
https://api.cloudcheckr.com/api/billing.[json|xml]/delete_custom_billing_charge_fixed
JSON/XML EXAMPLE:
curl-- request POST \
'https://api.cloudcheckr.com/api/billing.[json|xml]/delete_custom_billing_charge_fixed?access_key=access_key]&use_account=[CloudCheckr account name]' \
--header 'cache-control: no-cache'\
--header 'content-type: application/[json|xml]'\
--data '{
"Id": "custom billing charge Id",
}'
SUCCESSFUL JSON/XML RESPONSE:
{
"Code":200,
"Message":"OK"
}
Delete Custom Billing Charge - Monthly Percent
The API method, “delete_custom_billing_charge_monthly_percent”, is used to delete an existing custom billing charge that applies a monthly percent charge or credit.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| Id | string | required; custom billing charge Id |
| use_account | string | *optional/required; friendly name of the account in CloudCheckr where the custom billing charge can be applied (must be payer account!) |
| use_cc_account_id | string | *optional/required; account ID of the account in CloudCheckr where the custom billing charge can be applied (must be a payer account!) |
| use_aws_account_id | string | *optional/required; the 12-digit AWS account ID where the custom billing charge can be applied (must be payer account) |
*= one of these parameters must be defined
ENDPOINT URL:
https://api.cloudcheckr.com/api/billing.[json|xml]/delete_custom_billing_charge_monthly_percent
JSON/XML CALL EXAMPLE:
curl-- request POST \
'https://api.cloudcheckr.com/api/billing.[json|xml]/delete_custom_billing_charge_monthly_percent?access_key=access_key]&use_account=[CloudCheckr account name]' \
--header 'cache-control: no-cache'\
--header 'content-type: application/[json|xml]'\
--data '{
"Id": "custom billing charge Id",
}'
SUCCESSFUL JSON/XML RESPONSE:
{
"Code":200,
"Message":"OK"
}
Delete Custom Billing Charge - Percent All Charges
The API method, “delete_custom_billing_charge_percent_all_charges”, is used to delete delete an existing custom billing charge that applies a percent discount or premium for all charges.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| Id | string | required; custom billing charge Id |
| use_account | string | *optional/required; friendly name of the account in CloudCheckr where the custom billing charge can be applied (must be payer account!) |
| use_cc_account_id | string | *optional/required; account ID of the account in CloudCheckr where the custom billing charge can be applied (must be a payer account!) |
| use_aws_account_id | string | *optional/required; the 12-digit AWS account ID where the custom billing charge can be applied (must be payer account) |
*= one of these parameters must be defined
ENDPOINT URL:
https://api.cloudcheckr.com/api/billing.[json|xml]/delete_custom_billing_charge_percent_all_charges
JSON/XML CALL EXAMPLE:
curl-- request POST \
'https://api.cloudcheckr.com/api/billing.[json|xml]/delete_custom_billing_charge_percent_all_charges?access_key=access_key]&use_account=[CloudCheckr account name]' \
--header 'cache-control: no-cache'\
--header 'content-type: application/[json|xml]'\
--data '{
"Id": "custom billing charge Id",
}'
SUCCESSFUL JSON/XML RESPONSE:
{
"Code":200,
"Message":"OK"
}
Edit Custom Billing Charge - Fixed
The API method, “edit_custom_billing_charge_fixed”, is used to edit a custom billing charge that applies a fixed charge or credit.
To edit a fixed charge or credit, go to the left navigation pane, choose Cost > AWS Partner Tools > Configure > Custom Billing Charges, click New Custom Charge, and select Add a fixed charge or credit.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| startDate | DateTime | required; start date for the custom billing charge |
| endDate | DateTime | required/optional; end date for the custom billing charge; custom billing charges with no end date will apply until the end of time |
| amount | decimal | required; sets the fixed charge (positive value) or credit (negative value) dollar amount |
| oneTime | string | *required/optional; applies the fixed charge or credit as a one-time occurence to the custom billing charge |
| monthlyRecurring | string | *required/optional; applies the fixed credit or charge as a monthly recurring amount to the custom billing charge |
| description | string | required; human-friendly description of the custom billing charge |
| accounts | List<string> | optional; comma-separated list of accounts where the custom billing charge can be applied; defaults to all accounts |
| accountsInvert | boolean | optional; applies the NOT logical operator to selected accounts in the previous parameter; defaults to false |
| use_account | string | **optional/required; friendly name of the account in CloudCheckr where the custom billing charge can be applied (must be payer account) |
| use_cc_account_id | string | **optional/required; account ID of the account in CloudCheckr where the custom billing charge can be applied (must be a payer account) |
| use_aws_account_id | string | **optional/required; the 12-digit AWS account ID where the custom billing charge can be applied (must be payer account) |
* = one of these parameters must be defined
** = one of these parameters must be defined
The end date is only required if you select the Monthly recurring option.
ENDPOINT URL:
https://api.cloudcheckr.com/api/billing.[json|xml]/add_custom_billing_charge_fixed
JSON/XML CALL EXAMPLE:
curl --request POST \
'https://api.cloudcheckr.com/api/billing.[json|xml]/add_custom_billing_charge_fixed?access_key=your_admin_access_key&use_cc_account_id=1234' \
--header 'cache-control: no-cache' \
--header 'content-type: application/[json|xml]' \
--data '{
"startDate": "1970-01-01",
"endDate": "2063-04-05",
"description": "example custom billing charge",
"amount": "dollar amount",
"oneTime": "true or false",
"monthlyRecurring": true or false,
"accounts": ["215011050627,245990094719"],
"accountInvert": "true"
}
SUCCESSFUL JSON/XML RESPONSE:
{
"Code": 200,
"Message": "OK"
}
Edit Custom Billing Charge - Monthly Percent
The API method, “edit_custom_billing_charge_monthly_percent”, is used to edit a custom billing charge from the Cost > AWS Partner Tools > Configure > Custom Billing Charges page (“Premium for all charges” type ONLY!).
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| id | long | required; ID of the custom billing charge to edit |
| description | string | optional; human-friendly description of the custom billing charge |
| percentageValue | decimal | optional; sets the charge (positive value) or credit (negative value) percentage |
| minimumCharge | decimal | optional; applies a minimum charge/credit threshold to the custom billing charge |
| maximumCharge | decimal | optional; applies a maximum charge/credit threshold to the custom billing charge |
| tiers | List<Tier> | optional; applies the custom billing charge to a monetary tier range |
| applyPercentageTo | CostBasline | optional; indicates which cost type the custom billing charge will apply to |
| stack | boolean | optional; enables custom stack ordering; defaults to false |
| stackOrder | integer | optional; sets stack order if previous parameter is true |
| accounts | List<string> | optional; comma-separated list of accounts where the custom billing charge can be applied; defaults to all accounts |
| accountsInvert | boolean | optional; applies the NOT logical operator to selected accounts in the previous parameter; defaults to false |
| region | List<string> | optional; comma-separated list of region(s) where the custom billing charge can be applied; defaults to all; accepts region id’s as valid values |
| regionInvert | boolean | optional; applies the NOT logical operator to selected regions in the previous parameter; defaults to false |
| awsService | List<string> | optional; comma-separated list of AWS services where the custom billing charge can be applied; defaults to all |
| awsServiceInvert | boolean | optional; applies the NOT logical operator to selected AWS services in the previous parameter; defaults to false |
| operation | List<string> | optional; comma-separated list of AWS operations where the custom billing charge can be applied; defaults to all |
| operationInvert | boolean | optional; applies the NOT logical operator to selected AWS operations in the previous parameter; defaults to false |
| usageType | List<string> | optional; comma-separated list of AWS usage types where the custom billing charge can be applied; defaults to all |
| usageTypeInvert | boolean | optional; applies the NOT logical operator to selected AWS usage types in the previous parameter; defaults to false |
| tag | List<string> | optional; comma-separated list of tag key/value pairs where the custom billing charge can be applied; defaults to all |
| tagInvert | boolean | optional; applies the NOT logical operator to selected tag key/value pairs in the previous parameter; defaults to false |
| startDate | DateTime | optional; start date for the custom billing charge |
| endDate | DateTime | optional; end date for the custom billing charge; custom billing charges with no end date will apply until the end of time |
| use_account | string | * optional/required; friendly name of the account in CloudCheckr where the custom billing charge can be applied (must be a payer account) |
| use_cc_account_id | string | * optional/required; account ID of the account in CloudCheckr where the custom billing charge can be applied (must be a payer account) |
| use_aws_account_id | string | * optional/required; the 12-digit AWS account ID where the custom billing charge can be applied (must be a payer account) |
* = one of these parameters must be defined
ENDPOINT URL:
https://api.cloudcheckr.com/api/billing.[json|xml]/edit_custom_billing_charge_monthly_percent
JSON/XML CALL EXAMPLE:
curl --request POST \
--url 'https://api.cloudcheckr.com/api/billing.[json|xml]/edit_custom_billing_charge_monthly_percent?access_key=your_admin_access_key&use_cc_account_id=1234' \
--header 'cache-control: no-cache' \
--header 'content-type: application/[json|xml]' \
--data '{
"id": 179,
"percentageValue": 42
}
SUCCESSFUL JSON/XML RESPONSE:
{
"Id": <new ID value>,
"Code": 200,
"Message": "OK"
}
Edit Custom Billing Charge - Percent All Charges
The API method, edit_custom_billing_charge_percent_all_charges, is used to edit the percent discount or premium for all charges.
To edit this custom billing charge, go to the left navigation pane, and choose Cost > AWS Partner Tools > Configure > Custom Billing Charges. From the Custom Billing Charge page, select a charge from the table
with a type, Premium/Discount for all charges, and click Edit.
INPUT PARAMETERS:
| Parameter | Type | Description |
| Access_key | string | required; admin-level API key |
| Description | string | required; human-friendly description of the custom billing charge |
| PercentageValue | decimal | required; sets the discount (negative value) or premium (positive value) percentage |
| ApplyPercentageTo | CostBasline | required; indicates which cost type the custom billing charge will apply to |
| Account | List<string> | optional; comma-separated list of accounts where the custom billing charge can be applied; defaults to all accounts |
| Region | List<string> | optional; comma-separated list of region(s) twhere the custom billing charge can be applied; defaults to all; accepts region id’s as valid values |
| AWSService | List<string> | optional; comma-separated list of AWS services where the custom billing charge can be applied; defaults to all |
| Operation | List<string> | optional; comma-separated list of AWS operations the custom billing charge applies to; defaults to all |
| UsageType | List<string> | optional; comma-separated list of AWS usage types where the custom billing charge can be applied; defaults to all |
| Tag | List<string> | optional; comma-separated list of tag key/value pairs where the custom billing charge can be applied; defaults to all |
| StartDate | DateTime | required; start date for the custom billing charge |
| EndDate | DateTime | optional; end date for the custom billing charge |
| use_account | string | *optional/required; friendly name of the account in CloudCheckr where the custom billing charge is applied (must be payer account!) |
| use_cc_account_id | string | *optional/required; account ID of the account in CloudCheckr where the custom billing charge is applied (must be a payer account) |
| use_aws_account_id | string | *optional/required; the 12-digit AWS account ID where the custom billing charge is applied (must be payer account) |
* = one of these parameters must be defined
ENDPOINT URL:
https://api.cloudcheckr.com/api/billing.[json|xml]/edit_custom_billing_charge_percent_all_charges
JSON/XML CALL EXAMPLE:
curl-- request POST \
'https://api.cloudcheckr.com/api/billing.[json|xml]/edit_custom_billing_charge_percent_all_charges?use_cc_account_id=7&access_key=your_admin_access_key' \
--header 'cache-control: no-cache'\
--header 'content-type: application/[json|xml]'\
--data '{
"Description": "TEST DESCRIPTION",
"ApplyPercentTo": "ListCost",
"PercentageValue": 5,
"StartDate": "2013-01-01",
"EndDate": "2014-01-01",
"Account": ["103237659442","949195593353","443094636793"],
"Region": ["16","4","2"],
"UsageType": [""CAN1-EUC1-AWS-Out-Bytes","HeavyUsage:m4.large","UGW1-TimedStorage-RRS-ByteHrs"],
"Operation": ["SetQueueAttributes","RunInstances:0002:SV012","PutObject"],
"AWSService":["AmazonSimpleDB","AmazonEC2","AmazonSQS"],
"Tag": ["Name | WebTemplateNew","aws:cloudformation:stack-id | arn:aws:cloudformation:us-west-2:949195593353:stack\/awseb-e-4uypmi4ubg-stack\/f2837e90-8b2a-11e6-8349-50a686fc37d2","Name | DevServer"],
}
SUCCESSFUL JSON/XML RESPONSE:
{
"Id": 460,
"Code": 200,
"Message": "OK"
}
Get Account Family V2
The API method, “get_account_family_v2”, is used to return a complete list of all account families in a payer account.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key (required) | string | required; admin-level access key required for all API calls |
| name (required) | string | required; name of the account family to be deleted |
| use_account | string | *required/optional; friendly name of the account in the application |
| use_cc_account_id | string | *required/optional; account ID used in the application |
| use_aws_account_id | string | *required/optional; the 12-digit AWS account ID |
* = one of these parameters must be defined
XML CALL EXAMPLE:
<GetAccountFamilyResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<Code>0</Code>
<AccountFamilies>
<AccountFamily>
<Name>123456789 (AccountFamilyExample)</Name>
<Accounts>
<string>123456789 (AccountFamilyExample)</string>
</Accounts>
</AccountFamily>
</AccountFamilies>
<UnmappedAccounts>
<string>9876543210 (UnmappedAccountExample)</string>
</UnmappedAccounts>
</GetAccountFamilyResponse>
JSON CALL EXAMPLE:
{
"GetAccountFamilyResponse": {
"Code": "0",
"AccountFamilies": {
"AccountFamily": {
"Name": "123456789 (AccountFamilyExample)",
"Accounts": {
"string": "123456789 (AccountFamilyExample)"
}
}
},
"UnmappedAccounts": {
"string": "9876543210 (UnmappedAccountExample)"
},
}
}
Get Billing Dashboard V2
The API method “get_billing_dashboard_v2” is used to export the Billing and Cost Management Dashboard.
XML call:
https://api.cloudcheckr.com/api/billing.xml/get_billing_dashboard_v2?access_key=[access_key]
JSON call:
https://api.cloudcheckr.com/api/billing.json/get_billing_dashboard_v2?access_key=[access_key]
INPUT PARAMETERS
This call accepts these parameters:
- access_key (required) – Standard Access Key required for all API calls
- cost_type (optional) – Can use Blended, Unblended, or List. Defaults to Blended if not given.
- use_account (required) – The name of the account you are making the call for, where the name is the name of the account added in CloudCheckr.
- use_cc_account_id (required) – The CloudCheckr ID of the account you are making the call for. The ID is returned when using the method ‘account/add_accountv3′ to register the account in CloudCheckr.
OUTPUT:
XML Example:
<GetDashboardResponseV2 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<DashboardSummaries>
<DashboardSummary>
<AccountName>2150 AWS QA</AccountName>
<LastMonth>
<month>6/1/2016 12:00:00 AM</month>
<cost>909.765</cost>
</LastMonth>
<ThisMonth>
<month>7/1/2016 12:00:00 AM</month>
<cost>1073.514</cost>
</ThisMonth>
<Forecast>
<month>7/1/2016 12:00:00 AM</month>
<cost>1140.8925714285714285714285714</cost>
</Forecast>
<SendByService>
<DashboardService>
<service>AmazonEC2</service>
<cost>556.224</cost>
</DashboardService>
<DashboardService>
<service>DirectoryService</service>
<cost>169.375</cost>
</DashboardService>
<DashboardService>
<service>AWSSupportBusiness</service>
<cost>100.000</cost>
</DashboardService>
<DashboardService>
<service>AmazonS3</service>
<cost>99.313</cost>
</DashboardService>
<DashboardService>
<service>AmazonCloudTrail</service>
<cost>64.960</cost>
</DashboardService>
<DashboardService>
<service>AmazonKinesis</service>
<cost>30.645</cost>
</DashboardService>
<DashboardService>
<service>AmazonRDS</service>
<cost>21.598</cost>
</DashboardService>
<DashboardService>
<service>Others</service>
<cost>31.399</cost>
</DashboardService>
</SendByService>
</DashboardSummary>
</DashboardSummaries>
GetDashboardResponseV2>
JSON Example:
{
"DashboardSummaries": {
"DashboardSummary": {
"AccountName": "2150 AWS QA",
"LastMonth": {
"month": "6/1/2016 12:00:00 AM",
"cost": "909.765"
},
"ThisMonth": {
"month": "7/1/2016 12:00:00 AM",
"cost": "1073.514"
},
"Forecast": {
"month": "7/1/2016 12:00:00 AM",
"cost": "1140.8925714285714285714285714"
},
"SendByService": {
"DashboardService": [
{
"service": "AmazonEC2",
"cost": "556.224"
},
{
"service": "DirectoryService",
"cost": "169.375"
},
{
"service": "AWSSupportBusiness",
"cost": "100.000"
},
{
"service": "AmazonS3",
"cost": "99.313"
},
{
"service": "AmazonCloudTrail",
"cost": "64.960"
},
{
"service": "AmazonKinesis",
"cost": "30.645"
},
{
"service": "AmazonRDS",
"cost": "21.598"
},
{
"service": "Others",
"cost": "31.399"
}
]
}
}
}
}
Get Custom Billing Charges V2
The API method, “get_custom_billing_charges_v2”, is used to return any custom billing charges from the Cost > AWS Partner Tools > Configure > Custom Billing Charges page.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required, admin-level API key |
| accounts | string | optional; comma-separated list of AWS account IDs; only returns custom charges that contain one of the accounts from the list |
ENDPOINT URL:
https://api.cloudcheckr.com/api/billing.[json|xml]/get_custom_billing_charges_v2?access_key=your_admin_access_key&accounts=111111111111
CURL EXAMPLE:
curl --request GET \
--'https://api.cloudcheckr.com/api/billing.[json|xml]/get_custom_billing_charges_v2?access_key=your_admin_access_key' \
--header 'cache-control: no-cache' \
--header 'content-type: application/[json|xml]' \
--data '{
"accounts": 1111111111111,
}
SUCCESSFUL JSON RESPONSE:
{
"CustomBillingCharges":
[
{
"Id":101,
"StartDate":"1/1/2018",
"EndDate":"N/A",
"Type":"Monthly Tier",
"ChargeValue":"Tiers",
"Description":"A Sample Tiered Charge for EC2",
"ResourceId":"",
"Stack":true,
"StackOrder":1,
"Account":"111111111111,222222222222,333333333333",
"Region":"All Regions"
}
]
}
Get Custom Billing Charges V3
The API method, “get_custom_billing_charges_v3”, is used to return any custom billing charges from the Custom Billing Charges page. Version 3 of this call displays the custom charge tiers if applicable.
- This call can only be made using an admin-level access key.
- The HTTP method for this call is GET.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level access key |
| use_cc_account_id | string | required; the CloudCheckr ID of the account that you are making the call for; use the “get_accounts_v4” call to get this ID |
API CALL URL:
https://api.cloudcheckr.com/api/billing.[json|xml]/get_custom_billing_charges_v3?access_key=your_admin_access_key&use_cc_account_id=1234
OUTPUT:
RESPONSE EXAMPLE:
XML:
<GetCustomBillingChargesResponseV3 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<CustomBillingCharges>
<GetCustomBillingChargesItemResponse xsi:type="GetCustomBillingChargesItemResponse_V3">
<StartDate>9/1/2017</StartDate>
<EndDate>N/A</EndDate>
<Type>Monthly Tier</Type>
<ChargeValue>Tiers</ChargeValue>
<Description>Service Charge</Description>
<ResourceId />
<Stack>false</Stack>
<StackOrder>0</StackOrder>
<Account>123456789123</Account>
<Region>All Regions</Region>
<Id>781</Id>
<Tiers>
<Tier>
<From>0.0000000000</From>
<To>10000000.0000000000</To>
<Charge>35.0000000000</Charge>
</Tier>
</Tiers>
</GetCustomBillingChargesItemResponse>
<GetCustomBillingChargesItemResponse xsi:type="GetCustomBillingChargesItemResponse_V3">
<StartDate>8/1/2017</StartDate>
<EndDate>N/A</EndDate>
<Type>Monthly Premium</Type>
<ChargeValue>10.00%</ChargeValue>
<Description>Monthly Percent Custom Charge</Description>
<ResourceId />
<Stack>false</Stack>
<StackOrder>0</StackOrder>
<Account>All Accounts</Account>
<Region>All Regions</Region>
<Id>386</Id>
<Tiers />
</GetCustomBillingChargesItemResponse>
</CustomBillingCharges>
</GetCustomBillingChargesResponseV3>
OUTPUT:
JSON:
{
"CustomBillingCharges": [
{
"Tiers": [
{
"From": 0,
"To": 10000000,
"Charge": 35
}
],
"Id": 781,
"StartDate": "9/1/2017",
"EndDate": "N/A",
"Type": "Monthly Tier",
"ChargeValue": "Tiers",
"Description": "Service Charge",
"ResourceId": "",
"Stack": false,
"StackOrder": 0,
"Account": "123456789123",
"Region": "All Regions"
},
{
"Tiers": [],
"Id": 386,
"StartDate": "8/1/2017",
"EndDate": "N/A",
"Type": "Monthly Premium",
"ChargeValue": "10.00%",
"Description": "Monthly Percent Custom Charge",
"ResourceId": "",
"Stack": false,
"StackOrder": 0,
"Account": "All Accounts",
"Region": "All Regions"
}
]
}
Modify Account Family
The API method, “modify_account_family”, is used to modify an existing account family in a payer account.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key (required) | string | required; admin-level access key required for all API calls |
| name (required) | string | required; name for the account family |
| accounts (required) | string | required; comma-separated list of AWS account IDs to link to the account family |
| string | optional; email address associated with the account family | |
| invoice_id | string | optional; custom invoice ID displayed on an invoice |
| address | string | optional; mailing address associated with the account family |
| additional_info | string | optional; text in the Additional Info text box |
| recalculate_support_charges | string | optional; indicates status of recalculation of AWS Support charges. Accepts “yes”, “1”, “y”, “no, “0”, or “n”. |
| support_charge_apply_by_account | string | optional; indicates if customer will apply support charges by account. Accepts “yes”, “1”, “y”, “no, “0”, or “n”. |
| suppress_support_charges | string | optional; indicates if customer will supress support charges. Accepts “yes”, “1”, “y”, “no, “0”, or “n”. |
| do_not_enforce_minimum_charge | string | optional; indicates if customer will ignore the $100 minimum AWS support charges. Accepts “yes”, “1”, “y”, “no, “0”, or “n”. |
| support_charge_broken_out | string | optional; indicates if payee support charges will be displayed by account within account families. Accepts “yes”, “1”, “y”, “no, “0”, or “n”. |
| create_mav_for_family | string | optional; create or delete a MAV based on this account family. Accepts “yes”, “1”, “y”, “no, “0”, or “n”. |
| project_code | string | optional; a customer’s internal project code |
| payment_term | integer | optional; payment terms for the account family used to populate a due date when creating invoices
This field requires two numeric values or may be left blank.
|
| use_account | string | *required/optional; friendly name of the account in the application |
| use_cc_account_id | string | *required/optional; account ID used in the application |
| use_aws_account_id | string | *required/optional; the 12-digit AWS account ID |
* = one of these parameters must be defined
ENDPOINT URL:
https://api.cloudcheckr.com/api/billing.[json|xml]/modify_account_family?access_key=[admin_access_key]&use_cc_account_id=1234
JSON/XML CALL EXAMPLE:
curl --request POST \
-- 'https://api.cloudcheckr.com/api/billing.[json|xml]/modify_account_family?access_key=[admin_access_key]&use_cc_account_id=1234'\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
-- data '{
"(required) admin-level access_key": "someValHere",
"(required) name": "someValHere",
"(required) accounts": "someValHere",
"email": "someValHere",
"invoice_id": "someValHere",
"address": "someValHere",
"additional_info": "someValHere",
"recalculate_support_charges": "someValHere",
"support_charge_apply_by_account": "someValHere",
"suppress_support_charges": "someValHere",
"do_not_enforce_minimum_charge": "someValHere",
"support_charge_broken_out": "someValHere",
"create_mav_for_family": "someValHere",
"project_code": "someValHere",
"payment_term": "someValHere"
}
SUCCESSFUL JSON/XML RESPONSE:
{
"Code":200,
"Message":"OK"
}
Modify Account Family - Copy DBR
The API method, “modify_account_family_copy_dbr”, is used to modify an existing account family’s “Copy DBR” configuration in a payer account.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key (required) | string | required; admin-level access key required for all API calls |
| name (required) | string | required; name for the new account family |
| accounts (required) | string | required; comma-separated list of AWS account IDs to link to the account family |
| string | optional; email address associated with the account family | |
| invoice_id | string | optional; custom invoice ID displayed on an invoice |
| address | string | optional; mailing address associated with the account family |
| additional_info | string | optional; text in the Additional Info text box |
| recalculate_support_charges | string | optional; indicates status of recalculation of AWS Support charges. Accepts “yes”, “1”, “y”, “no, “0”, or “n”. |
| support_charge_apply_by_account | string | optional; indicates if customer will apply support charges by account. Accepts “yes”, “1”, “y”, “no, “0”, or “n”. |
| suppress_support_charges | string | optional; indicates if customer will supress support charges. Accepts “yes”, “1”, “y”, “no, “0”, or “n”. |
| do_not_enforce_minimum_charge | string | optional; indicates if customer will ignore the $100 minimum AWS support charges. Accepts “yes”, “1”, “y”, “no, “0”, or “n”. |
| support_charge_broken_out | string | optional; indicates if payee support charges will be displayed by account within account families. Accepts “yes”, “1”, “y”, “no, “0”, or “n”. |
| create_mav_for_family | string | optional; create or delete a MAV based on this account family. Accepts “yes”, “1”, “y”, “no, “0”, or “n”. |
| project_code | string | optional; a customer’s internal project code |
| payment_term | integer | optional; payment terms for the account family used to populate a due date when creating invoices
This field requires two numeric values or may be left blank.
|
| account_family_name (required) | string | optional; name of the account family whose Copy DBR configuration the customer wants to modify |
| bucket_name (required) | string | optional; name of the S3 bucket that the DBR will be copied to |
| cost_type (required) | string | optional; Amazon or custom cost.
Amazon cost will create Blended and Unblended; custom will create custom or list cost.
|
| include_all_tags (required) | string | optional; a yes will copy all tag columns from thepayer DBR (even if there is no data). A no will copy only tag columns with data. Accepts “yes”, “1”, “y”, “no, “0”, or “n”. |
| use_account | string | *required/optional; friendly name of the account in the application |
| use_cc_account_id | string | *required/optional; account ID used in the application |
| use_aws_account_id | string | *required/optional; the 12-digit AWS account ID |
* = one of these parameters must be defined
ENDPOINT URL:
https://api.cloudcheckr.com/api/billing.[json|xml]/modify_account_family_copy_dbr?access_key=[admin_access_key]&use_cc_account_id=1234
JSON/XML CALL EXAMPLE:
curl --request POST \
-- 'https://api.cloudcheckr.com/api/billing.[json|xml]/cmodify_account_family_copy_dbr?access_key=[admin_access_key]&use_cc_account_id=1234'\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
-- data '{
"(required) admin-level access_key": "someValHere",
"(required) name": "someValHere",
"(required) accounts": "someValHere",
"(required) aws_use_account_upload: "someValHere",
"email": "someValHere",
"invoice_id": "someValHere",
"address": "someValHere",
"additional_info": "someValHere",
"recalculate_support_charges": "someValHere",
"support_charge_apply_by_account": "someValHere",
"suppress_support_charges": "someValHere",
"do_not_enforce_minimum_charge": "someValHere",
"support_charge_broken_out": "someValHere",
"create_mav_for_family": "someValHere",
"account_family_name": "someValHere",
"bucket_name": "someValHere",
"cost_type": "someValHere",
"include_all_tags": "someValHere",
"project_id": "someValHere",
"payment_term": "someValHere"
}
SUCCESSFUL JSON/XML RESPONSE:
{
"Code":200,
"Message":"OK"
}
Forgot Password
The API method, “forgot_password”, is used to reset a user’s password. The method will return the password reset link and a password reset key.
The preferred HTTP method is POST.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| string | required; user’s email address |
API CALL URL:
https://api.cloudcheckr.com/api/account.[json|xml]/forgot_password?access_key=your_admin_access_key
REQUEST EXAMPLE:
curl -X POST \
-- https://api.cloudcheckr.com/api/account.[json|xml]/forgot_password?access_key=your_admin_access_key\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
-- data '{
"email": "user1@domain.com",
}
RESPONSE EXAMPLE:
XML:
<ForgotPasswordResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance>
<status>
<reset_link>https://app.cloudcheckr.com/LogOn/#!/resetPassword</reset_link>
<key>reset key</key>
<code>200</code>
<message>Password Reset Successful</message>
</status>
</ForgotPasswordResponse>
JSON:
{
"ResetLink": "https://app.cloudcheckr.com/LogOn/#!/resetPassword",
"Key": [RESET KEY],
"Code": 200,
"Message": "Password Reset Successful"
}
Get SAML Providers
The API method, “get_saml_providers”, is used to get a list of Security Assertion Markup Language (SAML) providers for the customer.
The accepted HTTP method for this call is GET.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
API CALL URL:
https://api.cloudcheckr.com/api/admin.[json|xml]/get_saml_providers?access_key=your_admin_access_key
REQUEST EXAMPLE:
curl -X GET \
-- https://api.cloudcheckr.com/api/admin.[json|xml]/get_saml_providers?access_key=your_admin_access_key\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
RESPONSE EXAMPLE:
XML:
<GetSamlProvidersResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance>
<results>
<SamlProvider>OneLogin</SamlProvider>
<SamlProvider>PingOne</SamlProvider>
</results>
<status>
<code>0</code>
<message>null</message>
</status>
</GetSamlProvidersResponse>
JSON:
{
"saml_providers": ["OneLogin", "PingOne"],
"code":0,
"message": null
}
Edit User
The API method, “edit_user”, is used to edit the attributes of a user.
- The accepted HTTP method for this call is POST.
- This call can only be made using admin-level access keys.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| string | required; email address of the user | |
| role | string | optional; the role of the user |
| auth_types | list | optional; the authorization type for the user |
| sso_provider | lstring | optional; name of the SSO provider |
| user_id | string | required; user ID |
| use_account | string | required; friendly name of the account in the application; must be a payer account in CloudCheckr* |
| use_cc_account_id | string | required; account ID used in the application; must be a payer account in CloudCheckr* |
| use_aws_account_id | string | required; the 12-digit AWS account ID; must be a payer account in CloudCheckr* |
API CALL URL:
https://api.cloudcheckr.com/api/account.[json|xml]/edit_user?access_key=your_admin_access_key
REQUEST EXAMPLE:
curl -X POST \
-- https://api.cloudcheckr.com/api/account.[json|xml]/edit_user?access_key=your_admin_access_key\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
-- data '{
"email": "email2@cloudcheckr.com",
"role": "User",
"auth_types": "saml",
"sso_provider": "clear"
}
RESPONSE EXAMPLE:
XML:
<EditUserResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance>
<email>email2@cloudcheckr.com</email>
<role>user</role>
<AuthTypes>saml</AuthTypes>
<SsoProvider>clear</SsoProvider>
</EditUserResponse>
JSON:
{
"code":200,
"message": OK
}
Read Child SAML SSO Settings
The API method, “read_child_saml_sso_settings”, is used to read and return the first SSO configuration it finds. The call will return an error if more than one SSO configuration is found.
- This call requires the partner sys admin for the admin-level API key. The partner_id is the child for the admin-level API key.
- The preferred HTTP method for this call is GET.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| partner_id | string | required; child for the admin-level API key |
API CALL URL:
https://api.cloudcheckr.com/api/admin.[json|xml]/read_child_saml_sso_settings?access_key=your_admin_access_key&partner_id=4'\
REQUEST EXAMPLE:
curl -X GET \
-- https://api.cloudcheckr.com/api/admin.[json|xml]/read_child_saml_sso_settings?access_key=your_admin_access_key&partner_id=4'\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
RESPONSE EXAMPLE:
XML:
<ReadChildSamlSsoSettingsResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance>
<enabled>true</enabled>
<AutoProvisionedUserRole>null</AutoProvisionedUserRole>
<IdpMetadata>This big metadata here</IdpMetadata>
<code>200</code>
<message>OK</message>
</ReadChildSamlSsoSettingsResponse>
JSON:
{
"enabled": true,
"auto_provisioned_user_role": null,
"idp_metadata": "THIS BIG METADATA HERE",
"Code": 200,
"Message": "OK"
}
Read Child SAML SSO Settings V2
The API method, “read_child_saml_sso_settings_v2”, is used to read and return all of the SSO configurations for a child customer.
- This call requires the partner sys admin for the admin-level API key. The partner_id is the child for the admin-level API key.
- The preferred HTTP method for this call is GET.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| partner_id | string | required; child for the admin-level API key |
API CALL URL:
https://api.cloudcheckr.com/api/admin.[json|xml]/read_child_saml_sso_settings_v2?access_key=your_admin_access_key&partner_id=4'\
REQUEST EXAMPLE:
curl -X GET \
-- https://api.cloudcheckr.com/api/admin.[json|xml]/read_child_saml_sso_settings_v2?access_key=your_admin_access_key&partner_id=4'\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
RESPONSE EXAMPLE:
XML:
<ReadChildSamlSsoSettingsResponseV2 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance>
<enabled>false</enabled>
<saml_provider_info>
<auto_provisioned_user_role>null</auto_provisioned_user_role>
<IdpMetadata>This big metadata here</IdpMetadata>
</saml_provider_info>
<code>200</code>
<message>OK</message>
</ReadChildSamlSsoSettingsResponseV2>
JSON:
{
"enabled": false,
"auto_provisioned_user_role": null,
"idp_metadata": "THIS BIG METADATA HERE",
"Code": 200,
"Message": "OK"
}
Write Child SAML SSO Settings
The API method, “write_child_saml_sso_settings”, is used to create a new SAML configuration or to update a SAML configuration for child customers.
- This call requires the partner sys admin for the admin-level API key. The partner_id is the child for the admin-level API key.
- The preferred HTTP method for this call is POST.
INPUT PARAMETERS:
| Parameter | Type | Description |
| access_key | string | required; admin-level API key |
| partner_id | string | required; child for the admin-level API key |
| enable | boolean | optional; indicates if the SAML SSO settings are enabled |
| auto_provisioned_user_role | string | optional; indicates the type of user role |
| idp_metadata | string | optional; metadata for the new configuration |
| sso_provider | string | optional; name of the SSO provider |
API CALL URL:
https://api.cloudcheckr.com/api/admin.[json|xml]/write_child_saml_sso_settings?access_key=your_admin_access_key&partner_id=4'\
REQUEST EXAMPLE:
curl -X POST \
-- https://api.cloudcheckr.com/api/admin.[json|xml]/write_child_saml_sso_settings?access_key=your_admin_access_key&partner_id=4'\
-- header 'cache-control: no-cache' \
-- header 'content-type: application/[json|xml]' \
-- data '{
"partner_id": "4",
"enable": "false",
"auto_provisioned_user_role": "User",
"idp_metadata": "This big metadata here",
"sso_provider": "PingOne child 1"
}
RESPONSE EXAMPLE:
XML:
<WriteChildSamlSsoSettingsResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance>
<status>
<code>0</code>
<message>OK</message>
</WriteChildSamlSsoSettingsResponse>
JSON:
{
"Code": 200,
"Message": "OK"
}