REST API-automatisering

Underhålls av: Aether365 Team Målgrupp: Utvecklare och DevOps-ingenjörer Omfattning: Använda Aether365 API för automatisering och anpassade integrationer

Aether365 REST API låter dig integrera skanningsresultat i dina befintliga säkerhetsverktyg, automatisera rapportering och starta skanningar programmatiskt.

Komma igång

Generera en API-nyckel i Inställningar > API-nycklar
Använd nyckeln som en Bearer-token i alla API-begäranden
Se API-referensen för alla tillgängliga endpoints

Vanliga automationsmönster

Starta en skanning och vänta på resultat

Detta mönster är användbart i CI/CD-pipelines där du vill blockera deploy om säkerhetsbetyget sjunker under ett tröskelvärde.

python

import requests
import time

API_KEY = "ae_live_your-api-key"
BASE = "https://api.aether365.io"
HEADERS = {"Authorization": f"Bearer {API_KEY}"}

# Trigger a compliance scan
resp = requests.post(f"{BASE}/tenants/me/scans",
    json={"scan_type": "compliance"},
    headers=HEADERS)
scan = resp.json()["data"]
scan_id = scan["id"]
print(f"Scan started: {scan_id}")

# Poll until complete
while True:
    resp = requests.get(f"{BASE}/scans/{scan_id}", headers=HEADERS)
    scan = resp.json()["data"]
    if scan["status"] in ("completed", "failed"):
        break
    print(f"Status: {scan['status']} - waiting...")
    time.sleep(30)

if scan["status"] == "failed":
    print("Scan failed")
    exit(1)

score = scan["score"]
print(f"Score: {score}%")

if score < 80:
    print(f"Score {score}% is below threshold (80%). Failing pipeline.")
    exit(1)

print("Security check passed")

Hämta alla kritiska underkända från senaste skanningen

python

import requests

API_KEY = "ae_live_your-api-key"
BASE = "https://api.aether365.io"
HEADERS = {"Authorization": f"Bearer {API_KEY}"}

# Get the most recent completed scan
scans = requests.get(f"{BASE}/tenants/me/scans?status=completed&limit=1",
    headers=HEADERS).json()["data"]

if not scans:
    print("No completed scans found")
    exit(0)

scan_id = scans[0]["id"]

# Fetch critical failures
page, results = 1, []
while True:
    resp = requests.get(f"{BASE}/scans/{scan_id}/results",
        params={"result": "Failed", "severity": "Critical", "page": page, "limit": 100},
        headers=HEADERS).json()
    results.extend(resp["data"])
    if page >= resp["meta"]["totalPages"]:
        break
    page += 1

print(f"Critical failures: {len(results)}")
for r in results:
    print(f"  [{r['id']}] {r['title']}")

GitHub Actions: skanna enligt schema

yaml

name: Aether365 Security Scan
on:
  schedule:
    - cron: '0 6 * * MON' # Every Monday at 06:00 UTC
  workflow_dispatch:

jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - name: Trigger scan
        id: trigger
        run: |
          RESPONSE=$(curl -s -X POST https://api.aether365.io/tenants/me/scans \
            -H "Authorization: Bearer ${{ secrets.AETHER365_API_KEY }}" \
            -H "Content-Type: application/json" \
            -d '{"scan_type": "compliance"}')
          SCAN_ID=$(echo $RESPONSE | jq -r '.data.id')
          echo "scan_id=$SCAN_ID" >> $GITHUB_OUTPUT

      - name: Wait for completion
        run: |
          SCAN_ID=${{ steps.trigger.outputs.scan_id }}
          for i in $(seq 1 30); do
            STATUS=$(curl -s https://api.aether365.io/scans/$SCAN_ID \
              -H "Authorization: Bearer ${{ secrets.AETHER365_API_KEY }}" \
              | jq -r '.data.status')
            echo "Status: $STATUS"
            [ "$STATUS" = "completed" ] && break
            [ "$STATUS" = "failed" ] && echo "Scan failed" && exit 1
            sleep 30
          done

      - name: Check score
        run: |
          SCAN_ID=${{ steps.trigger.outputs.scan_id }}
          SCORE=$(curl -s https://api.aether365.io/scans/$SCAN_ID \
            -H "Authorization: Bearer ${{ secrets.AETHER365_API_KEY }}" \
            | jq '.data.score')
          echo "Security score: $SCORE%"
          if (( $(echo "$SCORE < 75" | bc -l) )); then
            echo "Score below threshold"
            exit 1
          fi

PowerShell: exportera resultat till CSV enligt schema

powershell

$ApiKey = $env:AETHER365_API_KEY
$Headers = @{ Authorization = "Bearer $ApiKey" }

# Get latest scan
$Scans = Invoke-RestMethod -Uri "https://api.aether365.io/tenants/me/scans?status=completed&limit=1" -Headers $Headers
$ScanId = $Scans.data[0].id

# Fetch all results
$Page = 1
$AllResults = @()
do {
    $Resp = Invoke-RestMethod -Uri "https://api.aether365.io/scans/$ScanId/results?page=$Page&limit=100" -Headers $Headers
    $AllResults += $Resp.data
    $Page++
} while ($Page -le $Resp.meta.totalPages)

# Export to CSV
$AllResults | Export-Csv -Path "scan_$(Get-Date -Format 'yyyy-MM-dd').csv" -NoTypeInformation
Write-Host "Exported $($AllResults.Count) results"

Paginering

Alla listendpoints stöder paginering via frågeparametrarna page och limit:

bash

curl "https://api.aether365.io/scans/{scanId}/results?page=2&limit=50" \
  -H "Authorization: Bearer <token>"

meta-objektet i listsvar inkluderar:

Fält	Beskrivning
`total`	Totalt antal objekt
`page`	Aktuellt sidnummer
`limit`	Objekt per sida
`totalPages`	Totalt antal sidor

Felhantering

Alla API-fel returnerar en konsekvent struktur:

json

{
  "success": false,
  "error": {
    "code": "SNAKE_CASE_ERROR_CODE",
    "message": "Human-readable description"
  }
}

Kontrollera alltid success-fältet innan du läser data. Se Felkoder för alla felkoder.

REST API-automatisering ​

Komma igång ​

Vanliga automationsmönster ​

Starta en skanning och vänta på resultat ​

Hämta alla kritiska underkända från senaste skanningen ​

GitHub Actions: skanna enligt schema ​

PowerShell: exportera resultat till CSV enligt schema ​

Paginering ​

Felhantering ​