Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.cloudgeni.ai/llms.txt

Use this file to discover all available pages before exploring further.

Scanning API

This page documents the scan endpoints that match the current route structure in the codebase. Use the X-CLOUDGENI-API-KEY header for all examples here.

Repository Static Analysis

Create a Checkov-backed static analysis run for a repository: 
curl --fail --silent --show-error \
  -X POST \
  -H "Content-Type: application/json" \
  -H "X-CLOUDGENI-API-KEY: $CLOUDGENI_API_KEY" \
  "$CLOUDGENI_API_URL/api/v1/organizations/$CLOUDGENI_ORG_ID/repositories/$CLOUDGENI_REPO_ID/static-analysis" \
  -d '{
    "analysisEngine": "checkov",
    "excludedPaths": []
  }'
Fetch the current active analysis for the repository: 
curl --fail --silent --show-error \
  -H "X-CLOUDGENI-API-KEY: $CLOUDGENI_API_KEY" \
  "$CLOUDGENI_API_URL/api/v1/organizations/$CLOUDGENI_ORG_ID/repositories/$CLOUDGENI_REPO_ID/static-analysis?current=true"
Fetch findings for a specific analysis: 
curl --fail --silent --show-error \
  -H "X-CLOUDGENI-API-KEY: $CLOUDGENI_API_KEY" \
  "$CLOUDGENI_API_URL/api/v1/organizations/$CLOUDGENI_ORG_ID/repositories/$CLOUDGENI_REPO_ID/static-analysis/$CLOUDGENI_ANALYSIS_ID/findings?limit=50"

Repository IaC Scans

Create an IaC repository scan: 
curl --fail --silent --show-error \
  -X POST \
  -H "Content-Type: application/json" \
  -H "X-CLOUDGENI-API-KEY: $CLOUDGENI_API_KEY" \
  "$CLOUDGENI_API_URL/api/v1/organizations/$CLOUDGENI_ORG_ID/repositories/$CLOUDGENI_REPO_ID/iac-scans" \
  -d '{}'
Use this when you want the repository scan flow exposed by the iac-scans routes rather than the Checkov-only static analysis flow.

Cloud Infra Scans

Create a cloud scan against an existing cloud integration: 
curl --fail --silent --show-error \
  -X POST \
  -H "Content-Type: application/json" \
  -H "X-CLOUDGENI-API-KEY: $CLOUDGENI_API_KEY" \
  "$CLOUDGENI_API_URL/api/v1/organizations/$CLOUDGENI_ORG_ID/cloud/$CLOUDGENI_INTEGRATION_ID/prowler-ocsf/infra-scans" \
  -d '{}'
The analysisEngine segment is part of the route. Current values used by the product include:
  • prowler-ocsf
  • aws-security-hub
  • azure-defender
You can also pass optional cloud-scan fields such as credentialId and regions when the route supports them.

Cloud Scan Findings

Fetch findings for a specific cloud scan: 
curl --fail --silent --show-error \
  -H "X-CLOUDGENI-API-KEY: $CLOUDGENI_API_KEY" \
  "$CLOUDGENI_API_URL/api/v1/organizations/$CLOUDGENI_ORG_ID/cloud/$CLOUDGENI_INTEGRATION_ID/prowler-ocsf/infra-scans/$CLOUDGENI_SCAN_ID/findings?limit=100"
You can filter cloud findings with query parameters such as:
  • severity
  • status
  • resourceType
  • resourceId
  • framework

CLI Equivalents

If you would rather not call raw HTTP: 
cloudgeni repo static-analysis create --org <org> --repo <repo>
cloudgeni repo iac-scan create --org <org> --repo <repo>

Use This Page With CI

These are the same endpoint shapes used in the CI examples for: