Admin API Reference Guide

CloudCheckr allows for the creation of two different types of access keys. Account-level access keys can only make calls against a single account. Admin-level access keys allow users to make calls against any of their accounts within CloudCheckr. They also allow API users to make account-management related calls that cannot be executed using account-level access keys.

Click here for details on creating and managing admin-level access keys.

Certain API calls have been deprecated and are maintained for historical reasons only. A list of deprecated admin-level calls can be found here.

Admin-level access keys are needed to make the following calls:

 

Attempting to make any of these calls using a General API Access Key will result in an error. You may also use Admin-Level API Keys to make the other calls found in the general API Reference guide.

NOTE: When using an Admin-Level Access Keys to make those calls you MUST add one of the following parameter to your calls:

  • use_account – the name of the account you are making the call for, where the name is the name of the account added in CloudCheckr.
  • use_cc_account_id – the Id of the account you are making the call for. The Id is returned when using the method ‘account/add_account_v3′ to register the account in CloudCheckr.

XML call:

https://api.cloudcheckr.com/api/best_practice.xml/get_best_practices?access_key=[access_key]&use_account=[MyAccount]
https://api.cloudcheckr.com/api/best_practice.xml/get_best_practices?access_key=[access_key]&use_cc_account_id=[MyAccountId]

JSON call:

https://api.cloudcheckr.com/api/best_practice.json/get_best_practices?access_key=[access_key]&use_account=[MyAccount]
https://api.cloudcheckr.com/api/best_practice.json/get_best_practices?access_key=[access_key]&use_cc_account_id=[MyAccountId]

USING ACCESS KEYS

CloudCheckr requires an Access Key to be passed as a parameter to all API calls.

Click here for details on creating and managing Access Keys.

Example of using an Access Key:

https://api.cloudcheckr.com/api/change_monitoring.json/get_changes?access_key=[access_key]

Access Keys are 64 bytes long and have the following format.

56422A55E6B340239D6F473726128F979A86766B738C4BD1AC29F1F42DFEF55A

Putting it all together:

https://api.cloudcheckr.com/api/change_monitoring.json/get_changes?access_key=56422A55E6B340239D6F473726128F979A86766B738C4BD1AC29F1F42DFEF55A

PREFERRED HTTP METHODS

When using libraries such as curl, you may need to indicate the HTTP method to use (POST or GET). The CloudCheckr API accepts both POST and GET in most API calls. However, we recommend you use the preferred HTTP Method when possible.

The preferred HTTP method for each call is GET unless specifically noted in the API CALLS section.

For more information on HTTP methods, click here: http://www.w3schools.com/tags/ref_httpmethods.asp.


API CALLS

ADD ACCOUNT v3

The API method “add_account_v3” is used to register an AWS account with CloudCheckr. This method will return a unique ID to enhance security for the newly created account that can be used for the parameter ‘use_cc_account_id‘ when making calls to the Admin-Level API.

IMPORTANT: This call can only be made using Admin-Level Access Keys.

The preferred HTTP method for this call is POST.

XML call:

https://api.cloudcheckr.com/api/account.xml/add_account_v3?access_key=[access_key]&account_name=MyAccountName

JSON call:

https://api.cloudcheckr.com/api/account.json/add_account_v3?access_key=[access_key]&account_name=MyAccountName

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – standard Access Key required for all API calls.
  • account_name (required) – the name of the AWS account to register with CloudCheckr.
  • aws_access_key (optional) – the access key of the IAM user whose credentials will be used to connect CloudCheckr to your AWS account.
  • aws_secret_key (optional) – the secret key of the IAM user whose credentials will be used to connect CloudCheckr to your AWS account.
  • account_tag (optional) – the tag for the account to be used within a Multi-Account View.
  • user_name (optional) – the name of the user that will have access to this account. If no user is specified, the first Administrator of the account will be applied.
  • emails (optional) – the email address(es) that will populate the account’s Email Settings, determining who receives the automated reports. If this parameter is not used, the email address used when registering the CloudCheckr account will be populated in this field.

NOTE: AWS secret keys typically contain special characters. In order to submit as a parameter on the URL, you must URL encode it.
See http://www.w3schools.com/tags/ref_urlencode.asp for more details or to URL encode a AWS secret key.

OUTPUT

XML Example:

<AddAccountResponseV3 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance>
   <account_status>Success</account_status>
   <cc_account_id>38</cc_account_id>
   <credential_status>
   No credentials given. Can use the following role_account_id and role_external_id to create cross-account role within AWS.
   </credential_status>
   <role_account_id>352813966789</role_account_id>
   <cc_external_id>CC-69CFBFCA8BF21FA123BA566A6DAAB227</cc_external_id>
</AddAccountResponseV3>

JSON Example:

{"account_status":"Success","cc_account_id":38,"credential_status":"No credentials given. Can use the following role_account_id and role_external_id to create cross-account role within AWS.","role_account_id":"352813966789","cc_external_id":"CC-69CFBFCA8BF21FA123BA566A6DAAB227"}

ADD MAV (Multi-View) ACCOUNT

The API method “add_mav_account” is used to create a new Multi-View Account (MAV).

IMPORTANT: This call can only be made using Admin-Level Access Keys.

The preferred HTTP method for this call is POST.

XML call:

https://api.cloudcheckr.com/api/account.xml/add_mav_account?access_key=[access_key]&account_name=[account_name]

JSON call:

https://api.cloudcheckr.com/api/account.json/add_mav_account?access_key=[access_key]&account_name=[account_name]

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Admin-Level Access Key required for all API calls.
  • account_name (required) – name of the new MAV account(s).
  • account_tags_to_set (optional) – comma separated list of tags to apply to this mav. The tag MUST exist.
  • for_all_accounts (optional) – true or false or 1 or 0 values. Same impact as having the “This Multi-Account View should include ALL ACCOUNTS.” checked in the UI

OUTPUT

XML & JSON Example:

{"Code":200,"Message":"OK"}

DELETE ACCOUNT

The API method “delete_account” is used to remove an AWS account that has been registered with CloudCheckr.

IMPORTANT: This call can only be made using Admin-Level Access Keys.

The preferred HTTP method for this call is POST.

XML call:

https://api.cloudcheckr.com/api/account.xml/delete_account?access_key=[access_key]&account_name=MyAccountName

JSON call:

https://api.cloudcheckr.com/api/account.json/delete_account?access_key=[access_key]&account_name=MyAccountName

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Admin-Level Access Key is required for this call.
  • account_name (required) – the name of the AWS account that will be removed from CloudCheckr.

OUTPUT

XML & JSON Example:

{"Code":200,"Message":"OK"}

ADD USER

The API method “add_user” is used to create a new CloudCheckr user.

IMPORTANT: This call can only be made using Admin-Level Access Keys.

The preferred HTTP method for this call is POST.

XML call:

https://api.cloudcheckr.com/api/account.xml/add_user?access_key=[access_key]&email=[email address]&account_access=[account_name1],[account_name2]&user_role=user&cost_report=no

JSON call:

https://api.cloudcheckr.com/api/account.json/add_user?access_key=[access_key]&email=[email address]&account_access=[account_name1],[account_name2]&user_role=user&cost_report=no

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Admin-Level Access Key is required for this call.
  • email (required) – the email address of the new user.
  • account_access (required) – the name of the CloudCheckr account(s) the user can access. Separate multiple account names by commas as shown in the sample call above.
  • password (optional) – assign a password. NOTE: When using this parameter it will not trigger any account activation email.
  • user_role (required) – the level of access for the new user. Accepts basic, user, or admin. NOTE: admins can access ALL accounts by default.
  • all_access (optional) – if this set to true, the user will have access to all reports within the account.  If this is set to true, none of the other parameters listed below are required.  Accepts “yes”, “1”, “y”.
  • cost_report (required) – whether the user can access the cost reports within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • blended_cost (required) – whether the user can view blended costs within the cost reports. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • unblended_cost (required) – whether the user can view unblended costs within the cost reports. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • list_cost (required) – whether the user can view list costs within the cost reports. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • resource_utilization_reports (required) – whether the user can access the resource utilization reports within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • trending_reports (required) – whether the user can access the trending reports within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • change_monitoring (required) – whether the user can access the change monitoring report within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • best_practices (required) – whether the user can access the best practice report within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • auth_types – By default if you do not include auth_types, the user will be set to use both SSO and CloudCheckr forms. If you do not want activation to go through email, you must set auth_types equal to SSO.

You can also use this call to add multiple users at once. Simply include all of the emails required separated by commas.

Example:
OUTPUT

XML & JSON Example:

{"Code":200,"Message":"OK"}

ADD USER GROUP

The API method “add_user_group” is used to create a new CloudCheckr user group.

IMPORTANT: This call can only be made using admin-level access keys.

The preferred HTTP method for this call is POST.

XML call:

https://api.cloudcheckr.com/api/account.xml/add_user_group?access_key=[access_key]&group_name=[group name]&account_type=[account_type1],[account_type2]&accounts=[partner1],[partner2]&allow_generic_access=no

JSON call:

https://api.cloudcheckr.com/api/account.json/add_user_group?access_key=[access_key]&group_name=[group name]&account_type=[account_type1],[account_type2]&accounts=[partner1],[partner2]&allow_generic_access=no

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – admin-level access key is required for this call.
  • group_name (required) – the name of the user group.
  • account_type (required) – the name of the account(s) associated with the user group. Separate multiple account types by commas as shown in the sample call above.

Note: The following are valid values for the account type: AwsGeneral, AwsMultiView, AzureGeneral, AzureMultiView, GoogleGeneral, GoogleMultiView, VMwareGeneral, VMwareMultiView, OracleGeneral, and OracleMultiView.

  • accounts (required) – the project name associated with the user group. Separate multiple partner names by commas as shown in the sample call above.
  • user_emails (optional) – the email address of a user associated with the user group. Separate multiple email addresses by commas as shown in the sample call above.
  • allow_generic_access (optional) – if this set to true, the user will have access to all reports and features within the account.  If this is set to true, none of the other parameters listed below are required.  Accepts “yes”, “1”, “y”.
    • allow_inventory_access (required)  – whether the user can access the inventory reports within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
    • allow_savings_access (required)  – whether the user can access the savings reports within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
    • allow_best practice_access (required)  – whether the user can access the best practice reports within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
    • allow_cost_access (required)  – whether the user can access the cost reports within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
    • allow_security_access (required)  – whether the user can access the security reports within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
    • allow_utilization_access (required)  – whether the user can access the utilization reports within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
    • allow_automation_access (required)  – whether the user can access the automation features within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
    • allow_alerts_access (required)  – whether the user can access the alert reports within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
    • allow_settings_access (required)  – whether the user can access the account settings within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.

Example:
OUTPUT

XML & JSON Example:

{"Code":200,"Message":"OK"}

REMOVE USER

The API method “remove_user” is used to delete a CloudCheckr user.

IMPORTANT: This call can only be made using Admin-Level Access Keys.

The preferred HTTP method for this call is POST.

XML call:

https://api.cloudcheckr.com/api/account.xml/remove_user?access_key=[access_key]&email=[email address]

JSON call:

https://api.cloudcheckr.com/api/account.json/remove_user?access_key=[access_key]&email=[email address]

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Admin-Level Access Key is required for this call.
  • email (required) – the email address of the new user.

OUTPUT

XML & JSON Example:

{"Code":200,"Message":"OK"}

GRANT ACCOUNT

The API method “grant_account” is used to grant access to a CloudCheckr user to see a specific AWS account that has been registered in CloudCheckr.

IMPORTANT: This call can only be made using Admin-Level Access Keys.

The preferred HTTP method for this call is POST.

XML call:

https://api.cloudcheckr.com/api/account.xml/grant_account?access_key=[access_key]&email=[email address]&use_account=[account_name]

JSON call:

https://api.cloudcheckr.com/api/account.json/grant_account?access_key=[access_key]&email=[email address]&use_account=[account_name]

INPUT PARAMETERS

This call accepts these parameters. The user will only be granted permissions to the parameters entered unless the all_access parameter is used. If the all_access parameter is used, no further parameters need to be specified as the account will be granted access to all reports available within the account.

  • access_key (required) – Admin-Level Access Key is required for this call.
  • email (required) – the email address of the CloudCheckr user.
  • use_account (required) – the name of the CloudCheckr account the user can access. If adding multiple account names, use just “accounts” with account names separated by commas.
  • all_access (optional) – if this set to true, the user will have access to all reports within the account.  If this is set to true, none of the other parameters listed below are required.  Accepts “yes”, “1”, “y”.
  • cost_report (optional) – whether the user can access the cost reports within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • blended_cost (optional) – whether the user can view blended costs within the cost reports. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • unblended_cost (optional) – whether the user can view unblended costs within the cost reports. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • list_cost (optional) – whether the user can view list costs within the cost reports. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • resource_utilization_reports (optional) – whether the user can access the resource utilization reports within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • trending_reports (optional) – whether the user can access the trending reports within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • change_monitoring (optional) – whether the user can access the change monitoring report within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • best_practices (optional) – whether the user can access the best practice report within the account. Accepts “yes”, “1”, “y”, “no, “0”, “n”.

OUTPUT

XML & JSON Example:

{"Code":200,"Message":"OK"}

REVOKE ACCOUNT

The API method “revoke_account” is used to revoke access from a CloudCheckr user to see a specific AWS account that has been registered in CloudCheckr.

IMPORTANT: This call can only be made using Admin-Level Access Keys.

The preferred HTTP method for this call is POST.

XML call:

https://api.cloudcheckr.com/api/account.xml/revoke_account?access_key=[access_key]&email=[email address]&use_account=[account_name1]

JSON call:

https://api.cloudcheckr.com/api/account.json/revoke_account?access_key=[access_key]&email=[email address]&use_account=[account_name1]

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Admin-Level Access Key is required for this call.
  • email (required) – the email address of the CloudCheckr user.
  • use_account (required) – the name of the CloudCheckr account the user will no longer be able to access. If revoking access to multiple accounts, use just “accounts” with account names separated by commas.
  • use_cc_account_id (required — either this field or ‘use_account’) – The CloudCheckr ID number for the AWS account within the application.

OUTPUT

XML & JSON Example:

{"Code":200,"Message":"OK"}

GET ACCOUNTS V2

The API method “get_accounts_v2” is used to return a complete list of all AWS accounts registered in CloudCheckr. This call will return an ID for each account that can be used for the parameter ‘use_cc_account_id’ when making calls to the Admin-Level API. It will also include the AWS Account ID.

IMPORTANT: This call can only be made using Admin-Level Access Keys.

The preferred HTTP method for this call is GET.

XML call:

https://api.cloudcheckr.com/api/account.xml/get_accounts_v2?access_key=[access_key]

JSON call:

https://api.cloudcheckr.com/api/account.json/get_accounts_v2?access_key=[access_key]

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Admin-Level Access Key is required for this call.

OUTPUT

XML Example:

<GetAccountsResponse 
    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <accounts_and_users>
        <AccountAndUsernames>
            <account_name>AWS Account1</account_name>
            <cc_account_id>1</cc_account_id>
            <aws_account_id>123456789012</aws_account_id>
            <user_names>
                <string>user@domain.com</string>
            </user_names>
        </AccountAndUsernames>
    </accounts_and_users>
</GetAccountsResponse>

JSON Example:

{
  "accounts_and_users": [
    {
      "account_name": "AWS Account1",
      "cc_account_id": "1",
      "user_names":
       "aws_account_id":"123456789012"  [
        "user@domain.com"
      ]
    },
    {
      "account_name": "AWS Account2",
      "cc_account_id": "2",
      "user_names": 
      "aws_account_id":"234567890123"  [
        "user@domain.com"
      ]
    },
    {
      "account_name": "AWS Account3",
      "cc_account_id": "3",
      "user_names":
      "aws_account_id":"345678901234"   [
        "user@domain.com"
      ]
    }
  ]
}

GET ACCOUNTS V4

The API method “get_accounts_v4” is used to return a complete list of all AWS and Azure accounts registered in CloudCheckr. This call will return an ID for each account that can be used for the parameter ‘use_cc_account_id’ when making calls to the Admin-Level API. For AWS, it will include the AWS account ID and for Azure it will include the Subscription ID.

IMPORTANT: This call can only be made using Admin-Level Access Keys.

The preferred HTTP method for this call is GET.

XML call:

https://api.cloudcheckr.com/api/account.xml/get_accounts_v4?access_key=[access_key]

JSON call:

https://api.cloudcheckr.com/api/account.json/get_accounts_v4?access_key=[access_key]

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Admin-Level Access Key is required for this call.

OUTPUT

XML Example:

<GetAccountsResponse4 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
	<accounts_and_users>
		<AccountAndUsernames4>
            <account_name>AWS Account Name</account_name>
            <cc_account_id>1</cc_account_id>
            <user_names>
                <string>user@domain.com</string>
            </user_names>
            <aws_account_id>123456789012</aws_account_id>
            <externalId>CC-99999999999999999999999999999999</externalId>
        </AccountAndUsernames4>
	<AccountAndUsernames4>
            <account_name>Azure Subscription</account_name>
            <cc_account_id>2</cc_account_id>
            <user_names>
                <string>user@domain.com</string>
            </user_names>
            <externalId>CC-88888888888888888888888888888888</externalId>
            <azure_account_id>11111111-2222-3333-4444-555555555555</azure_account_id>
        </AccountAndUsernames4>
	</accounts_and_users>
</GetAccountsResponse4>

JSON Example:

{
    "accounts_and_users": [
	{
            "azure_account_id": null,
            "externalId": "CC-99999999999999999999999999999999",
            "aws_account_id": "123456789012",
            "account_name": "AWS Account Name",
            "cc_account_id": "1",
            "user_names": [
                "user@domain.com"
            ]
        },
	{
            "azure_account_id": "11111111-2222-3333-4444-555555555555",
            "externalId": "CC-88888888888888888888888888888888",
            "aws_account_id": null,
            "account_name": "Azure Subscription",
            "cc_account_id": "2",
            "user_names": [
                "user@domain.com"
            ]
        }		
    ]
}

GET ACCOUNT EMAIL SETTINGS

The API method “get_account_email_settings” is used to return a complete list of all email settings in a CloudCheckr account.

IMPORTANT: This call can only be made using Admin-Level Access Keys.

The preferred HTTP method for this call is GET.

XML call:

https://api.cloudcheckr.com/api/billing.xml/get_account_email_settings?access_key=[access_key]&use_account=[use_account]

JSON call:

https://api.cloudcheckr.com/api/billing.json/get_account_email_settings?access_key=[access_key]&use_account=[use_account]

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Admin-Level Access Key is required for this call.
  • use_account (optional) – The name of the account you are making the call for, where the name is the name of the account added in CloudCheckr.
  • use_cc_account_id (optional) – The CloudCheckr ID of the account you are making the call for.
  • use_aws_account_id (optional) – The ID of the AWS account in question.

OUTPUT

XML Example:

<GetAccountEmailSettingsResponse 
    xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <accounts_and_email_settings>
        <AccountAndEmailSettings>
            <ProjectName>Account_Name_Example</ProjectName>
            <EmailReportRecipients>
                <EmailAddresses>email1@cloudcheckr.com, email2@cloudcheckr.com</EmailAddresses>
            </EmailReportRecipients>
            <AlertEmailSettings>
                <EnableDailyCostAlert>true</EnableDailyCostAlert>
                <AwsCostThreshold>10</AwsCostThreshold>
                <EnableAwsHealthAlerts>false</EnableAwsHealthAlerts>
                <EnableAwsHealthAlertsIfAffects>true</EnableAwsHealthAlertsIfAffects>
            </AlertEmailSettings>
            <DailyEmailSettings>
                <EnableDailyChangeMonitoring>false</EnableDailyChangeMonitoring>
                <EnableDailyBestPractice>false</EnableDailyBestPractice>
                <EnableDailyBillForceUsingCloudWatch>false</EnableDailyBillForceUsingCloudWatch>
                <EnableDailyAwsConsolidatedBillingSummary>true</EnableDailyAwsConsolidatedBillingSummary>
                <EnableDailyChangeMonitoringAwsConfig>false</EnableDailyChangeMonitoringAwsConfig>
                <EnableAutomation>false</EnableAutomation>
                <EnableImproperlyTaggedResources>false</EnableImproperlyTaggedResources>
                <EnableDailyCloudTrailSummary>false</EnableDailyCloudTrailSummary>
                <DailyBestPracticeEmailSettings>
                    <EnableHighImportance>false</EnableHighImportance>
                    <EnableMediumImportance>false</EnableMediumImportance>
                    <EnableLowImportance>false</EnableLowImportance>
                    <EnableInformationalImportance>false</EnableInformationalImportance>
                    <EnableSecurityType>false</EnableSecurityType>
                    <EnableCostType>false</EnableCostType>
                    <EnableUsageType>false</EnableUsageType>
                    <EnableAvailabilityType>false</EnableAvailabilityType>
                    <EnableTrustedAdvisorType>false</EnableTrustedAdvisorType>
                </DailyBestPracticeEmailSettings>
            </DailyEmailSettings>
            <WeeklyEmailSettings>
                <EnableWeeklyInventory>true</EnableWeeklyInventory>
                <EnableWeeklyS3Summary>true</EnableWeeklyS3Summary>
                <EnableWeeklyEc2Trend>true</EnableWeeklyEc2Trend>
                <EnableWeeklyS3Trend>false</EnableWeeklyS3Trend>
                <EnableWeeklyEc2Utilization>true</EnableWeeklyEc2Utilization>
                <EnableWeeklyBestPractice>false</EnableWeeklyBestPractice>
                <WeeklyBestPracticeEmailSettings>
                    <EnableHighImportanceWeekly>false</EnableHighImportanceWeekly>
                    <EnableMediumImportanceWeekly>false</EnableMediumImportanceWeekly>
                    <EnableLowImportanceWeekly>false</EnableLowImportanceWeekly>
                    <EnableInformationalImportanceWeekly>false</EnableInformationalImportanceWeekly>
                    <EnableSecurityTypeWeekly>false</EnableSecurityTypeWeekly>
                    <EnableCostTypeWeekly>false</EnableCostTypeWeekly>
                    <EnableUsageTypeWeekly>false</EnableUsageTypeWeekly>
                    <EnableAvailabilityTypeWeekly>false</EnableAvailabilityTypeWeekly>
                </WeeklyBestPracticeEmailSettings>
            </WeeklyEmailSettings>
            <MonthlyEmailSettings>
                <EnableMonthlyCost>false</EnableMonthlyCost>
                <EnableMonthlyAwsConsolidatedBillingSummary>false</EnableMonthlyAwsConsolidatedBillingSummary>
                <EnableMonthlyBestPractice>false</EnableMonthlyBestPractice>
                <DaysSelectedMonthly />
                <MonthlyBestPracticeEmailSettings>
                    <EnableHighImportanceMonthly>false</EnableHighImportanceMonthly>
                    <EnableMediumImportanceMonthly>false</EnableMediumImportanceMonthly>
                    <EnableLowImportanceMonthly>false</EnableLowImportanceMonthly>
                    <EnableInformationalImportanceMonthly>false</EnableInformationalImportanceMonthly>
                    <EnableSecurityTypeMonthly>false</EnableSecurityTypeMonthly>
                    <EnableCostTypeMonthly>false</EnableCostTypeMonthly>
                    <EnableUsageTypeMonthly>false</EnableUsageTypeMonthly>
                    <EnableAvailabilityTypeMonthly>false</EnableAvailabilityTypeMonthly>
                </MonthlyBestPracticeEmailSettings>
            </MonthlyEmailSettings>
        </AccountAndEmailSettings>
    </accounts_and_email_settings>
</GetAccountEmailSettingsResponse>

JSON Example:

{
  "GetAccountEmailSettingsResponse": {
    "accounts_and_email_settings": {
      "AccountAndEmailSettings": {
        "ProjectName": "Account_Name_Example",
        "EmailReportRecipients": {
          "EmailAddresses": "email1@cloudcheckr.com, email2@cloudcheckr.com"
        },
        "AlertEmailSettings": {
          "EnableDailyCostAlert": "true",
          "AwsCostThreshold": "10",
          "EnableAwsHealthAlerts": "false",
          "EnableAwsHealthAlertsIfAffects": "true"
        },
        "DailyEmailSettings": {
          "EnableDailyChangeMonitoring": "false",
          "EnableDailyBestPractice": "false",
          "EnableDailyBillForceUsingCloudWatch": "false",
          "EnableDailyAwsConsolidatedBillingSummary": "true",
          "EnableDailyChangeMonitoringAwsConfig": "false",
          "EnableAutomation": "false",
          "EnableImproperlyTaggedResources": "false",
          "EnableDailyCloudTrailSummary": "false",
          "DailyBestPracticeEmailSettings": {
            "EnableHighImportance": "false",
            "EnableMediumImportance": "false",
            "EnableLowImportance": "false",
            "EnableInformationalImportance": "false",
            "EnableSecurityType": "false",
            "EnableCostType": "false",
            "EnableUsageType": "false",
            "EnableAvailabilityType": "false",
            "EnableTrustedAdvisorType": "false"
          }
        },
        "WeeklyEmailSettings": {
          "EnableWeeklyInventory": "true",
          "EnableWeeklyS3Summary": "true",
          "EnableWeeklyEc2Trend": "true",
          "EnableWeeklyS3Trend": "false",
          "EnableWeeklyEc2Utilization": "true",
          "EnableWeeklyBestPractice": "false",
          "WeeklyBestPracticeEmailSettings": {
            "EnableHighImportanceWeekly": "false",
            "EnableMediumImportanceWeekly": "false",
            "EnableLowImportanceWeekly": "false",
            "EnableInformationalImportanceWeekly": "false",
            "EnableSecurityTypeWeekly": "false",
            "EnableCostTypeWeekly": "false",
            "EnableUsageTypeWeekly": "false",
            "EnableAvailabilityTypeWeekly": "false"
          }
        },
        "MonthlyEmailSettings": {
          "EnableMonthlyCost": "false",
          "EnableMonthlyAwsConsolidatedBillingSummary": "false",
          "EnableMonthlyBestPractice": "false",
          "DaysSelectedMonthly": "",
          "MonthlyBestPracticeEmailSettings": {
            "EnableHighImportanceMonthly": "false",
            "EnableMediumImportanceMonthly": "false",
            "EnableLowImportanceMonthly": "false",
            "EnableInformationalImportanceMonthly": "false",
            "EnableSecurityTypeMonthly": "false",
            "EnableCostTypeMonthly": "false",
            "EnableUsageTypeMonthly": "false",
            "EnableAvailabilityTypeMonthly": "false"
          }
        }
      }
    },
    "_xmlns:xsd": "http://www.w3.org/2001/XMLSchema",
    "_xmlns:xsi": "http://www.w3.org/2001/XMLSchema-instance"
  }
}

GET USERS V2

The API method “get_users_v2” is used to return a complete list of all CloudCheckr users, their created and last login dates, and details regarding the accounts they can access.

IMPORTANT: This call can only be made using Admin-Level Access Keys.

The preferred HTTP method for this call is GET.

XML call:

https://api.cloudcheckr.com/api/account.xml/get_users_v2?access_key=[access_key]

JSON call:

https://api.cloudcheckr.com/api/account.json/get_users_v2?access_key=[access_key]

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Admin-Level Access Key is required for this call.
  • email – Allows filtering to user email. Will return all users if parameter not present.

OUTPUT

XML Example:

<GetUsersResponseV2
	xmlns:xsd="http://www.w3.org/2001/XMLSchema"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
	<user_permissions>
		<UserPermission>
			<email>testemail@cloudcheckr.com</email>
			<created>7/13/2016 6:38:05 PM</created>
			<last_login>7/14/2016 7:34:53 PM</last_login>
			<role>BasicUser</role>
			<logon_rules>
				<LogOnRule>
					<rule>forms</rule>
					<is_granted>yes</is_granted>
				</LogOnRule>
				<LogOnRule>
					<rule>sso</rule>
					<is_granted>no</is_granted>
				</LogOnRule>
				<LogOnRule>
					<rule>ldap</rule>
					<is_granted>yes</is_granted>
				</LogOnRule>
			</logon_rules>
			<account_permissions>
				<AccountPermission>
					<account>My_Sample_Account1</account>
					<permissions>
						<PermissionItem>
							<permission_name>cost_report</permission_name>
							<is_granted>no</is_granted>
						</PermissionItem>
						<PermissionItem>
							<permission_name>blended_cost</permission_name>
							<is_granted>no</is_granted>
						</PermissionItem>
						<PermissionItem>
							<permission_name>credits</permission_name>
							<is_granted>no</is_granted>
						</PermissionItem>
						<PermissionItem>
							<permission_name>resource_utilization_reports</permission_name>
							<is_granted>no</is_granted>
						</PermissionItem>
						<PermissionItem>
							<permission_name>trending_reports</permission_name>
							<is_granted>no</is_granted>
						</PermissionItem>
						<PermissionItem>
							<permission_name>change_monitoring</permission_name>
							<is_granted>no</is_granted>
						</PermissionItem>
						<PermissionItem>
							<permission_name>best_practices</permission_name>
							<is_granted>no</is_granted>
						</PermissionItem>
						<PermissionItem>
							<permission_name>unblended_cost</permission_name>
							<is_granted>no</is_granted>
						</PermissionItem>
						<PermissionItem>
							<permission_name>list_cost</permission_name>
							<is_granted>no</is_granted>
						</PermissionItem>
						<PermissionItem>
							<permission_name>edit_emails</permission_name>
							<is_granted>no</is_granted>
						</PermissionItem>
						<PermissionItem>
							<permission_name>automation</permission_name>
							<is_granted>no</is_granted>
						</PermissionItem>
						<PermissionItem>
							<permission_name>alert_reports</permission_name>
							<is_granted>yes</is_granted>
						</PermissionItem>
						<PermissionItem>
							<permission_name>security_reports</permission_name>
							<is_granted>no</is_granted>
						</PermissionItem>
						<PermissionItem>
							<permission_name>inventory_reports</permission_name>
							<is_granted>no</is_granted>
						</PermissionItem>
						<PermissionItem>
							<permission_name>savings_reports</permission_name>
							<is_granted>no</is_granted>
						</PermissionItem>
						<PermissionItem>
							<permission_name>account_notification</permission_name>
							<is_granted>no</is_granted>
						</PermissionItem>
						<PermissionItem>
							<permission_name>partner_tools</permission_name>
							<is_granted>no</is_granted>
						</PermissionItem>
						<PermissionItem>
							<permission_name>edit_partner_tools</permission_name>
							<is_granted>no</is_granted>
						</PermissionItem>
					</permissions>
				</AccountPermission>
			</account_permissions>
		</UserPermission>

JSON Example:

{
			"GetUsersResponseV2": {
				"user_permissions": {
					"UserPermission": {
						"email": "testemail@cloudcheckr.com",
						"created": "7/13/2016 6:38:05 PM",
						"last_login": "7/14/2016 7:34:53 PM",
						"role": "BasicUser",
						"logon_rules": {
							"LogOnRule": [
								{
									"rule": "forms",
									"is_granted": "yes"
								},
								{
									"rule": "sso",
									"is_granted": "no"
								},
								{
									"rule": "ldap",
									"is_granted": "yes"
								}
							]
						},
						"account_permissions": {
							"AccountPermission": {
								"account": "My_Sample_Account1",
								"permissions": {
									"PermissionItem": [
										{
											"permission_name": "cost_report",
											"is_granted": "no"
										},
										{
											"permission_name": "blended_cost",
											"is_granted": "no"
										},
										{
											"permission_name": "credits",
											"is_granted": "no"
										},
										{
											"permission_name": "resource_utilization_reports",
											"is_granted": "no"
										},
										{
											"permission_name": "trending_reports",
											"is_granted": "no"
										},
										{
											"permission_name": "change_monitoring",
											"is_granted": "no"
										},
										{
											"permission_name": "best_practices",
											"is_granted": "no"
										},
										{
											"permission_name": "unblended_cost",
											"is_granted": "no"
										},
										{
											"permission_name": "list_cost",
											"is_granted": "no"
										},
										{
											"permission_name": "edit_emails",
											"is_granted": "no"
										},
										{
											"permission_name": "automation",
											"is_granted": "no"
										},
										{
											"permission_name": "alert_reports",
											"is_granted": "yes"
										},
										{
											"permission_name": "security_reports",
											"is_granted": "no"
										},
										{
											"permission_name": "inventory_reports",
											"is_granted": "no"
										},
										{
											"permission_name": "savings_reports",
											"is_granted": "no"
										},
										{
											"permission_name": "account_notification",
											"is_granted": "no"
										},
										{
											"permission_name": "partner_tools",
											"is_granted": "no"
										},
										{
											"permission_name": "edit_partner_tools",
											"is_granted": "no"
										}
									]
								}
							}
						}
					}
				},
				"_xmlns:xsd": "http://www.w3.org/2001/XMLSchema",
				"_xmlns:xsi": "http://www.w3.org/2001/XMLSchema-instance"
			}
		}
	}
}

TAG ACCOUNT

The API method “tag_account” is used to apply a tag to an account, which can then be used to build Multi-Account Views.

The preferred HTTP method for this call is POST.

XML call:

https://api.cloudcheckr.com/api/account.xml/tag_account?access_key=[access_key]&account_name=MyAccountName&account_tag=MyTag

JSON call:

https://api.cloudcheckr.com/api/account.json/tag_account?access_key=[access_key]&account_name=MyAccountName&account_tag=MyTag

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – standard Access Key required for all API calls.
  • account_name (required) – name of the account the tag will be applied to.
  • account_tag (required) – name of the tag that will be added to the account.

OUTPUT

XML & JSON Example:

{"Code":200,"Message":"OK"}

UNTAG ACCOUNT

The API method “untag_account” is used to remove a tag from an account. If a Multi-Account View is utilizing the removed tag, the account will no longer be included within its reports.

The preferred HTTP method for this call is POST.

XML call:

https://api.cloudcheckr.com/api/account.xml/untag_account?access_key=[access_key]&account_name=MyAccountName&account_tag=MyTag

JSON call:

https://api.cloudcheckr.com/api/account.json/untag_account?access_key=[access_key]&account_name=MyAccountName&account_tag=MyTag

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – standard Access Key required for all API calls.
  • account_name (required) – name of the account which has the tag.
  • account_tag (required) – name of the tag that will be removed from the account.

OUTPUT

XML & JSON Example:

{"Code":200,"Message":"OK"}

GET ALERTS

The API method “get_alerts” is used to programmatically retrieve the list of configured alerts within an account.

The preferred HTTP method for this call is GET.

XML call:

https://api.cloudcheckr.com/api/alert.xml/get_alerts?access_key=[access_key]

JSON call:

https://api.cloudcheckr.com/api/alert.json/get_alerts?access_key=[access_key]

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) (admin level) – Admin-level Access Key required for all API calls.
  • enabled_only (optional)- retreive all the alerts that are currently enabled for the project. Accepts true/false
  • get_tagged_account_alerts (optional) – retreive all the alerts that are configured for every tagged project. Accepts true/false
  • use_account (required for admin API key) – The specific account you wish to query.
  • use_cc_account_id (required when using Admin API Access Key) – The CloudCheckr ID of the account you are making the call for. The ID is returned when using the method ‘account/add_accountv2′ to register the account in CloudCheckr.

OUTPUT

XML Example:

<Account>
<AccountName>Test AWS Prod</AccountName>
<Alerts>
  <Alert>
      <Name>Test Login Prod</Name>
      <Emails<support@cloudcheckr.com</Emails>
      <Enabled<false</Enabled>
      <BuiltIn<false</BuiltIn>
</Alert>
<Alert>
    <Name<Root Login Prod</Name>
    <Emails<support@cloudcheckr.com</Emails>
    <Enabled<false</Enabled>
    <BuiltIn<false</BuiltIn>
</Alert>
</Alerts>
</Account>

JSON Example:

{"Accounts":
              [{"AccountName":"Test AWS Prod",
                "Alerts":
                    [{"Name":"Test Login Prod",
                      "Emails":"support@cloudcheckr.com",
                      "RiskLevel":null,
                      "Description":null,
                      "Enabled":false,
                      "BuiltIn":false},
                    {"Name":"Root Login Prod",
                        "Emails":"support@cloudcheckr.com",
                        "RiskLevel":null,
                        "Description":null,
                        "Enabled":false,
                        "BuiltIn":false}
                        ]
                      }
                    ]}

GET ACCOUNT LEVEL TAGS v2

The API method “get_account_level_tags_v2”, returns enabled account-level tags in three ways:

When called with only an access key, the call returns all account-level tags enabled in this customer, grouped by project name.

When called with a general account specified, the call returns all account-level tags enabled on that general account.

When called with a Multi-Account View specified, the call returns a list of accounts associated with the MAV and all enabled tags in the MAV.

Using call against general accounts:

The preferred HTTP method for this call is GET.

XML call:

https://api.cloudcheckr.com/api/account.xml/get_account_level_tags_v2?access_key=[access_key]

JSON call:

https://api.cloudcheckr.com/api/account.json/get_account_level_tags_v2?access_key=[access_key]

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Admin-Level Access Key is required for this call.
  • use_account (optional) – Account name is used here; returns enabled account-level tags from specific account(s).

OUTPUT

XML Example:

<AccountLevelTagsReponse
      xmlns:xsd="http://www.w3.org/2001/XMLSchema"
      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
      <AccountItems>
           <AccountItem>
                <AccountName>My General Account Name</AccountName>
                <TagsNames>
                     <string>MyAccountLevelTag1</string>
                     <string>MyAccountLevelTag2</string>
                </TagsNames>
           </AccountItem>
      </AccountItems>
 </AccountLevelTagsReponse>

JSON Example:

{
 "AccountLevelTagsReponse": {
   "-xmlns:xsd": "http://www.w3.org/2001/XMLSchema",
   "-xmlns:xsi": "http://www.w3.org/2001/XMLSchema-instance",
     "AccountItems": {
       "AccountItem": {
         "AccountName": "My General Account Name",
         "TagsNames": {
           "string": [
             "MyAccountLevelTag1",
             "MyAccountLevelTag2"
           ]
         }
       }
     }
   }
 }

 

Using the call against Multi-Account Views:

XML call:

https://api.cloudcheckr.com/api/account.xml/get_account_level_tags_v2?access_key=[access_key]&use_account=[MAV account name]

JSON call:

https://api.cloudcheckr.com/api/account.json/get_account_level_tags_v2?access_key=[access_key]&use_account=[MAV account name]

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Admin-Level Access Key is required for this call.
  • use_account (required)- Account name is used here; returns enabled account-level tags from MAV account(s).

OUTPUT

XML Example:

<AccountLevelTagsReponse
      xmlns:xsd="http://www.w3.org/2001/XMLSchema"
      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
      <AccountItems>
           <AccountItem>
                <AccountName>My MAV Account Name</AccountName>
                <TagsNames>
                     <string>MyAccountLevelTag1</string>
                     <string>MyAccountLevelTag2</string>
                </TagsNames>
           </AccountItem>
      </AccountItems>
 </AccountLevelTagsReponse>

JSON Example:

{
 "AccountLevelTagsReponse": {
   "-xmlns:xsd": "http://www.w3.org/2001/XMLSchema",
   "-xmlns:xsi": "http://www.w3.org/2001/XMLSchema-instance",
     "AccountItems": {
       "AccountItem": {
         "AccountName": "My MAV Account Name",
         "TagsNames": {
           "string": [
             "MyAccountLevelTag1",
             "MyAccountLevelTag2"
           ]
         }
       }
     }
   }
 }

 


ADD API KEY

The API method “add_api_key” is used to create a new CloudCheckr API key for a specific account. NOTE: You cannot create Admin-Level API Keys with this method.

The preferred HTTP method for this call is POST.

XML call:

https://api.cloudcheckr.com/api/account.xml/add_api_key?access_key=[access_key]&accounts=[account_name]

JSON call:

https://api.cloudcheckr.com/api/account.json/add_api_key?access_key=[access_key]&accounts=[account_name]

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – standard Access Key required for all API calls.
  • accounts (required) – name(s) of the account(s) an API key is being created for. Accepts multiple accounts.

OUTPUT

XML Example:

<AddApiKeyResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <CreationStatuses>
        <string>
Created access key for Account: [ACCOUNT] Key: [ACCESS_KEY]
</string>
    </CreationStatuses>
</AddApiKeyResponse>

JSON Example:

{
   "CreationStatuses":[
      "Created access key for Account: [ACCOUNT] Key: [ACCESS_KEY]"
   ]
}

FIND AWS RESOURCES

The API method “find_resources” is used to search and locate a resource in any of the AWS accounts you have configured in CloudCheckr.

XML call:

https://api.cloudcheckr.com/api/inventory.xml/find_resources?access_key=[access_key]&resource_type=EC2&resource_id=i-01a2b3c4

JSON call:

https://api.cloudcheckr.com/api/inventory.json/find_resources?access_key=[access_key]&resource_type=EC2&resource_id=i-01a2b3c4

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Admin-Level Access Key required for all API calls.
  • resource_key (required) – One of the following resource types: EC2, S3, EMR, RDS, IP Address
  • resource_id (required) – the instance id, bucket name, database name, cluster name, or IP Address for the resource you are searching for

OUTPUT

XML Example:

<GetResourcesResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
   <ResourceAccounts>
      <ResourceAccount>
         <account_name>YourAccountName</account_name>
      </ResourceAccount>
   </ResourceAccounts>
</GetResourceAccountsResponse>

JSON Example:

{
   "ResoureAccounts":[{"account_name":"YourAccountName"}]
}

DELETE TAG

The API method “delete_tag” is used to delete an account-level tag in Multi-Account Views.

The preferred HTTP method for this call is POST.

XML call:

https://api.cloudcheckr.com/api/account.xml/delete_tag?access_key=[access_key]&account_name=MyAccountName&tag_name=MyAccountLevelTagName

JSON call:

https://api.cloudcheckr.com/api/account.json/delete_tag?access_key=[access_key]&account_name=MyAccountName&tag_name=MyAccountLevelTagName

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Admin-Level Access Key required for all API calls.
  • account_name (required) – name of the account that contains the tag.
  • account_tag (required) – name of the tag that will be deleted.

OUTPUT

XML & JSON Example:

{"Code":200,"Message":"OK"}

ADD TAG

The API method “tag_account” is used to create an account-level tag, enable the account-level tag, and apply this tag to account(s), which can then be used to build Multi-Account Views.

The preferred HTTP method for this call is POST.

XML call:

https://api.cloudcheckr.com/api/account.xml/add_tag?access_key=[access_key]&account_name=MyAccountName&tag_name=MyAccountLevelTagName&accounts=MyAccount1,MyAccount2

JSON call:

https://api.cloudcheckr.com/api/account.json/add_tag?access_key=[access_key]&account_name=MyAccountName&tag_name=MyAccountLevelTagName&accounts=MyAccount1,MyAccount2

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Admin-Level Access Key required for all API calls.
  • tag_name (required) – name of the account-level tag.
  • account_name (required) – name of the account the tag will be applied to.
  • accounts (required) – name(s) of the accounts that will be added to the tag. Multiple accounts must be separated by a commma e.g. “,”.

OUTPUT

XML & JSON Example:

{"Code":200,"Message":"OK"}


 COPY USER

The API method “copy_user” is used to create a new CloudCheckr user with the exact permissions as an existing user.

IMPORTANT: This call can only be made using Admin-Level Access Keys.

The preferred HTTP method for this call is POST.

XML call:

https://api.cloudcheckr.com/api/account.xml/copy_user?access_key=[access_key]&email_to_copy=[existing_user_email]&emails=[new_user_email]

JSON call:

https://api.cloudcheckr.com/api/account.json/copy_user?access_key=[access_key]&email_to_copy=[existing_user_email]&emails=[new_user_email]

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Admin-Level Access Key is required for this call.
  • email_to_copy (required) – The email address of the existing user.
  • emails (required) – The email address(es) of the new user(s).
  • use_account (required — either this field or ‘use_cc_account_id’) – The name of the AWS account within CloudCheckr.
  • use_cc_account_id (required — either this field or ‘use_account’) – The CloudCheckr ID number for the AWS account within the application.

You can also use this call to add multiple users at once. Simply include all of the emails required, separated by commas.

OUTPUT

XML Example:

<?xml version="1.0" encoding="UTF-8"?>
<CopyUserResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
   <CreationStatuses>
      <string>Created new user with email: mytest@mytest.me</string>
   </CreationStatuses>
</CopyUserResponse>

JSON Example:

{
    "CreationStatuses": [
        "Created new user with email: mytest@mytest.me"
    ]
}

EDIT CREDENTIAL

The API method “edit_credential” is used change the AWS credentials on an AWS account that has been registered with CloudCheckr.

IMPORTANT: This call can only be made using Admin-Level Access Keys.

The preferred HTTP method for this call is POST.

XML call:

https://api.cloudcheckr.com/api/account.xml/edit_credential?access_key=[access_key]&aws_access_key=[aws_access_key]&aws_secret_key=[aws_secret_key]&use_account=[account_name]

JSON call:

https://api.cloudcheckr.com/api/account.json/edit_credential?access_key=[access_key]&aws_access_key=[aws_access_key]&aws_secret_key=[aws_secret_key]&use_account=[account_name]

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Admin-Level Access Key is required for this call.
  • aws_access_key (required) – New AWS Access Key.
  • aws_secret_key (required) – New AWS Secret Key.
  • aws_role_arn (required) – New AWS role arn.
  • use_account (required — either this field or ‘use_cc_account_id’) – The name of the AWS account within CloudCheckr that will have its credentials changed.
  • use_cc_account_id (required — either this field or ‘use_account’) – The CloudCheckr ID number for the AWS account within the application.

Note: When using edit_credential, you will identify which AWS account to edit by using either use_account or use_cc_account_id. Also, you will either edit the credential to an access/secret key OR a role arn.

OUTPUT

XML & JSON Example:

{"Code":200,"Message":"OK"}

EDIT ACCOUNT EMAIL SETTINGS

The API method “edit_account_email_settings” is used to configure a CloudCheckr account’s primary email address(es) for delivery of report emails.

IMPORTANT: This call can only be made using Admin-Level Access Keys.

The preferred HTTP method for this call is POST.

XML call:

https://api.cloudcheckr.com/api/account.xml/edit_account_email_settings?access_key=[access_key]&use_account=[account_name]&emails=[email_address]&alert_health_all=1

JSON call:

https://api.cloudcheckr.com/api/account.json/edit_account_email_settings?access_key=[access_key]&use_account=[account_name]&emails=[email_address]&alert_health_all=1

INPUT PARAMETERS

This call accepts these parameters:

Note: If you want a report email to be enabled, you must always explicitly define it as enabled. If you omit a report email parameter (e.g. best_practices), then the result for that report email will default to false.

Also, when using edit_account_email_settings, you will identify which AWS account to edit by using either use_account or use_cc_account_id.

  • access_key (required) – Admin-Level Access Key is required for this call.
  • use_account (required — either this field or ‘use_cc_account_id’) – The name of the AWS account within CloudCheckr that will have its credentials changed.
  • use_cc_account_id (required — either this field or ‘use_account’) – The CloudCheckr ID number for the AWS account within the application.
  • emails (required) – The email address(es) to be added as the primary recipient(s) for this account.
  • alert_daily_billing (required) – true or false or 1 or 0 values
  • alert_health_affected (required) – true or false or 1 or 0 values
  • alert_health_all (required) – true or false or 1 or 0 values
  • change_monitoring (required) – true or false or 1 or 0 values
  • best_practices (required) – true or false or 1 or 0 values
  • daily_bill_summary (required) – true or false or 1 or 0 values
  • monthly_bill_summary (required) – true or false or 1 or 0 values
  • daily_consolidated_bill_summary (required) – true or false or 1 or 0 values
  • monthly_consolidated_bill_summary (required) – true or false or 1 or 0 values
  • inventory_summary_report (required) – true or false or 1 or 0 values
  • ec2_trending_report (required) – true or false or 1 or 0 values
  • s3_summary_report (required) – true or false or 1 or 0 values
  • ec2_resource_utilization_report (required) – true or false or 1 or 0 values

OUTPUT

XML & JSON Example:

{"Code":200,"Message":"OK"}

CREATE ACCOUNT FAMILY

The API method “create_account_family” is used to create a new account family in a CloudCheckr payer account.

Sample XML call:

https://api.cloudcheckr.com/api/billing.xml/create_account_family?access_key=[access_key]&use_account=[use_account]&name=[name]&accounts=[accounts]

Sample JSON call:

https://api.cloudcheckr.com/api/billing.json/create_account_family?access_key=[access_key]&use_account=[use_account]&name=[name]&accounts=[accounts]

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Admin Level Access Key required for all API calls.
  • use_account (required) – The name of the account you are making the call for, where the name is the name of the account added in CloudCheckr.
  • use_cc_account_id (required — either use this or ‘use_account’) – The CloudCheckr ID of the account you are making the call for. The ID is returned when using the method ‘account/add_accountv3′ to register the account in CloudCheckr.
  • name (required) – The name for the new Account Family.
  • accounts (required) – Comma separated list of AWS Account IDs to link to the Account Family.
  • email – Email address associated with the Account Family.
  • address – Mailing address associated with the Account Family.
  • additional_info – Text in the “Additional Info” box in the Account Family.
  • recalculate_support_charges – Recalculate AWS Support charges. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • suppress_support_charges – Suppress AWS Support charges. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • do_not_enforce_minimum_charge – Ignore the $100 minimum AWS Support charge. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • invoice_id – The custom invoice id to be displayed on an invoice.
  • create_mav_for_family – Create or delete a MAV based on this account family. Accepts “yes”, “1”, “y”, “no, “0”, “n”.

OUTPUT

XML & JSON Example:

{"Code":200,"Message":"OK"}

MODIFY ACCOUNT FAMILY

The API method “modify_account_family” is used to modify an existing account family in a CloudCheckr payer account.

Sample XML call:

https://api.cloudcheckr.com/api/billing.xml/modify_account_family?access_key=[access_key]&use_account=[use_account]&name=[name]&accounts=[accounts]

Sample JSON call:

https://api.cloudcheckr.com/api/billing.json/modify_account_family?access_key=[access_key]&use_account=[use_account]&name=[name]&accounts=[accounts]

INPUT PARAMETERS

This call accepts these parameters. Note: The ‘name’ of the Account Family must already exist in CloudCheckr. All parameters given will overwrite the current configuration.

  • access_key (required) – Admin Level Access Key required for all API calls.
  • use_account (required) – The name of the account you are making the call for, where the name is the name of the account added in CloudCheckr.
  • use_cc_account_id (required — either use this or ‘use_account’) – The CloudCheckr ID of the account you are making the call for. The ID is returned when using the method ‘account/add_accountv3′ to register the account in CloudCheckr.
  • name (required) – The name of the Account Family.
  • accounts (required) – Comma separated list of AWS Account IDs to link to the Account Family.
  • email – Email address associated with the Account Family.
  • address – Mailing address associated with the Account Family.
  • additional_info – Text in the “Additional Info” box in the Account Family.
  • recalculate_support_charges – Recalculate AWS Support charges. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • suppress_support_charges – Suppress AWS Support charges. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • do_not_enforce_minimum_charge – Ignore the $100 minimum AWS Support charge. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • invoice_id – The custom invoice id to be displayed on an invoice.
  • create_mav_for_family – Create or delete a MAV based on this account family. Accepts “yes”, “1”, “y”, “no, “0”, “n”.

OUTPUT

XML & JSON Example:

{"Code":200,"Message":"OK"}

DELETE ACCOUNT FAMILY

The API method “delete_account_family” is used to delete an existing account family in a CloudCheckr payer account.

Sample XML call:

https://api.cloudcheckr.com/api/billing.xml/delete_account_family?access_key=[access_key]&use_account=[use_account]&name=[name]

Sample JSON call:

https://api.cloudcheckr.com/api/billing.json/delete_account_family?access_key=[access_key]&use_account=[use_account]&name=[name]=[accounts]

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Admin Level Access Key required for all API calls.
  • use_account (required) – The name of the account you are making the call for, where the name is the name of the account added in CloudCheckr.
  • use_cc_account_id (required — either use this or ‘use_account’) – The CloudCheckr ID of the account you are making the call for. The ID is returned when using the method ‘account/add_accountv3′ to register the account in CloudCheckr.
  • name (required) – The name of the Account Family to be deleted.

OUTPUT

XML & JSON Example:

{"Code":200,"Message":"OK"}

GET ACCOUNT FAMILY v2

The API method “get_account_family” is used to return a complete list of all account families in a CloudCheckr payer account.

Sample XML call:

https://api.cloudcheckr.com/api/billing.xml/get_account_family?access_key=[access_key]&use_account=[use_account]&name=[name]

Sample JSON call:

https://api.cloudcheckr.com/api/billing.json/get_account_family?access_key=[access_key]&use_account=[use_account]&name=[name]

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Admin Level Access Key required for all API calls.
  • use_account (required) – The name of the account you are making the call for, where the name is the name of the account added in CloudCheckr.
  • use_cc_account_id (required — either use this or ‘use_account’) – The CloudCheckr ID of the account you are making the call for.
  • name (optional) – The name for the Account Family in question.
  • use_aws_account_id (optional) – The ID of the AWS account in question.

OUTPUT

XML Example:

<GetAccountFamilyResponse 
	xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <Code>0</Code>
    <AccountFamilies>
        <AccountFamily>
            <Name>123456789 (AccountFamilyExample)</Name>
            <Accounts>
                <string>123456789 (AccountFamilyExample)</string>
            </Accounts>
        </AccountFamily>
    </AccountFamilies>
    <UnmappedAccounts>
        <string>9876543210 (UnmappedAccountExample)</string>
    </UnmappedAccounts>
</GetAccountFamilyResponse>

JSON Example:

{
  "GetAccountFamilyResponse": {
    "Code": "0",
    "AccountFamilies": {
      "AccountFamily": {
        "Name": "123456789 (AccountFamilyExample)",
        "Accounts": {
          "string": "123456789 (AccountFamilyExample)"
        }
      }
    },
    "UnmappedAccounts": {
      "string": "9876543210 (UnmappedAccountExample)"
    },
    "_xmlns:xsd": "http://www.w3.org/2001/XMLSchema",
    "_xmlns:xsi": "http://www.w3.org/2001/XMLSchema-instance"
  }
}

BILLING – MODIFY ACCOUNT FAMILY COPY DBR

The API method “modify_account_family_copy_dbr” is used to modify an existing account family’s “Copy DBR” configuration in a CloudCheckr payer account.

Sample XML call:

https://api.cloudcheckr.com/api/billing.xml/modify_account_family_copy_dbr?access_key=[access_key]&account_family_name=[account_family_name]&bucket_name=[bucket_name]&cost_type=[cost_type]&include_all_tags=[y]&aws_role_arn=[aws_role_arn]&use_cc_account_id=[cc_account_id]

Sample JSON call:

https://api.cloudcheckr.com/api/billing.json/modify_account_family_copy_dbr?access_key=[access_key]&account_family_name=[account_family_name]&bucket_name=[bucket_name]&cost_type=[cost_type]&include_all_tags=[y]&aws_role_arn=[aws_role_arn]&use_cc_account_id=[cc_account_id]

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Admin Level Access Key required for all API calls.
  • account_family_name (required) – The name of the account family to perform the action on.
  • bucket_name (required) – The name of the S3 bucket that the DBR will be copied to.
  • cost_type (required) – Amazon or Custom. ‘Amazon’ cost will create Blended and Unblended; ‘Custom’ will create Custom (aka List) cost.
  • include_all_tags (required) – A “YES” will copy ALL tag columns from payer DBR (even if no data). A “NO” will copy only tag columns with data. Accepts “yes”, “1”, “y”, “no, “0”, “n”.
  • aws_use_account_upload (required) – The CloudCheckr account name to use for uploading the DBR.
  • use_account (required) – The name of the account you are making the call for, where the name is the name of the account added in CloudCheckr.
  • use_cc_account_id (required — either use this or ‘use_account’) – The CloudCheckr ID of the account you are making the call for. The ID is returned when using the method ‘account/add_accountv3′ to register the account in CloudCheckr.

OUTPUT

XML & JSON Example:

{"Code":200,"Message":"OK"}

BILLING & COST MANAGEMENT DASHBOARD

The API method “get_billing_dashboard_v2” is used to export the Billing Dashboard.

XML call:

https://api.cloudcheckr.com/api/billing.xml/get_billing_dashboard_v2?access_key=[access_key]

JSON call:

https://api.cloudcheckr.com/api/billing.json/get_billing_dashboard_v2?access_key=[access_key]

INPUT PARAMETERS

This call accepts these parameters:

  • access_key (required) – Standard Access Key required for all API calls
  • cost_type (optional) – Can use Blended, Unblended, or List. Defaults to Blended if not given.
  • use_account (required) – The name of the account you are making the call for, where the name is the name of the account added in CloudCheckr.
  • use_cc_account_id (required) – The CloudCheckr ID of the account you are making the call for. The ID is returned when using the method ‘account/add_accountv3′ to register the account in CloudCheckr.

OUTPUT

XML Example:

<GetDashboardResponseV2
	xmlns:xsd="http://www.w3.org/2001/XMLSchema"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
	<DashboardSummaries>
		<DashboardSummary>
			<AccountName>2150 AWS QA</AccountName>
			<LastMonth>
				<month>6/1/2016 12:00:00 AM</month>
				<cost>909.765</cost>
			</LastMonth>
			<ThisMonth>
				<month>7/1/2016 12:00:00 AM</month>
				<cost>1073.514</cost>
			</ThisMonth>
			<Forecast>
				<month>7/1/2016 12:00:00 AM</month>
				<cost>1140.8925714285714285714285714</cost>
			</Forecast>
			<SendByService>
				<DashboardService>
					<service>AmazonEC2</service>
					<cost>556.224</cost>
				</DashboardService>
				<DashboardService>
					<service>DirectoryService</service>
					<cost>169.375</cost>
				</DashboardService>
				<DashboardService>
					<service>AWSSupportBusiness</service>
					<cost>100.000</cost>
				</DashboardService>
				<DashboardService>
					<service>AmazonS3</service>
					<cost>99.313</cost>
				</DashboardService>
				<DashboardService>
					<service>AmazonCloudTrail</service>
					<cost>64.960</cost>
				</DashboardService>
				<DashboardService>
					<service>AmazonKinesis</service>
					<cost>30.645</cost>
				</DashboardService>
				<DashboardService>
					<service>AmazonRDS</service>
					<cost>21.598</cost>
				</DashboardService>
				<DashboardService>
					<service>Others</service>
					<cost>31.399</cost>
				</DashboardService>
			</SendByService>
		</DashboardSummary>
	</DashboardSummaries>
</GetDashboardResponseV2>

JSON Example:

{
	"GetDashboardResponseV2": {
		"DashboardSummaries": {
			"DashboardSummary": {
				"AccountName": "2150 AWS QA",
				"LastMonth": {
					"month": "6/1/2016 12:00:00 AM",
					"cost": "909.765"
				},
				"ThisMonth": {
					"month": "7/1/2016 12:00:00 AM",
					"cost": "1073.514"
				},
				"Forecast": {
					"month": "7/1/2016 12:00:00 AM",
					"cost": "1140.8925714285714285714285714"
				},
				"SendByService": {
					"DashboardService": [
						{
							"service": "AmazonEC2",
							"cost": "556.224"
						},
						{
							"service": "DirectoryService",
							"cost": "169.375"
						},
						{
							"service": "AWSSupportBusiness",
							"cost": "100.000"
						},
						{
							"service": "AmazonS3",
							"cost": "99.313"
						},
						{
							"service": "AmazonCloudTrail",
							"cost": "64.960"
						},
						{
							"service": "AmazonKinesis",
							"cost": "30.645"
						},
						{
							"service": "AmazonRDS",
							"cost": "21.598"
						},
						{
							"service": "Others",
							"cost": "31.399"
						}
					]
				}
			}
		},
		"_xmlns:xsd": "http://www.w3.org/2001/XMLSchema",
		"_xmlns:xsi": "http://www.w3.org/2001/XMLSchema-instance"
	}
}

GET CUSTOM BILLING CHARGES

get_custom_billing_charges_v2 is used to return any custom billing charges from the Cost > AWS Partner Tools > Configure > Custom Billing Charges page.

Parameter Type Description
access_key string required, admin-level API key
use_account string * required/optional, the exact alphanumeric account name of the account to look up
use_cc_account_id string * required/optional, the numeric ID value of the account in CloudCheckr to look up
use_aws_account_id string * required/optional, the 12 digit AWS account ID of the account to look up

* = one of these parameters must be defined

Endpoint URL:
https://api.cloudcheckr.com/api/billing.[json|xml]/get_custom_billing_charges_v2

Example call:
curl --request GET \
--url 'https://api.cloudcheckr.com/api/billing.json/get_custom_billing_charges_v2?access_key=your_admin_access_key&use_cc_account_id=1234'

Successful response:

{
    "CustomBillingCharges": [
        {
            "Id": 166,
            "StartDate": "8/1/2017",
            "EndDate": "N/A",
            "Type": "Monthly Premium",
            "ChargeValue": "5.00%",
            "Description": "test",
            "ResourceId": "",
            "Stack": true,
            "StackOrder": 0,
            "Account": "All Accounts",
            "Region": "All Regions"
        }
    ]
}

ADD CUSTOM BILLING CHARGE – MONTHLY PERCENT

add_custom_billing_charge_monthly_percent is used to add a custom billing charge from the Cost > AWS Partner Tools > Configure > Custom Billing Charges > New Custom Charge > Add a monthly percent charge or credit page.

Parameter Type Description
access_key string required, admin-level API key
description string required, human-friendly description of the custom billing charge
percentageValue decimal required, sets the charge (positive value) or credit (negative value) percentage
minimumCharge decimal optional, applies a minimum charge/credit threshold to the custom billing charge
maximumCharge decimal optional, applies a maximum charge/credit threshold to the custom billing charge
tiers List<Tier> optional, applies the custom billing charge to a monetary tier range
applyPercentageTo CostBasline required, indicates which cost type the custom billing charge will apply to
stack boolean optional, enables custom stack ordering. defaults to false
stackOrder integer optional, sets stack order if previous parameter is true
accounts List<string> optional, comma separated list of accounts the custom billing charge applies to. defaults to all accounts
accountsInvert boolean optional, applies the NOT logical operator to selected accounts in the previous parameter. defaults to false
region List<string> optional, comma separated list of region(s) the custom billing charge applies to. defaults to all. accepts region id’s as valid values
regionInvert boolean optional, applies the NOT logical operator to selected regions in the previous parameter. defaults to false
awsService List<string> optional, comma separated list of AWS services the custom billing charge applies to. defaults to all
awsServiceInvert boolean optional, applies the NOT logical operator to selected AWS services in the previous parameter. defaults to false
operation List<string> optional, comma separated list of AWS operations the custom billing charge applies to. defaults to all
operationInvert boolean optional, applies the NOT logical operator to selected AWS operations in the previous parameter. defaults to false
usageType List<string> optional, comma separated list of AWS usage types the custom billing charge applies to. defaults to all
usageTypeInvert boolean optional, applies the NOT logical operator to selected AWS usage types in the previous parameter. defaults to false
tag List<string> optional, comma separated list of tag key/value pairs the custom billing charge applies to. defaults to all
tagInvert boolean optional, applies the NOT logical operator to selected tag key/value pairs in the previous parameter. defaults to false
startDate DateTime required, start date for the custom billing charge
endDate DateTime optional, end date for the custom billing charge. custom billing charges with no end date will apply until the end of time
use_account string * optional/required, friendly name of the account in CloudCheckr to apply the custom billing charge under (must be a payer account!)
use_cc_account_id string * optional/required, account ID of the account in CloudCheckr to apply the custom billing charge under (must be a payer account!)
use_aws_account_id string * optional/required, the 12 digit AWS account ID to apply the custom billing charge under (must be a payer account available in CloudCheckr!)

* = one of these parameters must be defined

Endpoint URL:
https://api.cloudcheckr.com/api/billing.[json|xml]/add_custom_billing_charge_monthly_percent

Example call:

curl --request POST \
--url 'https://api.cloudcheckr.com/api/billing.json/add_custom_billing_charge_monthly_percent?access_key=your_admin_access_key&use_cc_account_id=1234' \
  --header 'content-type: application/json' \
  --data '{
	"description": "example custom billing charge",
	"percentageValue": 10.5,
	"minimumCharge": 5000, "maximumCharge": 10000,
	"stack": true, "stackOrder": 1,
	"tiers": [{
		"From": 0,
		"To": 1000,
		"Charge": 25
	},
	{
		"From": 1001,
		"To": 2000,
		"Charge": -10
	}],
	"costBaseline": "ListCost",
	"accounts": ["215011050627,245990094719"],
	"region": ["1","2"], "RegionInvert": "true",
	"operation": ["AbortMultipartUpload","AssociateAddress"],
	"usageType": ["ActiveConfigRules","APN1-ActiveConfigRules"],
	"tag": ["Customer | test123", "Customer | Testtag"],
	"startDate": "1970-01-01", "endDate": "2063-04-05"
}

Successful response:

{
    "Code": 200,
    "Message": "OK"
}

EDIT CUSTOM BILLING CHARGE – MONTHLY PERCENT

edit_custom_billing_charge_monthly_percent is used to edit a custom billing charge from the Cost > AWS Partner Tools > Configure > Custom Billing Charges page (“Premium for all charges” type ONLY!).

Parameter Type Description
access_key string required, admin-level API key
id long required, ID of the custom billing charge to edit
description string optional, human-friendly description of the custom billing charge
percentageValue decimal optional, sets the charge (positive value) or credit (negative value) percentage
minimumCharge decimal optional, applies a minimum charge/credit threshold to the custom billing charge
maximumCharge decimal optional, applies a maximum charge/credit threshold to the custom billing charge
tiers List<Tier> optional, applies the custom billing charge to a monetary tier range
applyPercentageTo CostBasline optional, indicates which cost type the custom billing charge will apply to
stack boolean optional, enables custom stack ordering. defaults to false
stackOrder integer optional, sets stack order if previous parameter is true
accounts List<string> optional, comma separated list of accounts the custom billing charge applies to. defaults to all accounts
accountsInvert boolean optional, applies the NOT logical operator to selected accounts in the previous parameter. defaults to false
region List<string> optional, comma separated list of region(s) the custom billing charge applies to. defaults to all. accepts region id’s as valid values
regionInvert boolean optional, applies the NOT logical operator to selected regions in the previous parameter. defaults to false
awsService List<string> optional, comma separated list of AWS services the custom billing charge applies to. defaults to all
awsServiceInvert boolean optional, applies the NOT logical operator to selected AWS services in the previous parameter. defaults to false
operation List<string> optional, comma separated list of AWS operations the custom billing charge applies to. defaults to all
operationInvert boolean optional, applies the NOT logical operator to selected AWS operations in the previous parameter. defaults to false
usageType List<string> optional, comma separated list of AWS usage types the custom billing charge applies to. defaults to all
usageTypeInvert boolean optional, applies the NOT logical operator to selected AWS usage types in the previous parameter. defaults to false
tag List<string> optional, comma separated list of tag key/value pairs the custom billing charge applies to. defaults to all
tagInvert boolean optional, applies the NOT logical operator to selected tag key/value pairs in the previous parameter. defaults to false
startDate DateTime optional, start date for the custom billing charge
endDate DateTime optional, end date for the custom billing charge. custom billing charges with no end date will apply until the end of time
use_account string * optional/required, friendly name of the account in CloudCheckr to apply the custom billing charge under (must be a payer account!)
use_cc_account_id string * optional/required, account ID of the account in CloudCheckr to apply the custom billing charge under (must be a payer account!)
use_aws_account_id string * optional/required, the 12 digit AWS account ID to apply the custom billing charge under (must be a payer account available in CloudCheckr!)

* = one of these parameters must be defined

Endpoint URL:
https://api.cloudcheckr.com/api/billing.[json|xml]/edit_custom_billing_charge_monthly_percent

Example call:

curl --request POST \
--url 'https://api.cloudcheckr.com/api/billing.json/edit_custom_billing_charge_monthly_percent?access_key=your_admin_access_key&use_cc_account_id=1234' \
  --header 'content-type: application/json' \
  --data '{
	"id": 179,
	"percentageValue": 42
}

Successful response:

{
    "Id": <new ID value>,
    "Code": 200,
    "Message": "OK"
}