List assets in a tenant

curl --request GET \
  --url https://{region}.api.plerion.com/v1/tenant/assets \
  --header 'Authorization: Bearer <token>'

{
  "data": [
    {
      "schemaVersion": "2022-06-09",
      "id": "prn:assets:afeb4e5f-0370-4b43-8e37-7e4efc719358:aws:ec2:instance:ap-southeast-2:i-085a328dba59f229b",
      "organizationId": "dc16d897-7f52-4b73-be57-96c7c9a853da",
      "tenantId": "42749bc1-c99b-4c2c-a081-a6cda9370081",
      "integrationId": "458511a1-9bc2-4fce-97a0-0e3139588e6e",
      "executionId": 1675576960384,
      "provider": "AWS",
      "type": "AWS::EC2::Instance",
      "name": "i-085a328dba59f229b",
      "createdAt": "2023-02-04T06:07:09.092Z",
      "firstObservedAt": "2023-02-04T06:02:40.594Z",
      "lastObservedAt": "2023-02-05T06:02:40.384Z",
      "updatedAt": "2023-02-05T06:07:02.959Z",
      "tags": [
        {
          "Key": "Department",
          "Value": "Finance"
        }
      ],
      "isPubliclyExposed": false,
      "isVulnerable": false,
      "numberOfLowVulnerabilities": 85,
      "numberOfMediumVulnerabilities": 60,
      "numberOfHighVulnerabilities": 15,
      "numberOfCriticalVulnerabilities": 5,
      "vulnerabilityScore": 9,
      "hasKev": false,
      "hasExploit": false,
      "isExploitable": false,
      "isInVpc": false,
      "lastScanId": 1679594910265,
      "lastScannedAt": "2023-03-23T18:17:20.003Z",
      "imageId": "<string>",
      "platform": "<string>",
      "hasAdminPrivileges": false,
      "hasOverlyPermissivePrivileges": false,
      "hasAuthorizer": false,
      "hasTracingEnabled": false,
      "policy": {},
      "numberOfLowSecrets": 3,
      "numberOfMediumSecrets": 1,
      "numberOfHighSecrets": 0,
      "numberOfCriticalSecrets": 2,
      "lowSecrets": [
        {}
      ],
      "mediumSecrets": [
        {}
      ],
      "highSecrets": [
        {}
      ],
      "criticalSecrets": [
        {}
      ],
      "operatingSystem": [
        {
          "architecture": "x86_64",
          "name": "Ubuntu",
          "platform": "Linux/UNIX",
          "version": "24.04.2 LTS (Noble Numbat)",
          "versionId": 24.04,
          "activeKernel": "4.14.246-197.484.amzn2.x86_64",
          "buildNumber": "20348.fe_release.210507-1500",
          "lcuVersion": "10.0.20348.2762"
        }
      ],
      "riskScore": 9.36,
      "region": "us-east-1",
      "service": "AWS::EC2",
      "resourceId": "i-085a328dba59f229b",
      "resourceName": "test-instance",
      "resourceTags": [
        {
          "Key": "Public",
          "Value": true
        }
      ],
      "resourceType": "AWS::EC2::Instance",
      "fullResourceName": "arn:aws:iam::1111222233334444:policy/test-policy",
      "providerAccountId": 123456789012,
      "resourceURL": "https://us-east-1.console.aws.amazon.com/iam/home#/policies/arn:aws:iam::1111222233334444:policy/test-policy"
    }
  ],
  "meta": {
    "page": 1,
    "perPage": 100,
    "total": 200,
    "hasNextPage": true,
    "hasPreviousPage": false
  }
}

GET

tenant

assets

List assets in a tenant

curl --request GET \
  --url https://{region}.api.plerion.com/v1/tenant/assets \
  --header 'Authorization: Bearer <token>'

{
  "data": [
    {
      "schemaVersion": "2022-06-09",
      "id": "prn:assets:afeb4e5f-0370-4b43-8e37-7e4efc719358:aws:ec2:instance:ap-southeast-2:i-085a328dba59f229b",
      "organizationId": "dc16d897-7f52-4b73-be57-96c7c9a853da",
      "tenantId": "42749bc1-c99b-4c2c-a081-a6cda9370081",
      "integrationId": "458511a1-9bc2-4fce-97a0-0e3139588e6e",
      "executionId": 1675576960384,
      "provider": "AWS",
      "type": "AWS::EC2::Instance",
      "name": "i-085a328dba59f229b",
      "createdAt": "2023-02-04T06:07:09.092Z",
      "firstObservedAt": "2023-02-04T06:02:40.594Z",
      "lastObservedAt": "2023-02-05T06:02:40.384Z",
      "updatedAt": "2023-02-05T06:07:02.959Z",
      "tags": [
        {
          "Key": "Department",
          "Value": "Finance"
        }
      ],
      "isPubliclyExposed": false,
      "isVulnerable": false,
      "numberOfLowVulnerabilities": 85,
      "numberOfMediumVulnerabilities": 60,
      "numberOfHighVulnerabilities": 15,
      "numberOfCriticalVulnerabilities": 5,
      "vulnerabilityScore": 9,
      "hasKev": false,
      "hasExploit": false,
      "isExploitable": false,
      "isInVpc": false,
      "lastScanId": 1679594910265,
      "lastScannedAt": "2023-03-23T18:17:20.003Z",
      "imageId": "<string>",
      "platform": "<string>",
      "hasAdminPrivileges": false,
      "hasOverlyPermissivePrivileges": false,
      "hasAuthorizer": false,
      "hasTracingEnabled": false,
      "policy": {},
      "numberOfLowSecrets": 3,
      "numberOfMediumSecrets": 1,
      "numberOfHighSecrets": 0,
      "numberOfCriticalSecrets": 2,
      "lowSecrets": [
        {}
      ],
      "mediumSecrets": [
        {}
      ],
      "highSecrets": [
        {}
      ],
      "criticalSecrets": [
        {}
      ],
      "operatingSystem": [
        {
          "architecture": "x86_64",
          "name": "Ubuntu",
          "platform": "Linux/UNIX",
          "version": "24.04.2 LTS (Noble Numbat)",
          "versionId": 24.04,
          "activeKernel": "4.14.246-197.484.amzn2.x86_64",
          "buildNumber": "20348.fe_release.210507-1500",
          "lcuVersion": "10.0.20348.2762"
        }
      ],
      "riskScore": 9.36,
      "region": "us-east-1",
      "service": "AWS::EC2",
      "resourceId": "i-085a328dba59f229b",
      "resourceName": "test-instance",
      "resourceTags": [
        {
          "Key": "Public",
          "Value": true
        }
      ],
      "resourceType": "AWS::EC2::Instance",
      "fullResourceName": "arn:aws:iam::1111222233334444:policy/test-policy",
      "providerAccountId": 123456789012,
      "resourceURL": "https://us-east-1.console.aws.amazon.com/iam/home#/policies/arn:aws:iam::1111222233334444:policy/test-policy"
    }
  ],
  "meta": {
    "page": 1,
    "perPage": 100,
    "total": 200,
    "hasNextPage": true,
    "hasPreviousPage": false
  }
}

Authorizations

Authorization

string

header

required

Bearer API Key. For example, "Bearer {Tenant API Key}"

Headers

Authorization

string

required

Bearer API Key. For example, "Bearer {Tenant API Key}"

Content-Type

string

application/json

Query Parameters

ids

string

Filter assets based on Asset IDs. Accepts a comma-separated list.

Example:

"id1,id2"

executionIds

string

Filter assets based on Integration Execution IDs. Accepts a comma-separated list.

Example:

"1678607803935,1778607801234"

regions

string

Filter assets based on Provider regions. Accepts a comma-separated list of regions.

Example:

"us-east-1,us-west-2"

integrationIds

string

Filter assets based on Plerion Integration IDs. Accepts a comma-separated list.

Example:

"integration1,integration2"

assetGroupIds

string

Filter assets based on asset group ids. Accepts a comma-separated list of asset group ids.

Example:

"assetGroupId1,assetGroupId2"

severityLevels

enum<string>

Filter assets based on vulnerability severity levels. Accepts a comma-separated list of severity levels.

Available options:

CRITICAL,

HIGH,

MEDIUM,

LOW

Example:

"CRITICAL,HIGH"

secretsLevels

enum<string>

Filter assets based on exposed secrets severity levels. Accepts a comma-separated list of severity levels.

Available options:

CRITICAL,

HIGH,

MEDIUM,

LOW

Example:

"CRITICAL,HIGH"

resourceTypes

string

Filter assets based on provider resource types. Accepts a comma-separated list of resource types.

Example:

"AWS::S3::Bucket,AWS::Lambda::Function"

providers

enum<string>

Filter assets based on provider. Accepts a comma-separated list of providers.

Available options:

AWS,

Azure,

GCP,

Kubernetes

Example:

"AWS,GCP"

services

string

Filter assets based on cloud provider services. Accepts a comma-separated list of service names. Each service can be specified either by its name alone (e.g., S3, Lambda, EC2) or prefixed with its provider in the format Provider::Service (e.g., AWS::S3, GCP::Compute, Azure::VirtualMachine).

Example:

"AWS::S3,GCP::Compute,Azure::VirtualMachine"

firstObservedAtStart

string<date-time>

Start of the date range for filtering assets based on the first observed time. Specify the start of the range using a valid ISO 8601 date-time string. If firstObservedAtStart is provided and firstObservedAtEnd is omitted, results will include assets from this date to the present. Supported formats include:

yyyy-MM-ddTHH:mm:ssZ (e.g., 2020-12-18T08:00:00Z)
yyyy-MM-ddTHH:mm:ss.SSSZ (e.g., 2020-12-18T08:00:00.000Z)

Example:

"2023-02-01T18:09:07Z"

firstObservedAtEnd

string<date-time>

End of the date range for filtering assets based on the first observed time. Specify the end of the range using a valid ISO 8601 date-time string. If firstObservedAtEnd is provided and firstObservedAtStart is omitted, results will include assets up to this date. Supported formats include:

yyyy-MM-ddTHH:mm:ssZ (e.g., 2020-12-18T08:00:00Z)
yyyy-MM-ddTHH:mm:ss.SSSZ (e.g., 2020-12-18T08:00:00.000Z)

Example:

"2023-02-01T18:09:07Z"

hasAdminPrivileges

string<boolean>

Filter assets based on whether the asset has Admin Privileges. The supported values are true or false

Example:

true

hasOverlyPermissivePrivileges

string<boolean>

Filter assets based on whether the asset has Overly Permissive Privileges. The supported values are true or false

Example:

true

isSusceptibleToPrivilegeEscalation

string<boolean>

Filter assets based on whether the asset is susceptible to privilege escalation. The supported values are true or false

Example:

true

hasKev

string<boolean>

Filter assets based on whether the asset has any unresolved vulnerability that is found on the CISA's Known Exploited Vulnerabilities Catalog. The supported values are true or false

Example:

true

hasExploit

string<boolean>

Filter assets based on whether the asset has any unresolved vulnerability that is referenced on the MITRE Exploit-DB reference map. The supported values are true or false

Example:

true

isExploitable

string<boolean>

Filter assets based on whether the asset has any unresolved vulnerability that has a CVSS v3 exploitability score greater than 1. The supported values are true or false

Example:

true

isPubliclyExposed

string<boolean>

Filter assets based on whether the asset is Publicly Accessible. The supported values are true or false

Example:

true

isVulnerable

string<boolean>

Filter assets based on whether the asset has any unresolved vulnerability regardless of severity, source, or status. The supported values are true or false

Example:

true

query

string

Filter assets based on the Asset's name matching the provided value

Example:

"test-asset-name"

metadata

string

Filter assets based on the asset's metadata matching the provided value. The search performs a case-insensitive substring match against all metadata keys and values, including nested fields.

Example:

"t2.micro"

riskScoreGte

string<number>

Filter assets based on the risk score calculated by Plerion for the asset. The supported values are numbers from 0 to 10.

Example:

5

sortBy

enum<string>

Order the list by supported field

Available options:

id,

executionId,

integrationId,

resourceType,

service,

region,

name,

provider,

firstObservedAt,

lastObservedAt,

riskScore,

vulnerabilityScore,

numberOfLowVulnerabilities,

numberOfMediumVulnerabilities,

numberOfHighVulnerabilities,

numberOfCriticalVulnerabilities

Example:

"executionId"

sortOrder

enum<string>

The sort order of the list. The parameter sortBy has to be provided to use sortOrder. If sortOrder is not provided the default order is ASC

Available options:

ASC,

DESC

Example:

"ASC"

page

number

Get the next batch of assets. Used for pagination

Required range: x >= 1

Example:

2

perPage

number

Specify the batch size of the list. Used for pagination

Required range: x <= 1000

Example:

100

Response

200 - application/json

Assets list

The response is of type object.

Get the usage details of tenant Get specific asset in a tenant

Overview

API documentation

Authorizations

Headers

Query Parameters

Response