CloudSploit API Examples using Node.js : Aqua Wave

Thanks for your interest in using our API, to get you going, here is an example that can help.

Let us start with a simple API call that will help you retrieve your "keys", keys are used to refer to your connections to your cloud infrastructure accounts. See more info here: https://cloudsploit.docs.apiary.io/#reference/keys/keys-collection/get-list-all-keys

Let's start with some requires at the top:

var crypto = require('crypto');
var moment = require('moment');
var request = require('request');

Next, add your API key and secrets:

var key = 'YOUR_API_KEY_GOES_HERE';
var secret = 'YOUR_API_SECRET_GOES_HERE';
var apiUrl = 'https://api.cloudsploit.com';

Now work on the signature, first generate a timestamp using moment, this is important because each API call signature will expire after 30 seconds.

var timestamp = (moment.unix(new Date()))/1000;
var endpoint = apiURL + path;

var string = timestamp + method + path + (body && Object.keys(body).length > 0 ? JSON.stringify(body) : '');

Now, use the timestamped request string to create an HMAC (In cryptography, an HMAC (sometimes expanded as either keyed-hash message authentication code or hash-based message authentication code) is a specific type of message authentication code (MAC) involving a cryptographic hash function and a secret cryptographic key).

var hmac = crypto.createHmac('sha256', secret);
hmac.setEncoding('hex');
hmac.write(string);
hmac.end();
var signature = hmac.read();

Once your signature is generated, simply create your request options as follows. Tip: Use a null body for GET requests.

var options = {
    method: method,
    url: endpoint,
    headers: {
      'Accept': 'application/json',
      'X-API-Key': key,
      'X-Signature': signature,
      'X-Timestamp': timestamp,
      "content-type": "application/json"
    }
  };

  if (body) options.json = body;

Send your request and done!

request(options, function (error, response, body){
    console.log(JSON.stringify(response));
});

Now, let's see it all together in an encapsulated makeApiCall function:

var crypto = require('crypto');
var moment = require('moment');
var request = require('request');

var key = 'YOUR_API_KEY_GOES_HERE';
var secret = 'YOUR_API_SECRET_GOES_HERE';
var apiURL = 'https://api.cloudsploit.com';

var makeApiCall = function(method, path, query, body, callback) {
  var timestamp = (moment.unix(new Date()))/1000;
  var endpoint = apiURL + path;

  var string = timestamp + method + path +
        (body && Object.keys(body).length > 0 ? JSON.stringify(body) : '');

  var hmac = crypto.createHmac('sha256', secret);
  hmac.setEncoding('hex');
  hmac.write(string);
  hmac.end();
  var signature = hmac.read();

  var options = {
    method: method,
    url: endpoint,
    headers: {
      'Accept': 'application/json',
      'X-API-Key': key,
      'X-Signature': signature,
      'X-Timestamp': timestamp,
      "content-type": "application/json"
    }
  };

  if (body) options.json = body;

  console.log(JSON.stringify(options,null,2));

  request(options, function (error, response, body){
    if (error) return callback(error);
    callback(null, body);
  });
};

makeApiCall('GET', '/v2/keys', '', null, function(err, data){
  if (err) return console.log(err);
  console.log(data);
});

Below, a more complex example, that requests a realtime scan of a cloud infrastructure account and waits for the results to come back, this is a great example of an API call that can be used for CI (Continuous Integration).

var crypto = require('crypto');
var moment = require('moment');
var request = require('request');

var key = 'YOUR_API_KEY_GOES_HERE';
var secret = 'YOUR_API_SECRET_GOES_HERE';
var apiURL = 'https://api.cloudsploit.com';
var cloudInfrastructureKeyToScan = 5536;

var makeApiCall = function(method, path, query, body, callback) {
  var timestamp = (moment.unix(new Date()))/1000;
  var endpoint = apiURL + path;

  var string = timestamp + method + path +
        (body && Object.keys(body).length > 0 ? JSON.stringify(body) : '');

  var hmac = crypto.createHmac('sha256', secret);
  hmac.setEncoding('hex');
  hmac.write(string);
  hmac.end();
  var signature = hmac.read();

  var options = {
    method: method,
    url: endpoint,
    headers: {
      'Accept': 'application/json',
      'X-API-Key': key,
      'X-Signature': signature,
      'X-Timestamp': timestamp,
      "content-type": "application/json"
    }
  };

  if (body) options.json = body;

  console.log(JSON.stringify(options,null,2));

  request(options, function (error, response, body){
    if (error) return callback(error);
    callback(null, body);
  });
};

var body = {
  key_id: cloudInfrastructureKeyToScan
};

makeApiCall('POST', '/v2/realtimes', '', body, function(err, data){
  if (err) return console.log(err);
  console.log(data);

  setInterval(function(){
    makeApiCall('GET', '/v2/realtimes/' + data.data.realtime_id.toString(), '', null, function(gErr, gData){
      if (gErr) return console.log(gErr);
      console.log(gData);
    });
  }, 5000);
});

Aqua Wave

How can we help you today?

CloudSploit API Examples using Node.js Print

How can we help you today?

CloudSploit API Examples using Node.js Print

Related Articles