The guide describes Security Advisor Public API.
To use the APIs, you need an API endpoint and a token.
| Region | Endpoint |
|---|---|
| All regions | https://security-advisor.api.nhncloudservice.com |
Security Advisor uses the NHN Cloud token for API authentication and authorization. Refer to the User Access Key Token for the necessary information on using the authentication token.
Appkey is required to use the Security Advisor API. The Appkey is included in the request URL to identify and specify a particular resource when making API calls. For more information on checking and using Appkeys, please refer to the Appkey.
To use the API, the following information is required.
| Name | Type | Format | Required | Description |
|---|---|---|---|---|
| x-nhn-authorization | Header | String | O | Token |
| Name | Type | Description |
|---|---|---|
| header | Object | |
| header.isSuccessful | Boolean | true: normal false: error |
| header.resultCode | Integer | 1: normal others: error |
| header.resultMessage | String | "SUCCESS": normal others: error cause message |
[Caution] API response may show the fields not specified by the guide. These fields are internally used by NHN Cloud, and not used because they are subject to change without prior notice.
Retrieves last inspection date.
GET "/advisor/v1.0/appKey/{appKey}/last_inspection_date"
This API does not require a request body.
| Name | Type | Format | Required | Description |
|---|---|---|---|---|
| appKey | URL | String | O | Service Appkey |
| Name | Format | Required | Description |
|---|---|---|---|
| latestInspectionTime | String | O | Last inspection date (datetime) |
{
"header": {
"resultCode": 1,
"resultMessage": "Request success",
"isSuccessful": true
},
"body": {
"latestInspectionTime": "2025-03-11T16:00:32+09:00"
}
}
Retrieves the auto inspection settings configured by the administrator.
GET "/advisor/v1.0/appKey/{appKey}/setting"
This API does not require a request body.
| Name | Type | Format | Required | Description |
|---|---|---|---|---|
| appKey | URL | String | O | Service Appkey |
| Name | Format | Required | Description |
|---|---|---|---|
| emails | Array | O | Email addresses to receive notification upon completion of inspection |
| isEnableAutoInspect | Boolean | O | Whether to set auto inspection (If this value is false, all other settings are ignored) |
| inspectionList | Array | X | Selected items for auto inspection |
| inspectionCycle | Object | X | Inspection cycle settings |
| inspectionCycle.isWeek | Boolean | X | Whether weekly selection is enabled |
| inspectionCycle.time | String(hh:mm) | X | Inspection execution time (00:00) |
| inspectionCycle.day | Integer | X | Days of the week for inspection execution (Sunday is represented as 1) |
| isWhole | Boolean | X | Whether full inspection is selected |
{
"header": {
"resultCode": 1,
"resultMessage": "Request success",
"isSuccessful": true
},
"body": {
"emails": ["nhncloud@nhn.com"],
"isEnableAutoInspect": true,
"inspectionList": [
1,
2,
3,
4,
5,
6,
7,
8,
9
],
"inspectionCycle": {
"isWeek": true,
"time": "00:00",
"day": 2
},
"isWhole": false
}
}
Retrieves summary information of the most recent inspection result.
GET "/advisor/v1.0/appKey/{appKey}/inspection_results?region={region}&lang={lang}"
This API does not require a request body.
| Name | Type | Format | Required | Description |
|---|---|---|---|---|
| appKey | URL | String | O | Service Appkey |
| region | Query | String | O | Region code (KR1: Pangyo, KR2: Pyeongchon, JP1: Japan, US1: United States) |
| lang | Query | String | O | Language code (KO: Korean, EN: English, JA: Japanese) |
| Name | Format | Required | Description |
|---|---|---|---|
| ruleNo | Integer | O | Inspection item number |
| status | String | O | Inspection result (critical: high risk, warning: caution advised, interest: needs attention, good: no issues) |
| inspectRange | String | O | Inspection target range (PROJECT: projects, ORG: organizations) |
| inspectContent | String | O | Inspection target content |
| detectionCount | Integer | O | Number of detections |
| exceptionCount | Integer | O | Number of exceptions |
| inspectTime | String | O | Inspection time (datetime) |
{
"header": {
"resultCode": 1,
"resultMessage": "Request success",
"isSuccessful": true
},
"body": [
{
"ruleNo": 10,
"status": "good",
"inspectRange": "PROJECT",
"inspectContent": "Security Groups Inspection",
"detectionCount": 0,
"exceptionCount": 0,
"inspectTime": "2023-06-12T19:53:35+09:00"
},
{
"ruleNo": 11,
"status": "good",
"inspectRange": "PROJECT",
"inspectContent": "Database Security Groups Inspection",
"detectionCount": 0,
"exceptionCount": 0,
"inspectTime": "2023-06-12T19:53:35+09:00"
},
{
"ruleNo": 1,
"status": "critical",
"inspectRange": "ORG",
"inspectContent": "IAM Login Failure Security Inspection",
"detectionCount": 1,
"exceptionCount": 0,
"inspectTime": "2025-03-11T16:00:42+09:00"
},
{
"ruleNo": 2,
"status": "critical",
"inspectRange": "ORG",
"inspectContent": "IAM Sign-in Session Inspection",
"detectionCount": 1,
"exceptionCount": 0,
"inspectTime": "2025-03-11T16:00:42+09:00"
},
{
"ruleNo": 3,
"status": "critical",
"inspectRange": "ORG",
"inspectContent": "IAM Sign-in Session Count Inspection",
"detectionCount": 1,
"exceptionCount": 0,
"inspectTime": "2025-03-11T16:00:42+09:00"
},
{
"ruleNo": 4,
"status": "good",
"inspectRange": "ORG",
"inspectContent": "Inactive IAM Accounts of Project Members Inspection",
"detectionCount": 0,
"exceptionCount": 0,
"inspectTime": "2025-03-11T16:00:43+09:00"
},
{
"ruleNo": 5,
"status": "good",
"inspectRange": "ORG",
"inspectContent": "IAM Account Usage Status in Project Inspection",
"detectionCount": 0,
"exceptionCount": 0,
"inspectTime": "2025-03-11T16:00:43+09:00"
},
{
"ruleNo": 6,
"status": "critical",
"inspectRange": "ORG",
"inspectContent": "2FA Setting Inspection for Project Members’ NHN Cloud Accounts",
"detectionCount": 1,
"exceptionCount": 0,
"inspectTime": "2025-03-11T16:00:43+09:00"
},
{
"ruleNo": 7,
"status": "critical",
"inspectRange": "ORG",
"inspectContent": "2FA Setting Inspection for Project Members’ IAM Accounts",
"detectionCount": 1,
"exceptionCount": 0,
"inspectTime": "2025-03-11T16:00:43+09:00"
},
{
"ruleNo": 8,
"status": "good",
"inspectRange": "ORG",
"inspectContent": "IAM Console Domain Setting Inspection",
"detectionCount": 0,
"exceptionCount": 0,
"inspectTime": "2025-03-11T16:00:43+09:00"
},
{
"ruleNo": 9,
"status": "critical",
"inspectRange": "ORG",
"inspectContent": "IAM Console IP ACL Setting Inspection",
"detectionCount": 1,
"exceptionCount": 0,
"inspectTime": "2025-03-11T16:00:43+09:00"
},
{
"ruleNo": 12,
"inspectRange": "PROJECT",
"inspectContent": "RDS Access Control Inspection",
"detectionCount": 0,
"exceptionCount": 0
},
{
"ruleNo": 13,
"inspectRange": "PROJECT",
"inspectContent": "NCR Image Vulnerability Scan Setting Inspection",
"detectionCount": 0,
"exceptionCount": 0
}
]
}