Start a CSA Scan
This endpoint starts a Cloud Security Assessment (CSA) scan according to a policy. CSA scans IaaS accounts for compliance violations, and then displays the non-compliant rules and resources associated with those accounts. To see the scan results, go to Cloud Infrastructure > Compliance in the Netskope UI.
Also, use the scan_id hash value returned for getting a CSA scan status. Refer to Get a CSA Scan Status.
Request
GET https://<tenant-name>.goskope.com/api/v1/csa_scan?token=<token>&op=start&name=<policy_name>&scan_start_by=<name>
Valid parameters are:
Key | Value | Description |
|---|---|---|
|
| Starts the scan. |
|
| Required. The Security Assessment policy name in the Netskope UI. |
| Name of the user starting the scan. | Required for scan start. Cannot be empty string. |
Example Request and Response
curl -X GET https://<tenant-name>.goskope.com/api/v1/csa_scan?token=<token>&op=start&name=<policy_name>&scan_start_by=<name> { "status": "success", "msg": "Policy scan has been submitted", "data { "scan_id": "2e528976d8c01e115d8943519ab7b0f043ead317", "data": [] } }
// Success Response
{
"status": "success",
"msg": "Policy scan has been submitted",
"data": []
}
// Error Response for Invalid Policy Name
{
"status": "error",
"errorCode": "General Error",
"errors": [
"A deployed policy by this name does not exist."
]
}
// Error Response for Expired Token
{
"status": "error",
"errorCode": "Authorization Error",
"errors": [
"Invalid REST API Token. Please contact administrator"
]
}
// Error Response for invalid operator
{
"status": "error",
"errorCode": "General Error",
"errors": [
"Invalid op start_end."
]
}