Start a CSA Scan
This endpoint starts a Cloud Security Assessment (CSA) scan according to a policy. CSA scans IaaS accounts for compliance violations, and then displays the non-compliant rules and resources associated with those accounts. To see the scan results, go to Cloud Infrastructure > Compliance in the Netskope UI.
Also, use the scan_id
hash value returned for getting a CSA scan status. Refer to Get a CSA Scan Status.
Request
GET https://<tenant-name>.goskope.com/api/v1/csa_scan?token=<token>&op=start&name=<policy_name>&scan_start_by=<name>
Valid parameters are:
Key | Value | Description |
---|---|---|
|
| Starts the scan. |
|
| Required. The Security Assessment policy name in the Netskope UI. |
| Name of the user starting the scan. | Required for scan start. Cannot be empty string. |
Example Request and Response
curl -X GET https://<tenant-name>.goskope.com/api/v1/csa_scan?token=<token>&op=start&name=<policy_name>&scan_start_by=<name> { "status": "success", "msg": "Policy scan has been submitted", "data { "scan_id": "2e528976d8c01e115d8943519ab7b0f043ead317", "data": [] } }
// Success Response { "status": "success", "msg": "Policy scan has been submitted", "data": [] } // Error Response for Invalid Policy Name { "status": "error", "errorCode": "General Error", "errors": [ "A deployed policy by this name does not exist." ] } // Error Response for Expired Token { "status": "error", "errorCode": "Authorization Error", "errors": [ "Invalid REST API Token. Please contact administrator" ] } // Error Response for invalid operator { "status": "error", "errorCode": "General Error", "errors": [ "Invalid op start_end." ] }