| copyright | lastupdated | keywords | subcollection | ||
|---|---|---|---|---|---|
|
2023-12-15 |
security compliance developer tools, integrate with application, API, SDK, CLI |
security-compliance |
{{site.data.keyword.attribute-definition-list}}
{: #integrate-with-resources}
Ready to integrate {{site.data.keyword.compliance_full}} with your existing apps or services? Try out the supported developer tools. {: shortdesc}
{: #dev-tool-list}
{{site.data.keyword.compliance_short}} offers APIs, SDKs, a CLI, and Terraform support that you can use to connect to the service.
{: #dev-tool-sdks}
{{site.data.keyword.compliance_short}} offers software development kits (SDKs) that you can use to connect with the service in various programming languages. For more information about getting started with {{site.data.keyword.compliance_short}} SDKs, check out the following repositories on GitHub:
- Go SDK{: external}
- Java SDK{: external}
- Node.js SDK{: external}
- Python SDK{: external}
{: #dev-tool-cli}
Building an automated flow? If you're already using the {{site.data.keyword.cloud_notm}} Command Line Interface (CLI), you can install the {{site.data.keyword.compliance_short}} plug-in so that you can automate the evaluation of your resources.
To install {{site.data.keyword.compliance_short}} commands, run the following command:
ibmcloud plugin install security-compliance{: pre}
After you create your instance, for example, you can run the following CLI command to create a custom library:
ibmcloud security-compliance control-library create
--control-library-name='IBM Cloud for Financial Services'
--control-library-description='IBM Cloud for Financial Services'
--control-library-type=custom
--controls='[
{
"control_name": "SC-7",
"control_id": "1fa45e17-9322-4e6c-bbd6-1c51db08e790",
"control_description": "Boundary Protection",
"control_category": "System and Communications Protection",
"control_parent": "exampleString",
"control_tags": [
"1fa45e17-9322-4e6c-bbd6-1c51db08e790"
],
"control_specifications": [
{
"control_specification_id": "5c7d6f88-a92f-4734-9b49-bd22b0900184",
"responsibility": "user",
"component_id": "iam-identity",
"component_name": "exampleString",
"environment": "ibm-cloud",
"control_specification_description": "IBM cloud",
"assessments_count": 38,
"assessments": [
{
"assessment_id": "rule-a637949b-7e51-46c4-afd4-b96619001bf1",
"assessment_method": "ibm-cloud-rule",
"assessment_type": "automated",
"assessment_description": "Check that there is an Activity Tracker event route defined to collect global events generated by IBM Cloud services",
"parameter_count": 38,
"parameters": [
{
"parameter_name": "session_invalidation_in_seconds",
"parameter_display_name": "Sign out due to inactivity in seconds",
"parameter_type": "numeric",
"parameter_value": "public"
}
]
}
]
}
],
"control_docs": {
"control_docs_id": "sc-7",
"control_docs_type": "ibm-cloud"
},
"control_requirement": true,
"status": "enabled"
}
]'
--version-group-label=33fc7b80-0fa5-4f16-bbba-1f293f660f0d
--control-library-version=1.0.0
--latest=true
--controls-count=38
--x-correlation-id=exampleString
--x-request-id=exampleString{: pre}
For more information, check out the {{site.data.keyword.compliance_short}} CLI reference. {: note}
{: #dev-tool-api}
If you're trying out {{site.data.keyword.compliance_short}} for the first time, you might want to use the {{site.data.keyword.compliance_short}} API to automate the evaluation of your resources.
Start by copying the service endpoint URL from the Endpoints page in your {{site.data.keyword.compliance_short}} service dashboard. Then, generate an {{site.data.keyword.cloud_notm}} Identity and Access Management (IAM) token to include in your request. For example, after you configure your service instance, you can use the following API request to retrieve all the control libraries.
curl -X GET
--location --header "Authorization: Bearer {iam_token}"
--header "Accept: application/json"
"{base_url}/control_libraries"
{: codeblock}
Replace {base_url} with your service endpoint URL (https://us-south.compliance.cloud.ibm.com/instances/{instance_id}/v3/), and {iam_token} with your IAM token. To run the API request, you can paste it into your command line, or preferred API testing tool.
For more information about using {{site.data.keyword.compliance_short}} APIs, check out the {{site.data.keyword.compliance_short}} API reference. {: note}
{: #dev-tool-terraform}
Already using Terraform? You can continue to use Terraform with {{site.data.keyword.compliance_short}}{: external} to read data sources and create resources.