Skip to main content
This example uses curl to connect an AWS account via the InfraAudit API, wait for the initial sync to complete, and list the discovered resources. It takes about five minutes for accounts with a few hundred resources.

Prerequisites

export TOKEN="eyJhbGciOi..."
export BASE_URL="https://api.infraaudit.dev"

Step 1: Connect the account

curl -s -X POST "$BASE_URL/api/v1/providers/aws/connect" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Production AWS",
    "accessKeyId": "AKIAIOSFODNN7EXAMPLE",
    "secretAccessKey": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY",
    "region": "us-east-1"
  }' | jq .
Response: 
{
  "id": 1,
  "name": "Production AWS",
  "type": "aws",
  "status": "syncing",
  "created_at": "2024-01-15T10:00:00Z"
}
Save the provider ID: 
export PROVIDER_ID=1

Step 2: Wait for the initial sync

Poll the provider until status is synced: 
while true; do
  STATUS=$(curl -s "$BASE_URL/api/v1/providers/$PROVIDER_ID" \
    -H "Authorization: Bearer $TOKEN" | jq -r '.status')
  echo "Status: $STATUS"
  if [ "$STATUS" = "synced" ]; then break; fi
  if [ "$STATUS" = "error" ]; then echo "Sync failed"; exit 1; fi
  sleep 5
done

Step 3: List discovered resources

curl -s "$BASE_URL/api/v1/resources?provider_id=$PROVIDER_ID" \
  -H "Authorization: Bearer $TOKEN" | jq '.meta'
Output: 
{
  "total": 247,
  "page": 1,
  "per_page": 20
}
Filter to EC2 instances only: 
curl -s "$BASE_URL/api/v1/resources?provider_id=$PROVIDER_ID&type=ec2_instance" \
  -H "Authorization: Bearer $TOKEN" | jq '.data[] | {id, name, region, status}'

Step 4: Verify credential security

Credentials are encrypted at rest and never returned by the API. You can confirm this by checking the provider response fields: 
curl -s "$BASE_URL/api/v1/providers/$PROVIDER_ID" \
  -H "Authorization: Bearer $TOKEN" | jq 'keys'
# ["created_at", "id", "last_synced_at", "name", "resource_count", "status", "type"]
No access keys appear in the response.

Next steps