Skip to main content
The providers endpoints let you connect cloud accounts to InfraAudit, trigger resource syncs, and remove accounts. Each cloud provider type has its own connect endpoint with provider-specific request fields. Base path: /api/v1/providers

POST /providers/aws/connect — connect AWS

Connect an AWS account using an IAM access key pair. 
POST /api/v1/providers/aws/connect
Authorization: Bearer <token>
Content-Type: application/json

Request body

name
string
required
A human-readable label for this provider, for example Production AWS.
accessKeyId
string
required
Your AWS IAM access key ID.
secretAccessKey
string
required
Your AWS IAM secret access key.
region
string
required
The primary AWS region, for example us-east-1.
{
  "name": "Production AWS",
  "accessKeyId": "AKIAIOSFODNN7EXAMPLE",
  "secretAccessKey": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY",
  "region": "us-east-1"
}

Response 201

{
  "id": 1,
  "name": "Production AWS",
  "type": "aws",
  "status": "syncing",
  "created_at": "2024-01-15T10:00:00Z"
}

POST /providers/gcp/connect — connect GCP

POST /api/v1/providers/gcp/connect
Authorization: Bearer <token>
Content-Type: application/json

Request body

name
string
required
A human-readable label for this provider.
serviceAccountJson
string
required
The GCP service account JSON key file contents as a string.
projectId
string
required
Your GCP project ID.
billingDataset
string
BigQuery dataset name for billing export data.
{
  "name": "GCP Production",
  "serviceAccountJson": "{ \"type\": \"service_account\", ... }",
  "projectId": "my-gcp-project",
  "billingDataset": "billing_export"
}

POST /providers/azure/connect — connect Azure

POST /api/v1/providers/azure/connect
Authorization: Bearer <token>
Content-Type: application/json

Request body

name
string
required
A human-readable label for this provider.
clientId
string
required
Azure service principal client ID.
clientSecret
string
required
Azure service principal client secret.
tenantId
string
required
Azure Active Directory tenant ID.
subscriptionId
string
required
Azure subscription ID.
{
  "name": "Azure Production",
  "clientId": "00000000-0000-0000-0000-000000000001",
  "clientSecret": "your-client-secret",
  "tenantId": "00000000-0000-0000-0000-000000000002",
  "subscriptionId": "00000000-0000-0000-0000-000000000003"
}

POST /providers/kubernetes/connect — connect Kubernetes

POST /api/v1/providers/kubernetes/connect
Authorization: Bearer <token>
Content-Type: application/json

Request body

name
string
required
A human-readable label for this cluster.
kubeconfig
string
required
The kubeconfig YAML contents as a string.
{
  "name": "Production EKS",
  "kubeconfig": "apiVersion: v1\nkind: Config\n..."
}

GET /providers — list providers

Returns all connected cloud providers. 
GET /api/v1/providers
Authorization: Bearer <token>

Response

[
  {
    "id": 1,
    "name": "Production AWS",
    "type": "aws",
    "status": "synced",
    "resource_count": 247,
    "last_synced_at": "2024-01-15T06:00:00Z"
  }
]
status
string
Current sync status: syncing, synced, or error.

GET /providers/ — get provider

Returns details for a single provider. Credentials are never returned. 
GET /api/v1/providers/{id}
Authorization: Bearer <token>

POST /providers//sync — trigger manual sync

Triggers an immediate resource sync. Returns 202 Accepted with a job ID. 
POST /api/v1/providers/{id}/sync
Authorization: Bearer <token>

Response 202

{
  "job_id": 15,
  "status": "running"
}

DELETE /providers/ — disconnect provider

Removes stored credentials and stops future syncs. Historical data is retained. 
DELETE /api/v1/providers/{id}
Authorization: Bearer <token>
Returns 204 No Content.
Deleting a provider removes its credentials immediately and stops all scheduled syncs. Resource and cost history are preserved for reporting purposes.