# InfraAudit ## Docs - [Authenticate requests to the InfraAudit API](https://docs.infraudit.com/api/authentication.md): Get an InfraAudit API key from the dashboard, pass it as a Bearer token on every request, and understand what 401 and 403 errors mean for your integration. - [HTTP error codes and error response format](https://docs.infraudit.com/api/errors.md): InfraAudit returns JSON errors with a code and message field. Reference the HTTP status codes, machine-readable error codes, and error handling patterns. - [Connect an AWS Account via the API](https://docs.infraudit.com/api/examples/connect-aws.md): Step-by-step API walkthrough: connect an AWS account, wait for the initial resource sync to complete, and list discovered resources using curl. - [Fetch Cost Reports and Forecasts via API](https://docs.infraudit.com/api/examples/fetch-cost-report.md): Pull 30-day cost trend data, detect anomalies, get a spend forecast, and generate a downloadable PDF cost report using the InfraAudit API. - [API Cookbook: Common InfraAudit Workflows](https://docs.infraudit.com/api/examples/overview.md): End-to-end code examples for the most common InfraAudit API workflows, from connecting a cloud account to handling webhook events. - [Run a Drift Scan and Retrieve Findings](https://docs.infraudit.com/api/examples/run-drift-scan.md): Trigger a drift detection scan via the InfraAudit API, poll for job completion, and list findings filtered by severity using curl. - [Subscribe to Webhook Events from InfraAudit](https://docs.infraudit.com/api/examples/subscribe-to-webhooks.md): Register a webhook endpoint, verify HMAC signatures on delivery, and handle drift, alert, and vulnerability events in a Node.js receiver. - [InfraAudit OpenAPI spec — download and usage](https://docs.infraudit.com/api/openapi.md): Where to find the auto-generated OpenAPI 3.0 spec, how to download it, and how to use it with Postman, Swagger UI, or code generators. - [InfraAudit REST API — overview and base URL](https://docs.infraudit.com/api/overview.md): InfraAudit REST API base URL, versioning scheme, authentication method, content type requirements, and a working curl example to get you started. - [Paginate results from InfraAudit list endpoints](https://docs.infraudit.com/api/pagination.md): InfraAudit list endpoints return paginated results. Learn how to use the page and pageSize query parameters and read the meta fields in each response. - [Rate limiting on the InfraAudit REST API](https://docs.infraudit.com/api/rate-limiting.md): InfraAudit enforces per-user rate limits on all API endpoints. Learn the limit headers, what a 429 response contains, and how to build a safe retry strategy. - [REST API endpoints for alerts — GET /alerts](https://docs.infraudit.com/api/reference/alerts.md): List, filter by severity and status, acknowledge, and resolve InfraAudit security, cost, compliance, and performance alerts via the REST API. - [REST API endpoints for cost and performance anomalies](https://docs.infraudit.com/api/reference/anomalies.md): List and dismiss cost anomalies detected by InfraAudit. Each record includes the provider, date, actual spend, and statistical deviation from expected spend. - [REST API endpoints for authentication — login and profile](https://docs.infraudit.com/api/reference/auth.md): InfraAudit auth API endpoints: POST /auth/login to get a token, GET /auth/me for the current user profile, and POST /register to create an account. - [REST API endpoints for resource baselines](https://docs.infraudit.com/api/reference/baselines.md): Create and manage configuration baselines for your cloud resources. Compare current state against a baseline to surface configuration drift findings. - [REST API endpoints for compliance assessments](https://docs.infraudit.com/api/reference/compliance.md): Trigger CIS, SOC 2, NIST, and PCI-DSS compliance assessments, retrieve per-control pass/fail results, and export audit reports via the InfraAudit API. - [REST API endpoints for cost data and forecasts](https://docs.infraudit.com/api/reference/costs.md): Retrieve multi-cloud billing overviews, daily cost trends, 30/60/90-day forecasts, and statistical anomalies via the InfraAudit costs API endpoints. - [REST API endpoints for drift detection — GET /drifts](https://docs.infraudit.com/api/reference/drifts.md): Trigger drift detection scans, list and filter findings by severity and provider, acknowledge drift, and resolve findings via the InfraAudit REST API. - [REST API endpoints for scheduled jobs — GET /jobs](https://docs.infraudit.com/api/reference/jobs.md): Create, list, trigger manually, and inspect execution history for InfraAudit scheduled jobs including drift detection, vulnerability scans, and billing syncs. - [REST API endpoints for Kubernetes clusters](https://docs.infraudit.com/api/reference/kubernetes.md): Register Kubernetes clusters, list namespaces, deployments, pods and services, and trigger security and drift scans via the InfraAudit API. - [REST API endpoints for notification channels](https://docs.infraudit.com/api/reference/notifications.md): Create, update, and delete InfraAudit notification channels for Slack, email, and webhooks. Configure which alert severity levels each channel receives. - [REST API endpoint reference — all resource groups](https://docs.infraudit.com/api/reference/overview.md): A complete index of InfraAudit REST API endpoint groups — providers, resources, drifts, costs, compliance, and more — with links to each reference page. - [REST API endpoints for cloud providers](https://docs.infraudit.com/api/reference/providers.md): Connect your AWS, GCP, Azure, and Kubernetes accounts to InfraAudit, list existing providers, trigger manual syncs, and remove providers via the API. - [REST API endpoints for AI-powered recommendations](https://docs.infraudit.com/api/reference/recommendations.md): List and filter AI-generated InfraAudit recommendations for cost savings, security, and compliance — then apply or dismiss them via the REST API. - [REST API endpoints for remediation actions](https://docs.infraudit.com/api/reference/remediation.md): Submit, approve, execute, and roll back InfraAudit remediation actions for drift and vulnerability findings programmatically through the REST API. - [REST API endpoints for report generation](https://docs.infraudit.com/api/reference/reports.md): Generate, poll, and download InfraAudit reports as PDF or CSV. Covers drift findings, vulnerabilities, compliance assessment results, and cost summaries. - [REST API endpoints for cloud resources — GET /resources](https://docs.infraudit.com/api/reference/resources.md): List and retrieve the cloud resources that InfraAudit has discovered across your providers. Filter by provider ID, resource type, region, and sync status. - [REST API endpoints for account settings and API keys](https://docs.infraudit.com/api/reference/settings.md): Manage your InfraAudit account settings, create and revoke API keys, and administer team members using the settings and API keys endpoints. - [REST API endpoints for vulnerability findings](https://docs.infraudit.com/api/reference/vulnerabilities.md): Trigger vulnerability scans, list CVE findings by severity and status, and retrieve full vulnerability details via the InfraAudit API. - [REST API endpoints for webhook subscriptions](https://docs.infraudit.com/api/reference/webhooks.md): Register outbound webhook endpoints, subscribe to event types, send test deliveries, delete subscriptions, and view delivery history via the InfraAudit API. - [Webhook event types and payload schemas](https://docs.infraudit.com/api/webhooks/events.md): All InfraAudit webhook event types with full payload schemas: drift, alert, vulnerability, compliance, cost, job, remediation, and ping. - [InfraAudit webhooks — real-time event callbacks](https://docs.infraudit.com/api/webhooks/overview.md): InfraAudit can push real-time event notifications to any HTTP endpoint. Learn how webhooks work, how to register one, and the payload envelope structure. - [Webhook Delivery Retries and Guarantees](https://docs.infraudit.com/api/webhooks/retries.md): InfraAudit retries failed webhook deliveries up to 3 times with exponential backoff. Learn the retry schedule, timeout window, and how to recover missed events. - [Verify InfraAudit Webhook Signatures](https://docs.infraudit.com/api/webhooks/signing.md): Every InfraAudit webhook delivery includes an HMAC-SHA256 signature header. Learn how to verify it in Go, Node.js, and Python to prevent spoofed requests. - [Authenticating with the InfraAudit CLI — auth commands](https://docs.infraudit.com/cli/authentication.md): Log in with infraudit auth login, check your session with auth whoami, and use non-interactive flags for CI/CD. Key flags: --email, --password, --token. - [Using the InfraAudit CLI in CI/CD automation pipelines](https://docs.infraudit.com/cli/ci-cd-usage.md): Integrate infraudit into GitHub Actions or GitLab CI for automated drift and vulnerability checks. Use --output json with jq to gate builds on findings. - [infraudit alert — security and operational alert commands](https://docs.infraudit.com/cli/commands/alert.md): infraudit alert list, get, acknowledge — manage security alerts. Key flags: --severity critical|high|medium|low, --status open|acknowledged, --type. - [infraudit compliance — compliance assessment commands](https://docs.infraudit.com/cli/commands/compliance.md): infraudit compliance run, list, export — run CIS, SOC2, NIST, PCI-DSS, and HIPAA assessments. Key flags: --framework, --provider, --format pdf|csv. - [infraudit cost — cloud cost report and forecast commands](https://docs.infraudit.com/cli/commands/cost.md): infraudit cost report, forecast, anomalies — fetch spend data and projections. Key flags: --provider aws|gcp|azure, --period 30d|60d|90d, --days. - [infraudit drift — infrastructure drift detection commands](https://docs.infraudit.com/cli/commands/drift.md): infraudit drift scan, list, get, acknowledge — detect and manage infrastructure configuration drift. Key flags: --severity, --status, --type, --provider. - [infraudit iac — IaC upload and drift comparison commands](https://docs.infraudit.com/cli/commands/iac.md): infraudit iac upload, list, diff — upload Terraform, CloudFormation, or Kubernetes IaC and detect drift between defined state and live infrastructure. - [infraudit job — scheduled automation job commands](https://docs.infraudit.com/cli/commands/job.md): infraudit job list, create, run, history — manage scheduled drift and compliance jobs. Key flags: --type drift_detection|resource_sync, --schedule cron. - [infraudit kubernetes — Kubernetes cluster commands](https://docs.infraudit.com/cli/commands/kubernetes.md): infraudit kubernetes list, scan, resources — register clusters and inspect workloads. Key flags: --name, --kubeconfig. Alias: k8s for shorter commands. - [infraudit notification — notification channel commands](https://docs.infraudit.com/cli/commands/notification.md): infraudit notification list, create, delete — manage Slack and email channels. Key flags: --type slack|email, --config JSON for channel settings. - [infraudit commands — complete CLI command reference index](https://docs.infraudit.com/cli/commands/overview.md): Index of all infraudit CLI command groups: provider, resource, drift, vulnerability, cost, compliance, kubernetes, iac, job, and remediation with aliases. - [infraudit provider — cloud provider account management](https://docs.infraudit.com/cli/commands/provider.md): infraudit provider — connect, sync, and disconnect AWS, GCP, and Azure accounts. Key flags: --type, --name, --credentials for provider connect. - [infraudit recommendation — AI recommendation commands](https://docs.infraudit.com/cli/commands/recommendation.md): infraudit recommendation list, get, generate — view AI-powered cost and security suggestions. Key flags: --type cost|security, --priority, --status pending. - [infraudit remediation — remediation workflow commands](https://docs.infraudit.com/cli/commands/remediation.md): infraudit remediation list, approve, run, rollback — manage AI-suggested fix actions for drift and vulnerability findings with approval-gated execution. - [infraudit resource — cloud resource list and inspection](https://docs.infraudit.com/cli/commands/resource.md): infraudit resource list, get, and search — filter discovered resources by provider, type, and region. Key flags: --provider, --type, --region, --status. - [infraudit vulnerability — vulnerability scan commands](https://docs.infraudit.com/cli/commands/vulnerability.md): infraudit vulnerability scan, list, get — run CVE scans and filter findings. Key flags: --severity critical|high|medium|low, --status open|fixed, --resource. - [infraudit webhook — outbound webhook management commands](https://docs.infraudit.com/cli/commands/webhook.md): infraudit webhook list, create, delete, and test — register outbound webhooks for InfraAudit events. Key flags: --url, --events for event type filtering. - [Configuring the InfraAudit CLI — config file and env vars](https://docs.infraudit.com/cli/configuration.md): Set the API URL, default output format, and auth tokens in the CLI config file at ~/.infraudit/config.yaml or via environment variables. - [InfraAudit CLI examples — common workflow sequences](https://docs.infraudit.com/cli/examples.md): Step-by-step CLI command sequences for security audits, cost optimization, compliance assessments, Kubernetes scanning, and JSON scripting with jq. - [Installing the InfraAudit CLI on macOS, Linux, Windows](https://docs.infraudit.com/cli/installation.md): Install the infraudit CLI from source or with go install on macOS, Linux, or Windows, then verify the binary and run first-time setup. - [InfraAudit CLI — terminal access to every feature](https://docs.infraudit.com/cli/overview.md): The infraudit CLI gives you full access to cloud scanning, drift detection, cost analysis, compliance, and remediation from your terminal or CI pipeline. - [Setting up shell tab completion for the infraudit CLI](https://docs.infraudit.com/cli/shell-completion.md): Enable tab completion for the infraudit CLI in bash, zsh, fish, or PowerShell with the infraudit completion command and your shell's config file. - [AI-Powered Recommendations in InfraAudit](https://docs.infraudit.com/concepts/ai-recommendations.md): How InfraAudit uses Google Gemini to generate remediation steps, savings estimates, and risk scores — plus the rule-based fallback for offline deployments. - [Cost Anomaly Detection in InfraAudit](https://docs.infraudit.com/concepts/anomaly-detection.md): How InfraAudit flags unexpected daily cost spikes using statistical analysis, what triggers an anomaly alert, and how to adjust detection sensitivity. - [Baselines: Resource Configuration Snapshots](https://docs.infraudit.com/concepts/baselines.md): Understand what a baseline is, how and when InfraAudit captures baselines, how to manage multiple baselines per resource, and how to promote a new baseline. - [Compliance Frameworks and Control Assessments](https://docs.infraudit.com/concepts/compliance-frameworks.md): InfraAudit supports CIS, SOC 2, NIST 800-53, PCI-DSS, and HIPAA. Learn how controls map to cloud resources and how assessment scores are calculated. - [Cost Forecasting: How InfraAudit Models Spend](https://docs.infraudit.com/concepts/cost-forecasting.md): How InfraAudit ingests daily billing data from AWS, GCP, and Azure to generate 30, 60, and 90-day spend forecasts using provider-native and trend-based models. - [How Drift Detection Works in InfraAudit](https://docs.infraudit.com/concepts/drift-detection.md): Learn how InfraAudit captures baselines, runs configuration comparisons, classifies drift by type and severity, and manages the drift finding lifecycle. - [Job Scheduler: Background Jobs and Cron Schedules](https://docs.infraudit.com/concepts/job-scheduler.md): How InfraAudit's built-in scheduler runs resource sync, drift detection, vulnerability scans, cost sync, and compliance checks on configurable cron schedules. - [InfraAudit Core Concepts Explained](https://docs.infraudit.com/concepts/overview.md): Key concepts behind InfraAudit: drift detection, baselines, compliance frameworks, AI recommendations, cost forecasting, anomaly detection, and remediation. - [Remediation Workflow: From Finding to Fix](https://docs.infraudit.com/concepts/remediation-workflow.md): How InfraAudit remediations work: from AI-suggested action to approval, cloud API execution, and rollback — step by step through the full lifecycle. - [Core concepts and vocabulary used in InfraAudit](https://docs.infraudit.com/getting-started/core-concepts.md): Definitions for the key terms across InfraAudit: providers, resources, drift, baselines, assessments, jobs, remediations, and webhooks. - [Quickstart: install the infraudit CLI and scan](https://docs.infraudit.com/getting-started/quickstart-cli.md): Install the infraudit CLI, authenticate against your InfraAudit account, connect a cloud provider, and run your first drift scan from the terminal. - [Quickstart: sign up, connect AWS, and run a scan](https://docs.infraudit.com/getting-started/quickstart-saas.md): Sign up for InfraAudit, connect your first AWS account, run a drift scan, and review your first findings — in about five minutes. - [Quickstart: self-host InfraAudit with Docker Compose](https://docs.infraudit.com/getting-started/quickstart-self-host.md): Run InfraAudit on your own infrastructure with Docker Compose. Covers Supabase setup, .env configuration, first login, and connecting your first provider. - [What InfraAudit does and which teams use it](https://docs.infraudit.com/getting-started/what-is-infraudit.md): InfraAudit is a multi-cloud operations platform combining security scanning, cost management, and compliance assessment for DevOps and FinOps teams. - [Connect an AWS Account to InfraAudit](https://docs.infraudit.com/integrations/aws.md): Create an IAM policy and user or role, enter your credentials in InfraAudit, and start syncing EC2, S3, RDS, Lambda, and billing data. - [Connect an Azure Subscription to InfraAudit](https://docs.infraudit.com/integrations/azure.md): Create a service principal with Reader and Cost Management Reader roles, then connect your Azure subscription to sync VMs, Storage, and billing data. - [Detect IaC Drift with CloudFormation Templates](https://docs.infraudit.com/integrations/cloudformation.md): Upload CloudFormation YAML or JSON templates to InfraAudit to compare declared stack resources against live AWS infrastructure and surface drift findings. - [Connect a GCP Project to InfraAudit](https://docs.infraudit.com/integrations/gcp.md): Create a service account with the required IAM roles, download a JSON key, and connect your GCP project to sync Compute, Storage, and billing data. - [Connect a Kubernetes Cluster to InfraAudit](https://docs.infraudit.com/integrations/kubernetes.md): Register Kubernetes clusters using a read-only kubeconfig or service account token to sync workloads, pods, and services across multiple clusters. - [Connect InfraAudit to Your Infrastructure](https://docs.infraudit.com/integrations/overview.md): An overview of every integration InfraAudit supports — cloud providers, IaC tools, notification channels, and security scanners. - [Send InfraAudit Alerts to Slack](https://docs.infraudit.com/integrations/slack.md): Create a Slack incoming webhook, add it to InfraAudit notification settings, and configure routing rules to send different alert types to different channels. - [Detect IaC Drift with Terraform Files](https://docs.infraudit.com/integrations/terraform.md): Upload Terraform configuration files to InfraAudit and compare your declared infrastructure against live cloud resources to surface IaC drift findings. - [Container Vulnerability Scanning with Trivy and NVD](https://docs.infraudit.com/integrations/trivy-and-nvd.md): How InfraAudit uses Trivy to scan container images for CVEs and enriches findings with CVSS scores and descriptions from the National Vulnerability Database. - [Receive InfraAudit Events via Webhooks](https://docs.infraudit.com/integrations/webhooks.md): Register an HTTP endpoint, subscribe to event types, verify HMAC-SHA256 signatures, and handle retries for InfraAudit outbound webhook deliveries. - [InfraAudit: Multi-Cloud Security & Cost Platform](https://docs.infraudit.com/introduction.md): InfraAudit monitors AWS, GCP, Azure, and Kubernetes for drift, vulnerabilities, compliance failures, and cost anomalies — all from one platform. - [Configure alert channels and manage your notification inbox](https://docs.infraudit.com/platform/alerts.md): Set up Slack, email, and webhook notification channels, configure severity thresholds and routing rules, and manage the InfraAudit alert inbox. - [Manage InfraAudit's scheduled scans and jobs](https://docs.infraudit.com/platform/automation-and-jobs.md): View and manage InfraAudit's scheduled background jobs: resource sync, drift detection, vulnerability scanning, cost sync, and compliance checks. - [Run compliance assessments and export audit reports](https://docs.infraudit.com/platform/compliance.md): Enable compliance frameworks, run automated assessments against CIS, SOC 2, NIST, PCI-DSS, and HIPAA, and export PDF or CSV reports for auditors. - [Connecting AWS, GCP, Azure, and Kubernetes accounts](https://docs.infraudit.com/platform/connecting-cloud-accounts.md): Connect your AWS, GCP, Azure, or Kubernetes accounts to InfraAudit. Includes required permissions and credential details for each provider type. - [Analyze cloud spend, forecasts, and savings opportunities](https://docs.infraudit.com/platform/cost-optimization.md): Review multi-cloud spend trends, understand 30–90 day forecasts, identify daily cost anomalies, and act on right-sizing and savings recommendations. - [Reading the InfraAudit dashboard and its key metrics](https://docs.infraudit.com/platform/dashboard.md): Understand what the InfraAudit dashboard shows, how to read each panel, and how to use quick actions to jump to the right section fast. - [Detect and investigate cloud configuration drift](https://docs.infraudit.com/platform/drift-detection.md): Run drift scans, interpret findings by type and severity, manage baselines, and resolve or remediate configuration changes across your cloud accounts. - [Register Kubernetes clusters and scan your workloads](https://docs.infraudit.com/platform/kubernetes.md): Connect Kubernetes clusters to InfraAudit, browse deployments and pods, and run drift detection and vulnerability scans against your workloads. - [InfraAudit platform guide: web UI overview](https://docs.infraudit.com/platform/overview.md): A guided tour of the InfraAudit web platform — dashboards, cloud account management, scans, compliance, cost analysis, and automation. - [View and act on AI-generated recommendations](https://docs.infraudit.com/platform/recommendations.md): Understand how InfraAudit generates cost, security, and performance recommendations using Gemini AI, and how to apply or dismiss them from the UI or CLI. - [Approve and apply automated infrastructure remediations](https://docs.infraudit.com/platform/remediation.md): Use InfraAudit's remediation queue to approve and apply automated fixes to drift and vulnerability findings, with a configurable rollback window. - [Browse and filter your cloud resource inventory](https://docs.infraudit.com/platform/resources-and-inventory.md): Use the Resources section to browse every cloud resource InfraAudit discovers, filter by type, region, or provider, and view per-resource drift and cost data. - [Scan for CVEs and manage vulnerability findings](https://docs.infraudit.com/platform/vulnerabilities.md): How InfraAudit uses Trivy and the NVD database to surface CVEs in your cloud resources, and how to filter, triage, and act on vulnerability findings. - [InfraAudit Release Notes, Version History, and Changelog](https://docs.infraudit.com/resources/changelog.md): Version history for InfraAudit. Find full release notes on GitHub. InfraAudit follows semantic versioning — breaking changes only in major releases. - [InfraAudit: Frequently Asked Questions and Answers](https://docs.infraudit.com/resources/faq.md): Answers to common questions about InfraAudit: supported cloud providers, free tier, how credentials are secured, edition differences, and scan schedules. - [InfraAudit Glossary: Key Terms, Concepts, and Definitions](https://docs.infraudit.com/resources/glossary.md): Definitions for every InfraAudit-specific term used across the documentation, UI, CLI, and API — from Anomaly and Baseline to Severity and Webhook. - [How to Get Help and Support for InfraAudit: All Plans](https://docs.infraudit.com/resources/support.md): How to get help with InfraAudit: GitHub Issues for the Community edition, email support for SaaS plans, and dedicated support for Enterprise. - [InfraAudit Environment Variable Configuration Reference](https://docs.infraudit.com/self-hosting/configuration.md): Complete reference for every environment variable InfraAudit accepts, organized by category, with default values and valid options. - [Deploy InfraAudit Using Docker Compose Step by Step](https://docs.infraudit.com/self-hosting/docker-compose.md): Run InfraAudit locally or on a server using Docker Compose. Starts the API, database, Redis, and frontend in four containers with one command. - [Deploy InfraAudit on Kubernetes With Provided Manifests](https://docs.infraudit.com/self-hosting/kubernetes.md): Deploy InfraAudit on Kubernetes using the provided manifests. Covers secrets, ConfigMaps, deployments, ingress, and horizontal scaling. - [Self-Hosting InfraAudit: Community Edition Overview](https://docs.infraudit.com/self-hosting/overview.md): Run the InfraAudit Community edition on your own infrastructure using Docker Compose or Kubernetes. MIT-licensed with no resource limits. - [Prerequisites: What You Need to Self-Host InfraAudit](https://docs.infraudit.com/self-hosting/prerequisites.md): Everything you need before deploying InfraAudit: a Supabase project for authentication, Docker or Kubernetes, and minimum system requirements. - [Managing Secrets and Credential Encryption in InfraAudit](https://docs.infraudit.com/self-hosting/secrets-and-encryption.md): How InfraAudit encrypts cloud credentials at rest with AES-256-GCM, how to generate and rotate the encryption key, and production secrets best practices. - [Troubleshooting Your Self-Hosted InfraAudit Deployment](https://docs.infraudit.com/self-hosting/troubleshooting.md): Fixes for common self-hosting issues: containers that won't start, Supabase authentication errors, missing cloud resources, and scans that don't run. - [Upgrading Your Self-Hosted InfraAudit Installation](https://docs.infraudit.com/self-hosting/upgrades.md): How to update InfraAudit to a new release: pull images, run migrations, verify the rollout, and pin versions for controlled production upgrades.