Overview
The Cloud Compliance Checker is a powerful API for auditing cloud infrastructure against multiple compliance standards and regulatory requirements. It enables security teams, cloud architects, and compliance officers to systematically verify that their cloud deployments meet required security postures and compliance benchmarks.
This tool supports major cloud providers and compliance frameworks, allowing organizations to perform automated compliance validation on their cloud configurations. Whether you're preparing for a security audit, maintaining continuous compliance, or validating infrastructure-as-code deployments, this API provides rapid, standardized compliance assessment against recognized standards.
Ideal users include DevSecOps teams automating compliance checks in CI/CD pipelines, cloud security engineers validating multi-cloud deployments, compliance auditors performing infrastructure reviews, and organizations managing regulatory obligations across diverse cloud environments.
Usage
Example Request:
CODEBLOCK0
Example Response:
CODEBLOCK1
Endpoints
POST /check-compliance
Performs a comprehensive compliance audit against specified cloud provider and compliance standard.
Method: �INLINECODE0
Path: �INLINECODE1
Parameters:
| Name | Type | Required | Description |
|---|
| INLINECODE2 | string | Yes | Cloud provider identifier (e.g., aws, azure, gcp, kubernetes) |
| INLINECODE7 |
string | Yes | Compliance framework or standard (e.g.,
cis,
pci-dss,
hipaa,
sox,
nist,
iso27001) |
|
config | string | No | JSON string containing provider-specific configuration options. Default:
"{}". Supports parameters like region, scan
type, resourcefilters, etc. |
Response (200 - Success):
Returns a JSON object containing:
- -
compliance_status: Overall status (passed/failed/warning) - INLINECODE17�: The cloud provider checked
- INLINECODE18�: The compliance standard used
- INLINECODE19�: Total number of compliance checks executed
- INLINECODE20�: Number of passing checks
- INLINECODE21�: Number of failing checks
- INLINECODE22�: Percentage of checks passed
- INLINECODE23�: Array of failed checks with check_id, title, severity, and resource
- INLINECODE24�: UTC timestamp of the scan
- INLINECODE25�: Time taken to complete the audit
Response (422 - Validation Error):
Returns validation error details when required parameters are missing or invalid.
CODEBLOCK2
Pricing
| Plan | Calls/Day | Calls/Month | Price |
|---|
| Free | 5 | 50 | Free |
| Developer |
20 | 500 | $39/mo |
| Professional | 200 | 5,000 | $99/mo |
| Enterprise | 100,000 | 1,000,000 | $299/mo |
About
ToolWeb.in - 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.
References
- - Kong Route: https://api.mkkpro.com/compliance/cloud-compliance
- API Docs: https://api.mkkpro.com:8019/docs
概述
云合规检查器是一款强大的API,用于根据多种合规标准和监管要求审计云基础设施。它使安全团队、云架构师和合规官能够系统性地验证其云部署是否达到所需的安全态势和合规基准。
该工具支持主流云提供商和合规框架,使组织能够对其云配置执行自动化合规验证。无论您是在准备安全审计、维护持续合规性,还是验证基础设施即代码部署,此API都能根据公认标准提供快速、标准化的合规评估。
理想用户包括在CI/CD流水线中自动化合规检查的DevSecOps团队、验证多云部署的云安全工程师、执行基础设施审查的合规审计员,以及在多样化云环境中管理监管义务的组织。
使用方法
示例请求:
json
{
provider: aws,
standard: cis,
config: {\region\: \us-east-1\, \scan_type\: \full\}
}
示例响应:
json
{
compliance_status: passed,
provider: aws,
standard: cis,
checks_performed: 156,
checks_passed: 154,
checks_failed: 2,
compliance_percentage: 98.7,
failed_checks: [
{
check_id: CIS-1.2,
title: 确保所有IAM用户启用MFA,
severity: high,
resource: iam-user-admin
},
{
check_id: CIS-2.1,
title: 确保所有区域启用CloudTrail,
severity: medium,
resource: eu-west-1
}
],
timestamp: 2024-01-15T10:30:00Z,
scandurationseconds: 42
}
端点
POST /check-compliance
针对指定的云提供商和合规标准执行全面的合规审计。
方法: POST
路径: /check-compliance
参数:
| 名称 | 类型 | 必填 | 描述 |
|---|
| provider | 字符串 | 是 | 云提供商标识符(例如 aws、azure、gcp、kubernetes) |
| standard |
字符串 | 是 | 合规框架或标准(例如 cis、pci-dss、hipaa、sox、nist、iso27001) |
| config | 字符串 | 否 | 包含提供商特定配置选项的JSON字符串。默认值:{}。支持region、scan
type、resourcefilters等参数。 |
响应(200 - 成功):
返回包含以下内容的JSON对象:
- - compliancestatus:总体状态(通过/失败/警告)
- provider:被检查的云提供商
- standard:使用的合规标准
- checksperformed:执行的合规检查总数
- checkspassed:通过的检查数量
- checksfailed:失败的检查数量
- compliancepercentage:检查通过百分比
- failedchecks:失败检查数组,包含checkid、title、severity和resource
- timestamp:扫描的UTC时间戳
- scanduration_seconds:完成审计所需时间
响应(422 - 验证错误):
当必需参数缺失或无效时返回验证错误详情。
json
{
detail: [
{
loc: [body, provider],
msg: 字段必填,
type: value_error.missing
}
]
}
定价
| 套餐 | 每日调用次数 | 每月调用次数 | 价格 |
|---|
| 免费 | 5 | 50 | 免费 |
| 开发者 |
20 | 500 | $39/月 |
| 专业 | 200 | 5,000 | $99/月 |
| 企业 | 100,000 | 1,000,000 | $299/月 |
关于
ToolWeb.in - 200+安全API,CISSP和CISM认证,平台:按次付费、API网关、MCP服务器、OpenClaw、RapidAPI、YouTube。
参考
- - Kong路由: https://api.mkkpro.com/compliance/cloud-compliance
- API文档: https://api.mkkpro.com:8019/docs
