Aqua Wave IaC scanning is designed for easy integration with existing CI/CD deployment processes through the use of a simple REST API. We recommend integrating IaC scanning into your deployment pipelines to help catch infrastructure vulnerabilities prior to their deployment into live environments.


TABLE OF CONTENTS


Obtaining API Access

Using the IaC scanning API requires an Aqua Wave API key and secret. You can generate these from the "API Keys" page.


We strongly recommend limiting this API key's access to just IaC code scanning endpoints by using API key permissions. Read more.


Sample Code

Because the Aqua Wave API is RESTful, you can easily integrate with any programming language. Aqua has several sample code scripts you can use.