Posture API
The posture API area summarizes evidence for access review and operational control questions.
Evidence sources
Section titled “Evidence sources”Relevant sources include user permissions, resource inventory, policy bindings, execution jobs, verification results, and logs.
Review automation
Section titled “Review automation”Posture workflows let security teams pull rating-style summaries, policy coverage, stale account signals, drift findings, and audit evidence into review processes.
Representative posture summary
Section titled “Representative posture summary”The following example is representative; match endpoint shape to the deployed product version.
curl -sS "$ANCHOR_API/compliance/summary?scope_id=7" \ -H "Authorization: Bearer $ANCHOR_TOKEN"Representative response:
{ "scope_id": 7, "rating": "review_required", "score": 86, "resources": { "total": 128, "verified": 119, "rotation_due": 6, "policy_missing": 3 }, "signals": [ "strong_policy_coverage", "stale_accounts_detected", "rotation_due_within_7_days" ], "alignment_targets": ["CIS", "PCI-DSS", "SOX", "HIPAA", "internal_policy"]}Integration advice
Section titled “Integration advice”Start by defining the review questions before building exports.