If your organization manages hundreds or even thousands of AWS accounts, you can use the corresponding REST APIs to add and manage these AWS accounts in the system. This topic provides an overview of the main workflow and explains how to use these APIs.

For a complete list of APIs, refer to REST APIs Documentation.

Onboarding New Accounts:

To integrate scripts into the account onboarding process, you can use the REST APIs to perform the following tasks after adding a new account:

• Add AWS Accounts to NetBrain: You will need to define your strategy to choose what types of accounts to add to NetBrain, either by using the tag or OU (organizational unit) as a filter based on your preference.
• Update Schedule Discovery Tasks: After adding the AWS accounts into NetBrain, you will need to add these accounts into the scheduled discovery process.

  Note: You only need to discover new accounts once, when they are first added to NetBrain. After the account data is successfully discovered and initialized, there is no need to rediscover them. You can use the REST API to check the discovery status (success or failure). If some accounts are discovered successfully, you can also use the API to remove them from the scheduled discovery task.

• Update Schedule Benchmark Task: After the discovery process, the corresponding data for the AWS accounts will be added to the system. The system will then need to run the benchmark to update the AWS data. If you have selected certain AWS accounts for the discovery, you will need to add these newly added accounts to the benchmark scope, as shown in the screenshot below.

Offboarding Old Accounts:

To remove unused AWS accounts, you can use the REST APIs to delete the accounts and their associated data from NetBrain.

• Remove AWS API Instance Data: You will need to call this API to remove the AWS API instance data so that all the data for the current AWS API Server will be removed from the NetBrain system.
• Remove AWS API Server: After successfully removing the AWS API instance data, you can safely remove the AWS API server, so this server will no longer be shown in the API Server Manager.