Assuming you have landed here, having completed steps 1 - 9 of Creating an IAM role for Intruder, below are the steps you need to follow to ensure that we can identify APIs in your cloud account.
Head back to your AWS console > Select the role linked to your Intruder account
Select Add permissions > Create inline policy
Select Service:
API Gateway V2
Scroll down to Access level > Read and select all options available (in this example:
All read actions+GET):
Select 'Add more permissions' > Service: API Gateway
5. Scroll down to Access level > Read and select all options available (in this example:
All read actions+GET):
Select Resources >
All. Then click Next to take you to the next window.
Add policy name > click
Create policy
✨ Voila, you should see that policy added to the role you created earlier.
What does it look like in the portal?
Targets overview page
Head to the Targets page > click Requires attention and you'll see them listed (though please note, this list also includes targets where we've detected a login page on a target that hasn't been added as web app).
Targets > Cloud assets > Asset details:
If we detect an API, you'll see a small tool tip next to the target, as shown below:
Notifications tab:
You'll also see a message in the notifications feed
