IBM Cloud Docs
Integrating Security and Compliance Center with your resources

Integrating Security and Compliance Center with your resources

As of 16 June 2025, you cannot create new instances in this version of this product. All of the functionality is now available in the updated experience of Security and Compliance Center Workload Protection. For more information, see the transition documentation.

Ready to integrate IBM Cloud® Security and Compliance Center with your existing apps or services? Try out the supported developer tools.

Supported developer tools

Security and Compliance Center offers APIs, SDKs, a CLI, and Terraform support that you can use to connect to the service.

Security and Compliance Center SDKs

Security and Compliance Center offers software development kits (SDKs) that you can use to connect with the service in various programming languages. For more information about getting started with Security and Compliance Center SDKs, check out the following repositories on GitHub:

Security and Compliance Center CLI plug-in

Building an automated flow? If you're already using the IBM Cloud Command Line Interface (CLI), you can install the Security and Compliance Center plug-in so that you can automate the evaluation of your resources.

To install Security and Compliance Center commands, run the following command:

ibmcloud plugin install security-compliance

After you create your instance, for example, you can run the following CLI command to create a custom library:

ibmcloud security-compliance control-library create
--control-library-name='IBM Cloud for Financial Services'
--control-library-description='IBM Cloud for Financial Services'
--control-library-type=custom
--controls='[
  {
    "control_name": "SC-7",
    "control_id": "1fa45e17-9322-4e6c-bbd6-1c51db08e790",
    "control_description": "Boundary Protection",
    "control_category": "System and Communications Protection",
    "control_parent": "exampleString",
    "control_tags": [
      "1fa45e17-9322-4e6c-bbd6-1c51db08e790"
      ],
    "control_specifications": [
      {
        "control_specification_id": "5c7d6f88-a92f-4734-9b49-bd22b0900184",
        "responsibility": "user",
        "component_id": "iam-identity",
        "component_name": "exampleString",
        "environment": "ibm-cloud",
        "control_specification_description": "IBM cloud",
        "assessments_count": 38,
        "assessments": [
          {
            "assessment_id": "rule-238a6025-2522-4d36-831b-a32f81f97304",
            "assessment_method": "ibm-cloud-rule",
            "assessment_type": "automated",
            "assessment_description": "Check whether authorized IP ranges are configured for the account",
            "parameter_count": 38,
            "parameters": [
              {
                "parameter_name": "session_invalidation_in_seconds",
                "parameter_display_name": "Sign out due to inactivity in seconds",
                "parameter_type": "numeric",
                "parameter_value": "public"
                }
              ]
            }
          ]
        }
      ],
    "control_docs": {
      "control_docs_id": "sc-7",
      "control_docs_type": "ibm-cloud"
      },
    "control_requirement": true,
    "status": "enabled"
    }
  ]'
--version-group-label=33fc7b80-0fa5-4f16-bbba-1f293f660f0d
--control-library-version=1.0.0
--latest=true
--controls-count=38
--x-correlation-id=exampleString
--x-request-id=exampleString

For more information, check out the Security and Compliance Center CLI reference.

Security and Compliance Center API

If you're trying out Security and Compliance Center for the first time, you might want to use the Security and Compliance Center API to automate the evaluation of your resources.

Start by copying the service endpoint URL from the Endpoints page in your Security and Compliance Center service dashboard. Then, generate an IBM Cloud Identity and Access Management (IAM) token to include in your request. For example, after you configure your service instance, you can use the following API request to retrieve all the control libraries.

curl -X GET 
  --location --header "Authorization: Bearer {iam_token}" 
  --header "Accept: application/json" 
  "{base_url}/control_libraries"

Replace {base_url} with your service endpoint URL (https://us-south.compliance.cloud.ibm.com/instances/{instance_id}/v3/), and {iam_token} with your IAM token. To run the API request, you can paste it into your command line, or preferred API testing tool.

For more information about using Security and Compliance Center APIs, check out the Security and Compliance Center API reference.

Security and Compliance Center Terraform

Already using Terraform? You can continue to use Terraform with Security and Compliance Center to read data sources and create resources.