> ## Documentation Index > Fetch the complete documentation index at: https://docs.corgea.app/llms.txt > Use this file to discover all available pages before exploring further. # Get IaC Issues > Retrieve Infrastructure-as-Code (IaC) security issues from the latest matching processed scan. ## OpenAPI ````yaml /api-reference/openapi.json get /issues/iac openapi: 3.0.0 info: title: Corgea API version: 1.0.0 description: >- API for interacting with Corgea's scanning and vulnerability management features servers: - url: https://www.corgea.app/api/v1 description: Production server security: - CorgeaToken: [] - BearerAuth: [] paths: /issues/iac: get: tags: - Issues - IaC summary: Get IaC Issues description: >- Retrieve Infrastructure-as-Code (IaC) security issues from the latest matching processed scan. operationId: listIacIssues parameters: - name: project in: query required: false schema: type: string description: Filter by project name - name: repo in: query required: false schema: type: string description: Filter by repository URL - name: branch in: query required: false schema: type: string description: Filter by branch name - name: page in: query required: false schema: type: integer default: 1 description: The page number for pagination - name: page_size in: query required: false schema: type: integer default: 20 maximum: 50 description: The number of results per page - name: severity in: query required: false schema: type: string description: >- Filter by severity levels (comma-separated). Valid values: CRITICAL, HIGH, MEDIUM, LOW example: CRITICAL,HIGH - name: provider in: query required: false schema: type: string description: Filter by cloud or platform provider example: aws - name: service in: query required: false schema: type: string description: Filter by affected service example: s3 - name: iac_type in: query required: false schema: type: string description: Filter by IaC format example: terraform - name: rule_id in: query required: false schema: type: string description: Filter by rule identifier example: AVD-AWS-0001 - name: avd_id in: query required: false schema: type: string description: Filter by AVD identifier example: AVD-AWS-0001 - name: path in: query required: false schema: type: string description: Filter by file path (partial match) example: infra/main.tf - name: search in: query required: false schema: type: string description: Search across title, description, message, rule ID, and AVD ID example: encryption - name: sort_by in: query required: false schema: type: string enum: - created_at - '-created_at' - severity - '-severity' - provider - '-provider' - service - '-service' - path - '-path' description: Sort results by field (prefix with '-' for descending order) example: '-severity' responses: '200': description: Get IaC Issues retrieved successfully or no project found content: application/json: schema: oneOf: - type: object properties: status: type: string example: ok page: type: integer total_pages: type: integer total_issues: type: integer issues: type: array items: $ref: '#/components/schemas/IaCIssue' - type: object properties: status: type: string example: no_project_found '403': description: Permission denied content: application/json: schema: type: object properties: error: type: string example: Permission denied components: schemas: IaCIssue: type: object properties: id: type: string format: uuid created_at: type: string format: date-time title: type: string description: type: string message: type: string resolution: type: string severity: type: string nullable: true enum: - CRITICAL - HIGH - MEDIUM - LOW rule_id: type: string avd_id: type: string primary_url: type: string references: type: array items: {} provider: type: string service: type: string iac_type: type: string location: type: object properties: path: type: string raw_path: type: string start_line: type: integer nullable: true end_line: type: integer nullable: true scan: type: object properties: id: type: string format: uuid nullable: true branch: type: string nullable: true project: type: string nullable: true securitySchemes: CorgeaToken: type: apiKey in: header name: CORGEA-TOKEN description: API key for authentication BearerAuth: type: http scheme: bearer bearerFormat: JWT description: OAuth2 access token (JWT) in the Authorization header ````