-
Notifications
You must be signed in to change notification settings - Fork 58
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'master' into DOCS-7072-security-posture
- Loading branch information
Showing
558 changed files
with
116,309 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
This endpoint will return any SCAP datastreams uploaded to the console. This endpoint will return a 404 error if you have not configured your console to consume SCAP datastreams. | ||
|
||
The following is an example curl command that uses basic auth to retrieve any uploaded datastreams configured for SCAP scanning: | ||
|
||
```bash | ||
$ curl -k \ | ||
-u <USER> \ | ||
-H 'Content-Type: application/json' \ | ||
-X GET \ | ||
https://<CONSOLE>:8083/api/v1/scap | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
This endpoint will delete any SCAP datastreams uploaded to the console. You can find `xml_name` from the `GET /api/v1/scap` endpoint. | ||
|
||
The following is an example curl command that uses basic auth to delete an uploaded datastreams configured for SCAP scanning: | ||
|
||
```bash | ||
$ curl -k \ | ||
-u <USER> \ | ||
-H 'Content-Type: application/json' \ | ||
-X DELETE \ | ||
https://<CONSOLE>:8083/api/v1/scap/{xml_name} | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
This endpoint will allow you to add a SCAP datastream to the console. | ||
|
||
The following is an example curl command that uses basic auth to add an uploaded datastreams configured for SCAP scanning: | ||
|
||
```bash | ||
$ curl -k \ | ||
-u <USER> \ | ||
-H 'Content-Type: application/json' \ | ||
-X POST \ | ||
-d '{"XMLName":{"Space":"","Local":""}}' \ | ||
https://<CONSOLE>:8083/api/v1/scap | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
Import custom security checklists and evaluate them against your container images. | ||
Custom checklists complement the predefined compliance checks provided in the default Prisma Cloud Compute installation. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Checks if the Console is alive, responsive, and reachable from your network host. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
Checks if Console is reachable from your network host. | ||
|
||
### cURL Request | ||
|
||
Refer to the following cURL example command that pings Console and prints the HTTP response code: | ||
|
||
```bash | ||
$ curl -k \ | ||
-s \ | ||
-o /dev/null \ | ||
-w "%{http_code}\n" \ | ||
-X GET \ | ||
https://<CONSOLE>/api/v<VERSION>/_ping | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
The agentless security scan monitors hosts and containers for vulnerabilities and compliance risks by scanning the root volumes of snapshots without the need to install an agent. | ||
Supported cloud service provider platforms for agentless scanning: | ||
* Hosts - Amazon AWS, Google Cloud Platform, Microsoft Azure, and Oracle Cloud Infrastructure. | ||
* Containers- AWS, Azure, and GCP | ||
|
||
When you add a cloud account in the Prisma Cloud Compute (Manage > Cloud accounts), enable the agentless scan option and configure the scan scope. |
31 changes: 31 additions & 0 deletions
31
openapi-specs/compute/33-02/desc/agentless/get_agentless_progress.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
Shows the progress of an ongoing scan on hosts or containers for vulnerabilities and compliance. | ||
|
||
### cURL Request | ||
|
||
Refer to the following example cURL command: | ||
|
||
``` | ||
$ curl -k \ | ||
-u <USER> \ | ||
-H 'Content-Type: application/json' \ | ||
-X GET \ | ||
“https://<CONSOLE>/api/v<VERSION>/agentless/progress” | ||
``` | ||
|
||
### cURL Response | ||
|
||
Refer to the following example cURL response: | ||
|
||
``` | ||
{ | ||
"hostname": "", | ||
"id": "", | ||
"scanTime": "2022-11-09T11:10:51.649Z", | ||
"type": "agentlessHost", | ||
"discovery": true, | ||
"total": 5, | ||
"scanned": 2, | ||
"title": "Agentless discovering" | ||
} | ||
] | ||
``` |
17 changes: 17 additions & 0 deletions
17
openapi-specs/compute/33-02/desc/agentless/post_agentless_scan.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
Scans the hosts or containers for vulnerabilities and compliance. | ||
|
||
**Before you begin** | ||
Make sure that you download (use the agentless/templates API) and apply the permission templates in the supported cloud accounts: AWS, Azure, GCP, and OCI. | ||
|
||
|
||
### cURL Request | ||
|
||
Refer to the following example cURL command: | ||
|
||
``` | ||
$ curl -k \ | ||
-u <USER> \ | ||
-H 'Content-Type: application/json' \ | ||
-X POST \ | ||
“https://<CONSOLE>/api/v<VERSION>/agentless/scan” | ||
``` |
13 changes: 13 additions & 0 deletions
13
openapi-specs/compute/33-02/desc/agentless/post_agentless_stop.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
Stops an ongoing scan on hosts or containers for vulnerabilities and compliance. | ||
|
||
### cURL Request | ||
|
||
Refer to the following example cURL command: | ||
|
||
``` | ||
$ curl -k \ | ||
-u <USER> \ | ||
-H 'Content-Type: application/json' \ | ||
-X POST \ | ||
“https://<CONSOLE>/api/v<VERSION>/agentless/stop” | ||
``` |
41 changes: 41 additions & 0 deletions
41
openapi-specs/compute/33-02/desc/agentless/post_agentless_templates.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
Downloads a tarball file that contains the agentless resource permission templates for the cloud accounts. Apply these permission templates to complete the onboarding process for agentless scanning. | ||
|
||
* AWS: The tarball contains templates in JSON format ending with the following names: | ||
* _aws_hub_target_user_permissions.json | ||
* _aws_hub_user_permissions.json | ||
* _aws_target_user_permissions.json | ||
|
||
For more information on how to apply the permission templates, refer to the "Configure agentless scanning" section in the Prisma Cloud Compute administration guide. | ||
|
||
* Azure: Use the following script, that comes bundled in the tarball file, to apply permission template to an Azure cloud account: | ||
* apply_azure_permissions.sh: Run the script with a location (that specifies location of the resource) parameter. For more information on location parameters, see [resource location in ARM template](https://learn.microsoft.com/en-us/azure/azure-resource-manager/templates/resource-location?tabs=azure-cli). | ||
|
||
* OCI: Use the following script, that comes bundled in the tarball file, to apply permission template to an OCI cloud account: | ||
* pcc-apply-permissions.sh: Run the script with a compartment name parameter. | ||
|
||
* GCP: The tarball contains Jinja templates in YAML format ending with the following names: | ||
* _hub_target_access_permissions.yaml.jinja | ||
* _hub_target_user_permissions.yaml.jinja | ||
* _hub_user_permissions.yaml.jinja | ||
* _target_user_permissions.yaml.jinja | ||
|
||
For more information on how to apply the permission templates, refer to the "Configure agentless scanning" section in the Prisma Cloud Compute administration guide. | ||
|
||
**Note**: The body parameter `credentialID` is required to download templates in tar.gz format. | ||
|
||
### Before you begin | ||
Add the supported cloud accounts (AWS, Azure, GCP, and OCI) in Prisma Cloud Compute. | ||
|
||
### cURL Request | ||
|
||
Refer to the following example cURL command: | ||
|
||
``` | ||
$ curl -k \ | ||
-u <USER> \ | ||
-H 'Content-Type: application/json' \ | ||
-X POST \ | ||
-O <agentlesstemplate.tar.gz> \ | ||
-d {"credentialID":"aws_docs"} \ | ||
“https://<CONSOLE>/api/v<VERSION>/agentless/templates” | ||
``` |
8 changes: 8 additions & 0 deletions
8
openapi-specs/compute/33-02/desc/alert-profiles/alert-profiles.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
Manage alert profiles, which let you surface critical policy breaches by sending alerts to channels, such as email, Slack, and JIRA. | ||
|
||
Alert profiles define which events should be sent to which channel. | ||
Each profile declares: | ||
|
||
* One or more recipients. | ||
* One or more triggers, that raise alerts by sending messages on the configured channel. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
Retrieve a list of all alert profiles created in the system. | ||
|
||
The following example curl command uses basic auth to retrieve all alert profiles: | ||
|
||
```bash | ||
$ curl -k \ | ||
-u <USER> \ | ||
-H 'Content-Type: application/json' \ | ||
-X GET \ | ||
https://<CONSOLE>:8083/api/v1/alert-profiles | ||
``` |
14 changes: 14 additions & 0 deletions
14
openapi-specs/compute/33-02/desc/alert-profiles/id_delete.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
Deletes an alert profile entry by name. | ||
In the request payload, specify the alert profile name. | ||
This method has no response data. | ||
|
||
The following example curl command deletes an existing alert profile named `PROFILE-NAME`. | ||
|
||
```bash | ||
$ curl -k \ | ||
-u <USER> \ | ||
-H 'Content-Type: application/json' \ | ||
-X DELETE \ | ||
https://<CONSOLE>:8083/api/v1/alert-profiles/<PROFILE-NAME> | ||
``` | ||
|
20 changes: 20 additions & 0 deletions
20
openapi-specs/compute/33-02/desc/alert-profiles/names_get.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
Retrieve a list of only the names of all alert profiles created in the system. | ||
|
||
The following example curl command uses basic auth to retrieve all alert profiles' names: | ||
|
||
```bash | ||
$ curl -k \ | ||
-u <USER> \ | ||
-H 'Content-Type: application/json' \ | ||
-X GET \ | ||
https://<CONSOLE>:8083/api/v1/alert-profiles/names | ||
``` | ||
|
||
Example Response: | ||
|
||
``` | ||
[ | ||
"jira", | ||
"aqsa vulns" | ||
] | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
Update an existing alert profile created in the system. | ||
|
||
The following example curl command uses basic auth to add a Jira Alert profile: | ||
|
||
```bash | ||
$ curl -k \ | ||
-u <USER> \ | ||
-H 'Content-Type: application/json' \ | ||
-X POST \ | ||
https://<CONSOLE>:8083/api/v1/alert-profiles \ | ||
-d ' { | ||
"name": "jira", | ||
"_id": "jira", | ||
"jira": { | ||
"enabled": true, | ||
"projectKey": "TWIS", | ||
"issueType": "Task", | ||
"priority": "High", | ||
"labels": [], | ||
"assignee": "" | ||
} | ||
"policy": { | ||
"cve": { | ||
"enabled": true, | ||
"allRules": true, | ||
"rules": [], | ||
"clients": [ | ||
"jira" | ||
] | ||
} | ||
} ' | ||
``` |
14 changes: 14 additions & 0 deletions
14
openapi-specs/compute/33-02/desc/alert-profiles/test_post.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
Sends a test alert to verify successful configuration of the alert profile settings. | ||
|
||
The following example curl command uses basic auth to send test alert for an email alert profile: | ||
|
||
```bash | ||
$ curl -k \ | ||
-u <USER> \ | ||
-H 'Content-Type: application/json' \ | ||
-X POST \ | ||
-d <REQUEST-PAYLOAD> | ||
https://<CONSOLE>:8083/api/v1/alert-profiles/test | ||
``` | ||
|
||
In this case, the `REQUEST-PAYLOAD` would be the full JSON formatted alert profile from the base `GET` command |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
Paginated API requests are capped to a max of 50 returned objects because very large responses could DoS Console. | ||
|
||
If the response contains more than 50 objects, cycle through the collection with the `offset` query parameter to retrieve more objects. | ||
For example: | ||
|
||
``` | ||
https://<CONSOLE>/api/v1/images?limit=50&offset=X | ||
``` |
1 change: 1 addition & 0 deletions
1
openapi-specs/compute/33-02/desc/application-control/application-control.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Prisma Cloud Compute creates and stores host application rules for your environment. |
11 changes: 11 additions & 0 deletions
11
openapi-specs/compute/33-02/desc/application-control/get.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
Retrieves the host application control rules. | ||
|
||
The following example curl command uses basic auth to retrieve the control rules: | ||
|
||
```bash | ||
$ curl -k \ | ||
-u <USER> \ | ||
-H 'Content-Type: application/json' \ | ||
-X GET \ | ||
“https://<CONSOLE>/api/v<VERSION>/application-control/host” | ||
``` |
1 change: 1 addition & 0 deletions
1
openapi-specs/compute/33-02/desc/application-control/id_delete.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Removes the given rule from the list of host application control rules. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Update and inserts the host application control rule to the database and returns the upserted rule. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
Deletes **all** access audits. This deletion cannot be undone. | ||
|
||
|
||
```bash | ||
$ curl -k \ | ||
-u <USER> \ | ||
-H 'Content-Type: application/json' \ | ||
-X DELETE \ | ||
https://console:8083/api/v1/audits/access | ||
``` |
12 changes: 12 additions & 0 deletions
12
openapi-specs/compute/33-02/desc/audits/access_download_get.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
Returns the docker access audit events data in CSV format that are logged and aggregated for any container resource protected by a Defender in Prisma Cloud Compute. | ||
|
||
**Note**: You can download the access events from Console under **Monitor > Events > Docker audits > Download CSV**. | ||
|
||
```bash | ||
$ curl -k \ | ||
-u <USER> \ | ||
-H 'Content-Type: text/csv' \ | ||
-X GET \ | ||
-O <access_audits.csv> \ | ||
"https://<CONSOLE>/api/v<VERSION>/audits/access/download?type=docker" | ||
``` |
37 changes: 37 additions & 0 deletions
37
openapi-specs/compute/33-02/desc/audits/access_filters_get.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
Retrieves all access audits by specific host filters. | ||
There are three types of host filters based on host history, sudo events on host and SSHD events on hosts. | ||
|
||
The following example uses basic auth to list history of commands that are run on hosts protected by Prisma Cloud Compute. | ||
|
||
|
||
```bash | ||
$ curl -k \ | ||
-u <USER> \ | ||
-H 'Content-Type: application/json' \ | ||
-X GET \ | ||
https://console:8083/api/v1/history/host | ||
``` | ||
|
||
The following command gives list of sudo events on hosts. | ||
|
||
|
||
```bash | ||
$ curl -k \ | ||
-u <USER> \ | ||
-H 'Content-Type: application/json' \ | ||
-X GET \ | ||
https://console:8083/api/v1/audits/access/filters?type=sudo | ||
|
||
``` | ||
|
||
The following command gives list of SSHD events on hosts. | ||
|
||
```bash | ||
$ curl -k \ | ||
-u <USER> \ | ||
-H 'Content-Type: application/json' \ | ||
-X GET \ | ||
https://console:8083/api/v1/audits/access/filters?type=sshd | ||
|
||
``` | ||
|
Oops, something went wrong.