From b8521a523abd45c8e1e4281c3ad01c923b0ac436 Mon Sep 17 00:00:00 2001 From: AbiMano4688 Date: Mon, 9 Oct 2023 13:36:34 +0530 Subject: [PATCH 01/15] Added Collection APIs --- .../cspm/CollectionsMicroservice.json | 1322 +++++++++++++++++ .../cspm/adjustSpecFilesForPanDev.sh | 28 +- .../cspm/consolidated_spec/all_endpoints.csv | 7 +- 3 files changed, 1345 insertions(+), 12 deletions(-) create mode 100644 openapi-specs/cspm/CollectionsMicroservice.json diff --git a/openapi-specs/cspm/CollectionsMicroservice.json b/openapi-specs/cspm/CollectionsMicroservice.json new file mode 100644 index 000000000..6babaaab0 --- /dev/null +++ b/openapi-specs/cspm/CollectionsMicroservice.json @@ -0,0 +1,1322 @@ +{ + "openapi": "3.0.1", + "info": { + "title": "Platform: Entitlement Service.", + "contact": { + "name": "Slack Us", + "url": "https://panw-rnd.slack.com/archives/G01PXHBT074" + }, + "version": "1.0" + }, + "externalDocs": { + "description": "Platform Wiki Documentation", + "url": "https://redlock.atlassian.net/wiki/spaces/RED/pages/3211854036/Entitlement+service" + }, + "servers": [ + { + "url": "https://api.prismacloud.io" + }, + { + "url": "https://api2.prismacloud.io" + }, + { + "url": "https://api3.prismacloud.io" + }, + { + "url": "https://api4.prismacloud.io" + }, + { + "url": "https://api.anz.prismacloud.io" + }, + { + "url": "https://api.eu.prismacloud.io" + }, + { + "url": "https://api2.eu.prismacloud.io" + }, + { + "url": "https://api.gov.prismacloud.io" + }, + { + "url": "https://api.prismacloud.cn" + }, + { + "url": "https://api.ca.prismacloud.io" + }, + { + "url": "https://api.sg.prismacloud.io" + }, + { + "url": "https://api.uk.prismacloud.io" + }, + { + "url": "https://api.ind.prismacloud.io" + }, + { + "url": "https://api.jp.prismacloud.io" + }, + { + "url": "https://api.fr.prismacloud.io" + } + ], + "tags": [ + { + "name": "Collections", + "description": "Prisma Cloud Collections allow you to define logical groups of assets within Prisma Cloud which are meaningful to the stakeholders in your cloud environments. You can create Collections to represent applications and services, organize your cloud estate by business units, or maintain focused visibility on the security posture of critical components of your cloud infrastructure." + } + ], + "paths": { + "/entitlement/api/v1/collection/{id}": { + "get": { + "tags": [ + "Collections" + ], + "summary": "Get Collection by ID", + "description": "Returns all details of a Collection.", + "externalDocs": { + "url": "entitlement/api/v1/collection/#id", + "x-ga": "false" + }, + "operationId": "get-collection-by-id", + "parameters": [ + { + "name": "id", + "in": "path", + "description": "Collection Id", + "required": true, + "schema": { + "type": "string", + "format": "uuid" + } + } + ], + "responses": { + "500": { + "description": "Internal Server Error", + "content": { + "*/*": { + "schema": { + "type": "object" + } + } + } + }, + "503": { + "description": "Service Unavailable", + "content": { + "*/*": { + "schema": { + "type": "object" + } + } + } + }, + "403": { + "description": "Forbidden", + "content": { + "*/*": { + "schema": { + "type": "object" + } + } + } + }, + "400": { + "description": "Bad Request", + "content": { + "*/*": { + "schema": { + "type": "object" + } + } + } + }, + "200": { + "description": "Successful operation", + "content": { + "application/json; charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/Collection" + } + } + } + }, + "4XX": { + "description": "Client error", + "content": { + "application/json; charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/SpringErrorResponse" + } + } + } + }, + "429": { + "description": "API is rate limited", + "content": { + "application/json; charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/SpringErrorResponse" + } + } + } + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-ga": "23.10.2-darwin", + "x-public": "true" + }, + "put": { + "tags": [ + "Collections" + ], + "summary": "Update Collection", + "description": "Update Collection or Asset Groups details.", + "externalDocs": { + "url": "entitlement/api/v1/collection/#id", + "x-ga": "false" + }, + "operationId": "update-collection-by-id", + "parameters": [ + { + "name": "id", + "in": "path", + "description": "Collection Id", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "description": "Collections Data Model", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Collection" + } + } + }, + "required": true + }, + "responses": { + "500": { + "description": "Internal Server Error", + "content": { + "*/*": { + "schema": { + "type": "object" + } + } + } + }, + "503": { + "description": "Service Unavailable", + "content": { + "*/*": { + "schema": { + "type": "object" + } + } + } + }, + "403": { + "description": "Forbidden", + "content": { + "*/*": { + "schema": { + "type": "object" + } + } + } + }, + "400": { + "description": "Bad Request", + "content": { + "*/*": { + "schema": { + "type": "object" + } + } + } + }, + "200": { + "description": "Successful operation", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Collection" + } + } + } + }, + "4XX": { + "description": "Client error", + "content": { + "application/json; charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/SpringErrorResponse" + } + } + } + }, + "429": { + "description": "API is rate limited", + "content": { + "application/json; charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/SpringErrorResponse" + } + } + } + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-ga": "23.10.2-darwin", + "x-public": "true" + }, + "delete": { + "tags": [ + "Collections" + ], + "summary": "Delete Collection", + "description": "Deletes a Collection with the specified ID.", + "externalDocs": { + "url": "entitlement/api/v1/collection/#id", + "x-ga": "false" + }, + "operationId": "delete-collection-by-id", + "parameters": [ + { + "name": "id", + "in": "path", + "description": "Collection Id", + "required": true, + "schema": { + "type": "string", + "format": "uuid" + } + } + ], + "responses": { + "500": { + "description": "Internal Server Error", + "content": { + "*/*": { + "schema": { + "type": "object" + } + } + } + }, + "503": { + "description": "Service Unavailable", + "content": { + "*/*": { + "schema": { + "type": "object" + } + } + } + }, + "403": { + "description": "Forbidden", + "content": { + "*/*": { + "schema": { + "type": "object" + } + } + } + }, + "400": { + "description": "Bad Request", + "content": { + "*/*": { + "schema": { + "type": "object" + } + } + } + }, + "204": { + "description": "Successful operation" + }, + "4XX": { + "description": "Client error", + "content": { + "*/*": { + "schema": { + "$ref": "#/components/schemas/SpringErrorResponse" + } + } + } + }, + "429": { + "description": "API is rate limited", + "content": { + "*/*": { + "schema": { + "$ref": "#/components/schemas/SpringErrorResponse" + } + } + } + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-ga": "23.10.2-darwin", + "x-public": "true" + } + }, + "/entitlement/api/v1/collection": { + "get": { + "tags": [ + "Collections" + ], + "summary": "Get All Collections", + "description": "Returns all Collections in a paginated format, sorted by ID desc.", + "externalDocs": { + "url": "entitlement/api/v1/collection", + "x-ga": "false" + }, + "operationId": "get-all-collections", + "parameters": [ + { + "name": "exclude_asset_group", + "in": "query", + "description": "Exclude AssetGroup from response.", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "name": "page_size", + "in": "query", + "description": "Number of records per page. Default is 50 and max is 500.", + "required": false, + "schema": { + "type": "integer", + "format": "int32" + } + }, + { + "name": "order_by", + "in": "query", + "description": "Order by records based of ID, NAME, LAST_MODIFIED_TS.", + "required": false, + "schema": { + "type": "string" + } + }, + { + "name": "next_page_token", + "in": "query", + "description": "Token to fetch next page Collections.", + "required": false, + "schema": { + "type": "string" + } + } + ], + "responses": { + "500": { + "description": "Internal Server Error", + "content": { + "*/*": { + "schema": { + "type": "object" + } + } + } + }, + "503": { + "description": "Service Unavailable", + "content": { + "*/*": { + "schema": { + "type": "object" + } + } + } + }, + "403": { + "description": "Forbidden", + "content": { + "*/*": { + "schema": { + "type": "object" + } + } + } + }, + "400": { + "description": "Bad Request", + "content": { + "*/*": { + "schema": { + "type": "object" + } + } + } + }, + "200": { + "description": "Successful operation", + "content": { + "application/json; charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/PrismaCollectionView" + } + } + } + }, + "4XX": { + "description": "Client error", + "content": { + "application/json; charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/SpringErrorResponse" + } + } + } + }, + "429": { + "description": "API is rate limited", + "content": { + "application/json; charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/SpringErrorResponse" + } + } + } + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-ga": "23.10.2-darwin", + "x-public": "true" + }, + "post": { + "tags": [ + "Collections" + ], + "summary": "Create Collection", + "description": "Create a new Collection comprising of Asset Group Types. You can use '*' to include all Ids for a given assetGroupType.", + "externalDocs": { + "url": "entitlement/api/v1/collection", + "x-ga": "false" + }, + "operationId": "create-collection", + "requestBody": { + "description": "Collections Data Model", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Collection" + }, + "examples": { + "CREATE COLLECTION": { + "description": "Create a new Collection comprising of Asset Group Types. You can use '*' to include all Ids for a given assetGroupType. \nIn the below examples all accountIds will be included.", + "value": { + "name": "test-collection", + "description": "test description", + "assetGroups": { + "accountGroupIds": [ + "ag1", + "ag2" + ], + "repositoryIds": [ + "r1", + "r2" + ], + "accountIds": [ + "*" + ] + } + } + } + } + } + }, + "required": true + }, + "responses": { + "500": { + "description": "Internal Server Error", + "content": { + "*/*": { + "schema": { + "type": "object" + } + } + } + }, + "503": { + "description": "Service Unavailable", + "content": { + "*/*": { + "schema": { + "type": "object" + } + } + } + }, + "403": { + "description": "Forbidden", + "content": { + "*/*": { + "schema": { + "type": "object" + } + } + } + }, + "400": { + "description": "Bad Request", + "content": { + "*/*": { + "schema": { + "type": "object" + } + } + } + }, + "201": { + "description": "Successful operation", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Collection" + } + } + } + }, + "4XX": { + "description": "Client error", + "content": { + "application/json; charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/SpringErrorResponse" + } + } + } + }, + "429": { + "description": "API is rate limited", + "content": { + "application/json; charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/SpringErrorResponse" + } + } + } + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-ga": "23.10.2-darwin", + "x-public": "true" + } + } + }, + "components": { + "schemas": { + "JsonNode": { + "type": "object", + "description": "Resource list members. Each member is raw JSON. The content depends on the resource list type. For example, if the resource list type is TAG, then the member is a JSON array of TAG key/name pairs." + }, + "ResourceListModel": { + "required": [ + "members", + "name", + "resourceListType" + ], + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Resource list id", + "readOnly": true + }, + "name": { + "maxLength": 256, + "minLength": 0, + "type": "string", + "description": "Name" + }, + "resourceListType": { + "$ref": "#/components/schemas/ResourceListType" + }, + "description": { + "type": "string", + "description": "Description" + }, + "lastModifiedBy": { + "type": "string", + "description": "Last modified by", + "readOnly": true + }, + "lastModifiedTs": { + "type": "integer", + "description": "Last modified time", + "format": "int64", + "readOnly": true, + "example": 1652910398 + }, + "members": { + "$ref": "#/components/schemas/JsonNode" + } + }, + "description": "Model for Resource List" + }, + "ResourceListType": { + "type": "string", + "description": "Resource List Type", + "externalDocs": { + "description": "TAG, RESOURCE_GROUP, COMPUTE_ACCESS_GROUP are only GA values", + "url": "NOT_IMPLEMENTED" + }, + "enum": [ + "TAG", + "RESOURCE_ID", + "STRING", + "IP_ADDRESS", + "NUMBER", + "RESOURCE_GROUP", + "COMPUTE_ACCESS_GROUP" + ] + }, + "ErrorDetails": { + "required": [ + "message", + "name" + ], + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "message": { + "type": "string" + } + } + }, + "SpringErrorResponse": { + "required": [ + "error", + "httpStatus", + "message", + "path", + "timestamp" + ], + "type": "object", + "properties": { + "timestamp": { + "type": "string" + }, + "httpStatus": { + "type": "integer", + "format": "int32" + }, + "error": { + "type": "string" + }, + "errorDetails": { + "type": "array", + "items": { + "$ref": "#/components/schemas/ErrorDetails" + } + }, + "message": { + "type": "string" + }, + "path": { + "type": "string" + } + } + }, + "AccountGroupModel": { + "required": [ + "accountIds", + "name" + ], + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Account Group ID", + "readOnly": true + }, + "name": { + "type": "string", + "description": "Name" + }, + "description": { + "type": "string", + "description": "Description" + }, + "lastModifiedBy": { + "type": "string", + "description": "Last Modified By", + "readOnly": true + }, + "lastModifiedTs": { + "type": "integer", + "description": "Last Modified Time", + "format": "int64", + "readOnly": true + }, + "accountIds": { + "type": "array", + "description": "Cloud Account IDs", + "items": { + "type": "string", + "description": "Cloud Account IDs" + } + }, + "autoCreated": { + "type": "boolean", + "description": "Boolean read-only attribute to indicate if account group is automatically created", + "readOnly": true + }, + "cloudAccountCount": { + "type": "integer", + "description": "Number of cloud accounts associated with this account group", + "format": "int32", + "readOnly": true + }, + "cloudAccountInfos": { + "type": "array", + "description": "Cloud account details of account associated with this account group", + "readOnly": true, + "items": { + "$ref": "#/components/schemas/CloudAccountInfo" + } + }, + "parentGroupId": { + "type": "string", + "description": "Parent Group ID", + "readOnly": true + }, + "childGroupIds": { + "type": "array", + "description": "Child Group IDs", + "items": { + "type": "string", + "description": "Child Group IDs" + } + } + }, + "description": "Model for Account Group" + }, + "CloudAccountInfo": { + "type": "object", + "properties": { + "accountId": { + "type": "string", + "description": "Account ID" + }, + "cloudType": { + "type": "string", + "description": "Cloud Type", + "readOnly": true + }, + "lastModifiedBy": { + "type": "string", + "description": "Last Modified By", + "readOnly": true + } + }, + "description": "Cloud account info linked to an account group", + "readOnly": true + }, + "AssetGroup": { + "type": "object", + "properties": { + "accountGroupIds": { + "maxItems": 5, + "type": "array", + "items": { + "type": "string" + } + }, + "accountIds": { + "maxItems": 1000, + "type": "array", + "items": { + "type": "string" + } + }, + "repositoryIds": { + "maxItems": 1000, + "type": "array", + "items": { + "type": "string" + } + } + }, + "description": "AssetGroup that are part of Collection" + }, + "Collection": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Collection id", + "readOnly": true + }, + "name": { + "type": "string", + "description": "Collection name" + }, + "description": { + "type": "string", + "description": "Collection description" + }, + "createdBy": { + "type": "string", + "description": "User who created the collection", + "readOnly": true + }, + "lastModifiedBy": { + "type": "string", + "description": "User who last updated the collection ", + "readOnly": true + }, + "createdTs": { + "type": "integer", + "description": "Collection created date", + "format": "int64", + "readOnly": true + }, + "lastModifiedTs": { + "type": "integer", + "description": "Collection last updated date", + "format": "int64", + "readOnly": true + }, + "assetGroups": { + "$ref": "#/components/schemas/AssetGroup" + } + }, + "description": "Collections Data Model" + }, + "AccountGroupPage": { + "type": "object", + "properties": { + "content": { + "type": "array", + "items": { + "$ref": "#/components/schemas/AccountGroupV1" + } + }, + "nextPageToken": { + "type": "string" + }, + "nextPageUrl": { + "type": "string" + } + } + }, + "AccountGroupV1": { + "required": [ + "accountIds", + "name" + ], + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Account Group ID", + "readOnly": true + }, + "name": { + "type": "string", + "description": "Name" + }, + "description": { + "type": "string", + "description": "Description" + }, + "lastModifiedBy": { + "type": "string", + "description": "Last Modified By", + "readOnly": true + }, + "lastModifiedTs": { + "type": "integer", + "description": "Last Modified Time", + "format": "int64", + "readOnly": true + }, + "accountIds": { + "uniqueItems": true, + "type": "array", + "description": "Cloud Account IDs", + "items": { + "type": "string", + "description": "Cloud Account IDs" + } + }, + "nonOnboardedCloudAccountIds": { + "title": "This field specifies accounts which have not been on-boarded on PC but have Compute defender deployed", + "uniqueItems": true, + "type": "array", + "description": "Non Onboarded Cloud Account IDs", + "externalDocs": { + "description": "Not GAed", + "url": "NOT_IMPLEMENTED" + }, + "items": { + "title": "This field specifies accounts which have not been on-boarded on PC but have Compute defender deployed", + "type": "string", + "description": "Non Onboarded Cloud Account IDs", + "externalDocs": { + "description": "Not GAed", + "url": "NOT_IMPLEMENTED" + } + } + }, + "autoCreated": { + "type": "boolean", + "description": "Boolean read-only attribute to indicate if account group is automatically created", + "readOnly": true + }, + "cloudAccountCount": { + "type": "integer", + "description": "Number of cloud accounts associated with this account group", + "format": "int32", + "readOnly": true + }, + "parentGroupId": { + "type": "string", + "description": "Parent Group ID", + "readOnly": true, + "externalDocs": { + "description": "Not GAed", + "url": "NOT_IMPLEMENTED" + } + } + }, + "description": "Model for Account Group" + }, + "AccountGroupCriteria": { + "title": "AccountGroup Search Request Filter", + "type": "object", + "properties": { + "accountGroupIds": { + "uniqueItems": true, + "type": "array", + "description": "AccountGroup Ids. Search returns only matching records in the response ", + "items": { + "type": "string" + } + }, + "includeChildAccountGroups": { + "type": "boolean", + "description": "Fetch child account groups for the parent account group ids defined in #accountGroupIds filter. ", + "default": false + }, + "excludeAutoCreated": { + "type": "boolean", + "description": "Exclude auto created account groups. Note that if excludeAutoCreated is set to true AUTO_CREATED field will always be included in the response irrespective of the #includefields criteria ", + "default": false + } + } + }, + "Entity": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "parentId": { + "type": "string" + }, + "id": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "FOLDER", + "ACCOUNT", + "ORG" + ] + }, + "onboarded": { + "type": "boolean" + } + } + }, + "OnboardRequest": { + "type": "object", + "properties": { + "accountId": { + "type": "string" + }, + "entities": { + "type": "array", + "items": { + "$ref": "#/components/schemas/Entity" + } + } + }, + "description": "Model for Account Group" + }, + "CustomerSupportFilter": { + "type": "object", + "properties": { + "customerName": { + "type": "string" + }, + "customerId": { + "type": "integer", + "format": "int32" + } + } + }, + "ResourceListNames": { + "required": [ + "resourceListType" + ], + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Resource List id" + }, + "name": { + "type": "string", + "description": "Name" + }, + "resourceListType": { + "$ref": "#/components/schemas/ResourceListType" + } + } + }, + "AccountGroupMetadataViewModel": { + "required": [ + "name" + ], + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Account Group ID", + "readOnly": true + }, + "name": { + "type": "string", + "description": "Name" + }, + "autoCreated": { + "type": "boolean", + "description": "Boolean to indicate if account group is automatically created", + "readOnly": true + } + } + }, + "AccountGroupViewModel": { + "required": [ + "accountIds", + "name" + ], + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Account Group ID", + "readOnly": true + }, + "name": { + "type": "string", + "description": "Name" + }, + "description": { + "type": "string", + "description": "Description" + }, + "lastModifiedBy": { + "type": "string", + "description": "Last Modified By", + "readOnly": true + }, + "lastModifiedTs": { + "type": "integer", + "description": "Last Modified Time", + "format": "int64", + "readOnly": true + }, + "accountIds": { + "type": "array", + "description": "Cloud Account IDs", + "items": { + "type": "string", + "description": "Cloud Account IDs" + } + }, + "autoCreated": { + "type": "boolean", + "description": "Boolean read-only attribute to indicate if account group is automatically created", + "readOnly": true + }, + "cloudAccountCount": { + "type": "integer", + "description": "Number of cloud accounts associated with this account group", + "format": "int32", + "readOnly": true + }, + "cloudAccountInfos": { + "type": "array", + "description": "Cloud account details of account associated with this account group", + "readOnly": true, + "items": { + "$ref": "#/components/schemas/CloudAccountInfo" + } + }, + "parentGroupId": { + "type": "string", + "description": "Parent Group ID", + "readOnly": true + }, + "childGroupIds": { + "type": "array", + "description": "Child Group IDs", + "items": { + "type": "string", + "description": "Child Group IDs" + } + }, + "accounts": { + "type": "array", + "description": "Associated Cloud Accounts", + "readOnly": true, + "items": { + "type": "object", + "additionalProperties": { + "type": "string", + "description": "Associated Cloud Accounts", + "readOnly": true + }, + "description": "Associated Cloud Accounts", + "readOnly": true + } + }, + "alertRules": { + "type": "array", + "description": "Singly associated alert rules which cannot exist in the system without the account group", + "readOnly": true, + "items": { + "$ref": "#/components/schemas/CustomAlertRule" + } + }, + "parentInfo": { + "$ref": "#/components/schemas/AccountGroupMetadataViewModel" + } + }, + "description": "Model for Account Group View" + }, + "CustomAlertRule": { + "type": "object", + "properties": { + "alertId": { + "type": "string" + }, + "alertName": { + "type": "string" + } + }, + "description": "Singly associated alert rules which cannot exist in the system without the account group", + "readOnly": true + }, + "PrismaCollectionView": { + "type": "object", + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/components/schemas/Collection" + } + }, + "nextPageToken": { + "type": "string" + } + } + }, + "AccountGroupV1Page": { + "type": "object", + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/components/schemas/AccountGroupV1" + } + }, + "nextPageToken": { + "type": "string" + } + } + } + }, + "headers": { + "prismaId": { + "description": "x-prisma-tenant-id", + "style": "simple", + "schema": { + "type": "string" + } + } + }, + "securitySchemes": { + "x-redlock-auth": { + "description": "The x-redlock-auth value is a JSON Web Token (JWT).", + "in": "header", + "name": "x-redlock-auth", + "type": "apiKey" + } + } + }, + "x-tagGroups": [ + { + "tags": [ + "ResourceLists", + "AccountGroups", + "Collections" + ], + "name": "public" + }, + { + "tags": [ + "ResourceLists Service", + "AccountGroups Service", + "Collections Service" + ], + "name": "service" + }, + { + "tags": [ + "ResourceLists Support" + ], + "name": "support" + } + ] +} diff --git a/openapi-specs/cspm/adjustSpecFilesForPanDev.sh b/openapi-specs/cspm/adjustSpecFilesForPanDev.sh index 797fb71e8..5865d60ab 100755 --- a/openapi-specs/cspm/adjustSpecFilesForPanDev.sh +++ b/openapi-specs/cspm/adjustSpecFilesForPanDev.sh @@ -6,7 +6,7 @@ if [ -f "Anomalies.json" ]; then jq '.tags |= [{"name":"Anomalies", "description":"temporary description - will be overwritten anyway!"}] | .paths[][].tags[] = "Anomalies"' Anomalies.json > "$tmp" && mv "$tmp" Anomalies.json # TEMPORARILY change the operationId getPolicies -> get-policies-anomalies - sed -i "" "s/getPolicies/get-policies-anomalies/g" Anomalies.json + sed -i "s/getPolicies/get-policies-anomalies/g" Anomalies.json fi # replace the global tags in the IAM file @@ -26,30 +26,33 @@ if [ -f "IAMIdp.json" ]; then fi for file in *.json; do - sed -i "" "s/\/api\/cloud\/cspm\/iam#operation\/get-permissions-access/\/prisma-cloud\/api\/cspm\/get-permissions-access-with-post/g" $file - sed -i "" "s/\/api\/cloud\/cspm\/iam#operation\/get-permissions/\/prisma-cloud\/api\/cspm\/get-permissions-with-post/g" $file + sed -i "s/\/api\/cloud\/cspm\/iam#operation\/get-permissions-access/\/prisma-cloud\/api\/cspm\/get-permissions-access-with-post/g" $file + sed -i "s/\/api\/cloud\/cspm\/iam#operation\/get-permissions/\/prisma-cloud\/api\/cspm\/get-permissions-with-post/g" $file - sed -i "" "s/\/api\/cloud\/cspm\/.*#operation\//\/prisma-cloud\/api\/cspm\//g" $file + sed -i "s/\/api\/cloud\/cspm\/.*#operation\//\/prisma-cloud\/api\/cspm\//g" $file # https://prisma.pan.dev/docs/cloud/cspm -> /prisma-cloud/docs/cspm/cspm-gs/#use-curl-to-generate-jwt-tokens-in-prisma-cloud - sed -i "" "s/https:\/\/prisma.pan.dev\/docs\/cloud/\/prisma-cloud\/docs/g" $file + sed -i "s/https:\/\/prisma.pan.dev\/docs\/cloud/\/prisma-cloud\/docs/g" $file # turn to relative links - sed -i "" "s/https:\/\/prisma.pan.dev/\//g" $file + sed -i "s/https:\/\/prisma.pan.dev/\//g" $file # /api/cloud/cspm/ - sed -i "" "s/\/api\/cloud\/cspm/\/prisma-cloud\/api\/cspm/g" $file + sed -i "s/\/api\/cloud\/cspm/\/prisma-cloud\/api\/cspm/g" $file # /api/cloud -> /prisma-cloud/api/cspm - sed -i "" "s/\/api\/cloud/\/prisma-cloud\/api\/cspm/g" $file + sed -i "s/\/api\/cloud/\/prisma-cloud\/api\/cspm/g" $file # add hyphen (i.e. v2 -> v-2) - sed -i "" "s/\/get-asset-inventory-v2-dashboard-filter-options/\/get-asset-inventory-v-2-dashboard-filter-options/g" $file + sed -i "s/\/get-asset-inventory-v2-dashboard-filter-options/\/get-asset-inventory-v-2-dashboard-filter-options/g" $file # rewrite the GLOBAL tag description tmp=$(mktemp) - jq '.info.description as $tag_desc | .tags[]?.description |= $tag_desc' $file | \ + jq '.info.description as $tag_desc| if($tag_desc!=null) then .tags[]?.description |= $tag_desc else . end' $file | \ + # remove S2S headers or parameters if any + jq '.paths |= del(.[][].parameters[]? | select(.description!=null ) | select (.description | contains("S2S")))' | \ + # delete code snippets jq '.paths |= del(.[][]."x-codeSamples")' | \ @@ -80,9 +83,12 @@ for file in *.json; do }}' | \ # add security field to every endpoint - jq '.paths[][].security |= [ { "x-redlock-auth": [] } ]' > "$tmp" && mv "$tmp" $file + jq '.paths[][].security |= [ { "x-redlock-auth": [] } ]' > "$tmp" && mv "$tmp" $file + done + + # app-login endpoint isn't supposed to be protected tmp=$(mktemp) jq '.paths |= del(.["/login"][].security)' Login.json > "$tmp" && mv "$tmp" Login.json diff --git a/openapi-specs/cspm/consolidated_spec/all_endpoints.csv b/openapi-specs/cspm/consolidated_spec/all_endpoints.csv index 79070875e..74a2ff923 100644 --- a/openapi-specs/cspm/consolidated_spec/all_endpoints.csv +++ b/openapi-specs/cspm/consolidated_spec/all_endpoints.csv @@ -122,6 +122,11 @@ "post","/cas/v1/aws_template/presigned_url","Generate the CFT Template Link (AWS)","generate-cft-template-link-aws","Cloud Accounts (AWS)","CloudAccountsMicroService.json" "post","/cas/v1/gcp_template","Generate and Download the Terraform Template (GCP)","generate-template-link-gcp-gcp","Cloud Accounts (GCP)","CloudAccountsMicroService.json" "post","/cas/v1/azure_template","Generate and Download the Terraform template (Azure)","generate-template-link","Cloud Accounts (Azure)","CloudAccountsMicroService.json" +"get","/entitlement/api/v1/collection/{id}","Get Collection by ID","get-collection-by-id","Collections","Monolith" +"put","/entitlement/api/v1/collection/{id}","Update Collection","update-collection-by-id","Collections","Monolith" +"delete","/entitlement/api/v1/collection/{id}","Delete Collection","delete-collection-by-id","Collections","Monolith" +"get","/entitlement/api/v1/collection","Get All Collections","get-all-collections","Collections","Monolith" +"post","/entitlement/api/v1/collection","Create Collection","create-collection","Collections","Monolith" "post","/commandcenter/v1/top-vulnerabilities","List Top Vulnerabilities","command-center-list-top-vulnerabilities","Command Center","CommandCenterMicroService.json" "post","/commandcenter/v1/vulnerabilities/summary","List Total Vulnerable Images and Hosts","command-center-list-total-vulnerable-images-hosts","Command Center","CommandCenterMicroService.json" "get","/compliance/posture","Get Compliance Statistics Breakdown - GET","get-compliance-posture","Compliance Posture","Monolith" @@ -293,7 +298,7 @@ "get","/authn/api/v1/oauth2/config","Get OIDC Configuration","get-oauth2-config","SSO","PermissionGroupsMicroService.json" "put","/authn/api/v1/oauth2/config","Update OIDC Configuration","update-oauth2-config","SSO","PermissionGroupsMicroService.json" "post","/authn/api/v1/oauth2/config","Create an OIDC Configuration","create-oauth2-config","SSO","PermissionGroupsMicroService.json" -"patch","/authn/api/v1/oauth2/config","Update OIDC Configuration Partially","patch-oauth2-config","SSO","PermissionGroupsMicroService.json" +"patch","/authn/api/v1/oauth2/config","Update OIDC Configuration","patch-oauth2-config","SSO","PermissionGroupsMicroService.json" "get","/authz/v1/permission_group","Get all existing Permission Groups","getAll","Permission Groups","PermissionGroupsMicroService.json" "post","/authz/v1/permission_group","Add new Custom Permission Group","save","Permission Groups","PermissionGroupsMicroService.json" "get","/authz/v1/feature","Get all active features","getFeatures","Permission Groups","PermissionGroupsMicroService.json" From b7f4534621f60e8b1ab847928fbfd35b8b70ecd7 Mon Sep 17 00:00:00 2001 From: AbiMano4688 Date: Tue, 10 Oct 2023 12:30:35 +0530 Subject: [PATCH 02/15] code2cloud changes --- .../cspm/adjustSpecFilesForPanDev.sh | 3 + .../cspm/code2cloudMicroService.json | 452 ++++++++++++++++++ .../cspm/consolidated_spec/all_endpoints.csv | 2 + 3 files changed, 457 insertions(+) create mode 100644 openapi-specs/cspm/code2cloudMicroService.json diff --git a/openapi-specs/cspm/adjustSpecFilesForPanDev.sh b/openapi-specs/cspm/adjustSpecFilesForPanDev.sh index 5865d60ab..3663163f7 100755 --- a/openapi-specs/cspm/adjustSpecFilesForPanDev.sh +++ b/openapi-specs/cspm/adjustSpecFilesForPanDev.sh @@ -49,6 +49,9 @@ for file in *.json; do # rewrite the GLOBAL tag description tmp=$(mktemp) jq '.info.description as $tag_desc| if($tag_desc!=null) then .tags[]?.description |= $tag_desc else . end' $file | \ + + # Add note for darwin-only APIs + #jq 'if ((.paths[][]."x-ga" !=null) and (.paths[][]."x-ga" | contains("darwin"))) then .paths[][].description += "\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n" else . end' | \ # remove S2S headers or parameters if any jq '.paths |= del(.[][].parameters[]? | select(.description!=null ) | select (.description | contains("S2S")))' | \ diff --git a/openapi-specs/cspm/code2cloudMicroService.json b/openapi-specs/cspm/code2cloudMicroService.json new file mode 100644 index 000000000..71905c649 --- /dev/null +++ b/openapi-specs/cspm/code2cloudMicroService.json @@ -0,0 +1,452 @@ +{ + "openapi": "3.0.3", + "info": { + "title": "pcs-code-to-cloud API", + "version": "1.0.0-SNAPSHOT" + }, + "tags": [ + { + "name": "Code to Cloud Dashboard", + "description": "Use code to cloud dashboard to get a continuously updated snapshot view into the security posture of your cloud environment, streamline tracking and reporting. You can use the following APIs to fetch some of the dashboard details." + } + ], + "paths": { + "/c2c/api/v1/deploy/trend": { + "get": { + "tags": [ + "Code to Cloud Dashboard" + ], + "summary": "List Deploy Trend", + "description": "Get the last 30 days deploy metrics, which is one data point for each day. Timestamp values are rounded off to nearest day based on stack timezone. \n **Note** You need System Admin or System Admin Read Only role to access this API.", + "operationId": "code-to-cloud-list-deploy-trend", + "parameters": [ + { + "in": "header", + "name": "x-redlock-auth", + "schema": { + "type": "string" + }, + "required": true + } + ], + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/DeployTrendResponse" + } + } + } + }, + "400": { + "description": "Bad Request", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ErrorResponse" + } + } + } + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ErrorResponse" + } + } + } + }, + "503": { + "description": "Service unavailable" + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-public": "true" + } + }, + "/c2c/api/v1/runtime/trend": { + "get": { + "tags": [ + "Code to Cloud Dashboard" + ], + "summary": "List Runtime Trend", + "description": "Get the last 30 days runtime metrics, which is one data point for each day. Timestamp values are rounded off to nearest day based on stack timezone. \n**Note** You need System Admin or System Admin Read Only role to access this API.", + "operationId": "code-to-cloud-list-runtime-trend", + "parameters": [ + { + "in": "header", + "name": "x-redlock-auth", + "schema": { + "type": "string" + }, + "required": true + } + ], + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/RuntimeTrendResponse" + } + } + } + }, + "400": { + "description": "Bad Request", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ErrorResponse" + } + } + } + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ErrorResponse" + } + } + } + }, + "503": { + "description": "Service unavailable" + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-public": "true" + } + } + }, + "components": { + "schemas": { + "AssetGroups": { + "type": "object", + "properties": { + "accountGroupIds": { + "type": "array", + "items": { + "type": "string" + } + }, + "accountIds": { + "type": "array", + "items": { + "type": "string" + } + }, + "repositoryIds": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "C2CRow": { + "type": "object", + "properties": { + "owner": { + "type": "string" + }, + "color": { + "$ref": "#/components/schemas/Color" + }, + "collectionId": { + "type": "string" + } + } + }, + "C2CRowResponse": { + "type": "object", + "properties": { + "id": { + "type": "string" + }, + "name": { + "type": "string" + }, + "owner": { + "type": "string" + }, + "color": { + "$ref": "#/components/schemas/Color" + }, + "createdBy": { + "type": "string" + }, + "lastModifiedBy": { + "type": "string" + }, + "createdTs": { + "type": "number" + }, + "lastModifiedTs": { + "type": "number" + }, + "collectionId": { + "type": "string" + }, + "assetGroups": { + "$ref": "#/components/schemas/AssetGroups" + }, + "metrics": { + "type": "array", + "items": { + "$ref": "#/components/schemas/C2CRowMetric" + } + } + } + }, + "C2CRowsResponse": { + "type": "object", + "properties": { + "count": { + "type": "number" + }, + "value": { + "type": "array", + "items": { + "$ref": "#/components/schemas/C2CRowResponse" + } + } + } + }, + "C2CRowMetric": { + "type": "object", + "properties": { + "timestamp": { + "type": "number" + }, + "urgentVulns": { + "type": "number" + }, + "runtimeAlerts": { + "type": "number" + }, + "scopeUpdated": { + "type": "array", + "enum": [ + "buildTimeErrors", + "urgentVulns", + "runtimeAlerts" + ], + "items": { + "type": "string" + } + } + } + }, + "Color": { + "type": "string", + "enum": [ + "purple", + "blue", + "green", + "yellow", + "red" + ] + }, + "Error": { + "type": "object", + "properties": { + "code": { + "type": "string" + }, + "message": { + "type": "string" + }, + "target": { + "type": "string" + } + } + }, + "ErrorResponse": { + "type": "object", + "properties": { + "error": { + "$ref": "#/components/schemas/Error" + } + } + }, + "InventoryDeployResponse": { + "type": "object", + "properties": { + "images": { + "type": "number" + } + } + }, + "InventoryRuntimeResponse": { + "type": "object", + "properties": { + "cloudProviders": { + "type": "number" + }, + "cloudAssets": { + "type": "number" + }, + "protectedByAgent": { + "type": "number" + } + } + }, + "LiveEventsResponse": { + "type": "object", + "properties": { + "count": { + "type": "number" + }, + "value": { + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string" + }, + "identifier": { + "type": "string" + } + } + } + } + } + }, + "BuildTrendResponse": { + "type": "array", + "items": { + "type": "object", + "properties": { + "timestamp": { + "type": "number" + }, + "buildErrors": { + "type": "number" + }, + "repositories": { + "type": "number" + } + } + } + }, + "DeployTrendResponse": { + "type": "array", + "items": { + "type": "object", + "properties": { + "timestamp": { + "type": "number" + }, + "vulnerabilities": { + "type": "number" + } + } + } + }, + "RuntimeTrendResponse": { + "type": "array", + "items": { + "type": "object", + "properties": { + "timestamp": { + "type": "number" + }, + "alerts": { + "type": "number" + } + } + } + } + }, + "securitySchemes": { + "x-redlock-auth": { + "description": "The x-redlock-auth value is a JSON Web Token (JWT).", + "in": "header", + "name": "x-redlock-auth", + "type": "apiKey" + } + } + }, + "servers": [ + { + "url": "https://api.prismacloud.io" + }, + { + "url": "https://api2.prismacloud.io" + }, + { + "url": "https://api3.prismacloud.io" + }, + { + "url": "https://api4.prismacloud.io" + }, + { + "url": "https://api.anz.prismacloud.io" + }, + { + "url": "https://api.eu.prismacloud.io" + }, + { + "url": "https://api2.eu.prismacloud.io" + }, + { + "url": "https://api.gov.prismacloud.io" + }, + { + "url": "https://api.prismacloud.cn" + }, + { + "url": "https://api.ca.prismacloud.io" + }, + { + "url": "https://api.sg.prismacloud.io" + }, + { + "url": "https://api.uk.prismacloud.io" + }, + { + "url": "https://api.ind.prismacloud.io" + }, + { + "url": "https://api.jp.prismacloud.io" + }, + { + "url": "https://api.fr.prismacloud.io" + } + ] +} diff --git a/openapi-specs/cspm/consolidated_spec/all_endpoints.csv b/openapi-specs/cspm/consolidated_spec/all_endpoints.csv index 74a2ff923..653153459 100644 --- a/openapi-specs/cspm/consolidated_spec/all_endpoints.csv +++ b/openapi-specs/cspm/consolidated_spec/all_endpoints.csv @@ -384,3 +384,5 @@ "get","/user/role/{id}","User Role Info","get-user-role","User Roles","Monolith" "put","/user/role/{id}","Update User Role","update-user-role","User Roles","Monolith" "delete","/user/role/{id}","Delete User Role","delete-user-role","User Roles","Monolith" +"get","/c2c/api/v1/deploy/trend","List Deploy Trend","code-to-cloud-list-deploy-trend","Code to Cloud Dashboard","code2cloudMicroService.json" +"get","/c2c/api/v1/runtime/trend","List Runtime Trend","code-to-cloud-list-runtime-trend","Code to Cloud Dashboard","code2cloudMicroService.json" From 46bf90427f720a89b0a51db4e9a12c65cc0c2280 Mon Sep 17 00:00:00 2001 From: AbiMano4688 Date: Tue, 10 Oct 2023 14:03:58 +0530 Subject: [PATCH 03/15] Command Center APIs --- .../cspm/CommandCenterMicroService.json | 643 +++++++++++++++++- .../cspm/code2cloudMicroService.json | 4 +- .../cspm/consolidated_spec/all_endpoints.csv | 7 +- 3 files changed, 644 insertions(+), 10 deletions(-) diff --git a/openapi-specs/cspm/CommandCenterMicroService.json b/openapi-specs/cspm/CommandCenterMicroService.json index 70f86395a..5f9cafdf6 100644 --- a/openapi-specs/cspm/CommandCenterMicroService.json +++ b/openapi-specs/cspm/CommandCenterMicroService.json @@ -1,18 +1,310 @@ { "openapi": "3.0.3", "info": { - "title": "Command Center Vulnerability Swim Lane APIs", - "version": "1.0.0" + "title": "pcs-command-center API", + "version": "1.0.0-SNAPSHOT" }, "tags": [ { "name": "Command Center", - "description": "Command Center Vulnerability Swim Lane APIs", + "description": "The Command Center dashboard provides you with a unified view of the top cloud security incidents and risks uncovered across the assets monitored by Prisma™ Cloud. Use the following APIs to fetch the Command Center Dashboard details." + }, + { + "name": "Command Center Download Report APIs", + "description": "Command Center Download Report APIs for downloading reports" + }, + { + "name": "Command Center Swimlane APIs", "x-public": "true" } ], "paths": { - "/commandcenter/v1/top-vulnerabilities": { + "/api/v1/summary/{swimlane-type}": { + "post": { + "tags": [ + "Command Center" + ], + "summary": "List Total Alerts based on the severity", + "description": "Gets the alert count summary based on the severity for the request time, accounts, account groups and swimlane type", + "operationId": "command-center-list-total-alerts-by-severity", + "parameters": [ + { + "name": "swimlane-type", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "x-redlock-auth", + "in": "header", + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/SwimlaneApiRequest" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/SummaryResponse" + } + } + } + }, + "400": { + "description": "Bad Request", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ErrorResponse" + } + } + } + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ErrorResponse" + } + } + } + }, + "503": { + "description": "Service unavailable", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ErrorResponse" + } + } + } + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-public": "true", + "x-ga": "23.10.2" + } + }, + "/api/v1/top-assets/{swimlane-type}": { + "post": { + "tags": [ + "Command Center" + ], + "summary": "List Top N assets", + "description": "Gets the data for the top N assets with highest alerts, based on the type for the request time, accounts account groups and swimlane type.", + "operationId": "command-center-list-top-assets", + "parameters": [ + { + "name": "swimlane-type", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "x-redlock-auth", + "in": "header", + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/TopResourcesApiRequest" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/TopAssetsResponse" + } + } + } + }, + "400": { + "description": "Bad Request", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ErrorResponse" + } + } + } + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ErrorResponse" + } + } + } + }, + "503": { + "description": "Service unavailable", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ErrorResponse" + } + } + } + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-public": "true", + "x-ga": "23.10.2" + } + }, + "/api/v1/top-policies/{swimlane-type}": { + "post": { + "tags": [ + "Command Center" + ], + "summary": "List Top Policies", + "description": "Gets the data for the top N policies with most alerts, based on the type for the request time, accounts, account groups and swimlane type.", + "operationId": "command-center-list-top-policies", + "parameters": [ + { + "name": "swimlane-type", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "x-redlock-auth", + "in": "header", + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/TopResourcesApiRequest" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/TopPoliciesResponse" + } + } + } + }, + "400": { + "description": "Bad Request", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ErrorResponse" + } + } + } + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ErrorResponse" + } + } + } + }, + "503": { + "description": "Service unavailable", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ErrorResponse" + } + } + } + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-public": "true", + "x-ga": "23.10.2" + } + }, + "/v1/top-vulnerabilities": { "post": { "tags": [ "Command Center" @@ -112,7 +404,7 @@ "x-public": "true" } }, - "/commandcenter/v1/vulnerabilities/summary": { + "/v1/vulnerabilities/summary": { "post": { "tags": [ "Command Center" @@ -200,6 +492,39 @@ }, "components": { "schemas": { + "AbsoluteTimeRangeConfig": { + "type": "object", + "properties": { + "type": { + "description": "Type of time ranges supported: [absolute, relative]", + "type": "string" + }, + "value": { + "description": "Absolute Time containing start and end time", + "type": "object", + "allOf": [ + { + "$ref": "#/components/schemas/Time" + } + ] + } + } + }, + "AlertsCounts": { + "type": "object", + "properties": { + "totalCriticalAlerts": { + "format": "int64", + "description": "Total number of alerts with critical severity", + "type": "integer" + }, + "totalHighAlerts": { + "format": "int64", + "description": "Total number of alerts with high severity", + "type": "integer" + } + } + }, "Error": { "type": "object", "properties": { @@ -226,12 +551,20 @@ "type": "object", "properties": { "name": { - "$ref": "#/components/schemas/FilterType" + "description": "Name of the allowed Filter types", + "type": "string", + "allOf": [ + { + "$ref": "#/components/schemas/FilterType" + } + ] }, "operator": { + "description": "Only allowed operator for the filter is '='", "type": "string" }, "value": { + "description": "Value for the applied filter", "type": "string" } } @@ -243,15 +576,305 @@ ], "type": "string" }, + "RelativeTimeDuration": { + "type": "object", + "properties": { + "unit": { + "$ref": "#/components/schemas/TimeUnit" + }, + "amount": { + "format": "int32", + "type": "integer" + } + } + }, + "RelativeTimeRangeConfig": { + "type": "object", + "properties": { + "type": { + "description": "Type of time ranges supported: [absolute, relative]", + "type": "string" + }, + "value": { + "description": "Relative time supporting past hour, week and month", + "type": "object", + "allOf": [ + { + "$ref": "#/components/schemas/RelativeTimeDuration" + } + ] + }, + "relativeTimeType": { + "$ref": "#/components/schemas/RelativeTimeType" + } + } + }, + "RelativeTimeType": { + "enum": [ + "BACKWARD" + ], + "type": "string" + }, + "SummaryResponse": { + "type": "object", + "properties": { + "value": { + "description": "Alert count details", + "type": "object", + "allOf": [ + { + "$ref": "#/components/schemas/AlertsCounts" + } + ] + }, + "startTime": { + "format": "int64", + "description": "Start time of the time range", + "type": "integer" + }, + "endTime": { + "format": "int64", + "description": "End time of the time range", + "type": "integer" + }, + "swimlaneType": { + "description": "Type of the swimlane", + "type": "string" + }, + "lastScanTs": { + "format": "int64", + "description": "Last scan time of the backend aggregation job", + "type": "integer" + } + } + }, + "SwimlaneApiRequest": { + "required": [ + "timeRange" + ], + "type": "object", + "properties": { + "filters": { + "description": "List of filters that can be applied for the API", + "type": "array", + "items": { + "$ref": "#/components/schemas/Filter" + } + }, + "timeRange": { + "description": "Time range for which the API is requested", + "type": "object", + "allOf": [ + { + "$ref": "#/components/schemas/TimeRangeConfig" + } + ] + } + } + }, + "Time": { + "type": "object", + "properties": { + "startTime": { + "format": "int64", + "type": "integer" + }, + "endTime": { + "format": "int64", + "type": "integer" + } + } + }, "TimeRangeConfig": { "type": "object", "properties": { "type": { + "description": "Type of time ranges supported: [absolute, relative]", "type": "string" }, "value": { "type": "object" } + }, + "oneOf": [ + { + "$ref": "#/components/schemas/AbsoluteTimeRangeConfig" + }, + { + "$ref": "#/components/schemas/RelativeTimeRangeConfig" + } + ] + }, + "TimeUnit": { + "enum": [ + "hour", + "week", + "month" + ], + "type": "string" + }, + "TopAssetInfo": { + "type": "object", + "properties": { + "externalResourceId": { + "description": "Id of the asset", + "type": "string" + }, + "resourceName": { + "description": "Name of the asset", + "type": "string" + }, + "cloudName": { + "description": "Cloud type name of the asset", + "type": "string" + }, + "serviceName": { + "description": "Service name of the asset", + "type": "string" + }, + "accountName": { + "description": "Account name of the asset", + "type": "string" + }, + "alertCount": { + "format": "int64", + "description": "Total number of alerts associated with the asset", + "type": "integer" + }, + "criticalAlertCount": { + "format": "int64", + "description": "Total number of critical severity alerts associated with the asset", + "type": "integer" + }, + "highAlertCount": { + "format": "int64", + "description": "Total number of high severity alerts associated with the asset", + "type": "integer" + } + } + }, + "TopAssetsResponse": { + "type": "object", + "properties": { + "value": { + "description": "List of top asset details", + "type": "array", + "items": { + "$ref": "#/components/schemas/TopAssetInfo" + } + }, + "startTime": { + "format": "int64", + "description": "Start time of the time range", + "type": "integer" + }, + "endTime": { + "format": "int64", + "description": "End time of the time range", + "type": "integer" + }, + "swimlaneType": { + "description": "Type of the swimlane", + "type": "string" + }, + "lastScanTs": { + "format": "int64", + "description": "Last scan time of the backend aggregation job", + "type": "integer" + } + } + }, + "TopPoliciesResponse": { + "type": "object", + "properties": { + "value": { + "description": "List of top policies details", + "type": "array", + "items": { + "$ref": "#/components/schemas/TopPolicyInfo" + } + }, + "startTime": { + "format": "int64", + "description": "Start time of the time range", + "type": "integer" + }, + "endTime": { + "format": "int64", + "description": "End time of the time range", + "type": "integer" + }, + "swimlaneType": { + "description": "Type of the swimlane", + "type": "string" + }, + "lastScanTs": { + "format": "int64", + "description": "Last scan time of the backend aggregation job", + "type": "integer" + } + } + }, + "TopPolicyInfo": { + "type": "object", + "properties": { + "policyId": { + "description": "Id of the policy", + "type": "string" + }, + "policyName": { + "description": "Name of the policy", + "type": "string" + }, + "policyType": { + "description": "Type of the policy", + "type": "string" + }, + "severity": { + "description": "Severity of the policy", + "type": "string" + }, + "alertCount": { + "format": "int64", + "description": "Total number of alerts associated with the policy", + "type": "integer" + }, + "policyDescription": { + "description": "Description of the policy", + "type": "string" + } + } + }, + "TopResourcesApiRequest": { + "required": [ + "timeRange" + ], + "type": "object", + "properties": { + "filters": { + "description": "List of filters that can be applied for the API", + "type": "array", + "items": { + "$ref": "#/components/schemas/Filter" + } + }, + "timeRange": { + "description": "Time range for which the API is requested", + "type": "object", + "allOf": [ + { + "$ref": "#/components/schemas/TimeRangeConfig" + } + ] + }, + "limit": { + "format": "int32", + "description": "Limit on the number of resources requested", + "default": 5, + "maximum": 10, + "minimum": 1, + "type": "integer" + } } }, "TotalVulnerabilitiesByType": { @@ -280,6 +903,10 @@ "ts": { "format": "int64", "type": "integer" + }, + "lastScanTs": { + "format": "int64", + "type": "integer" } } }, @@ -325,6 +952,10 @@ "ts": { "format": "int64", "type": "integer" + }, + "lastScanTs": { + "format": "int64", + "type": "integer" } } }, diff --git a/openapi-specs/cspm/code2cloudMicroService.json b/openapi-specs/cspm/code2cloudMicroService.json index 71905c649..f8ef7412f 100644 --- a/openapi-specs/cspm/code2cloudMicroService.json +++ b/openapi-specs/cspm/code2cloudMicroService.json @@ -17,7 +17,7 @@ "Code to Cloud Dashboard" ], "summary": "List Deploy Trend", - "description": "Get the last 30 days deploy metrics, which is one data point for each day. Timestamp values are rounded off to nearest day based on stack timezone. \n **Note** You need System Admin or System Admin Read Only role to access this API.", + "description": "Get the last 30 days deploy metrics, which is one data point for each day. Timestamp values are rounded off to nearest day based on stack timezone. \n\n**Note:** You need System Admin or System Admin Read Only role to access this API.", "operationId": "code-to-cloud-list-deploy-trend", "parameters": [ { @@ -87,7 +87,7 @@ "Code to Cloud Dashboard" ], "summary": "List Runtime Trend", - "description": "Get the last 30 days runtime metrics, which is one data point for each day. Timestamp values are rounded off to nearest day based on stack timezone. \n**Note** You need System Admin or System Admin Read Only role to access this API.", + "description": "Get the last 30 days runtime metrics, which is one data point for each day. Timestamp values are rounded off to nearest day based on stack timezone. \n\n**Note:** You need System Admin or System Admin Read Only role to access this API.", "operationId": "code-to-cloud-list-runtime-trend", "parameters": [ { diff --git a/openapi-specs/cspm/consolidated_spec/all_endpoints.csv b/openapi-specs/cspm/consolidated_spec/all_endpoints.csv index 653153459..faac237a4 100644 --- a/openapi-specs/cspm/consolidated_spec/all_endpoints.csv +++ b/openapi-specs/cspm/consolidated_spec/all_endpoints.csv @@ -127,8 +127,11 @@ "delete","/entitlement/api/v1/collection/{id}","Delete Collection","delete-collection-by-id","Collections","Monolith" "get","/entitlement/api/v1/collection","Get All Collections","get-all-collections","Collections","Monolith" "post","/entitlement/api/v1/collection","Create Collection","create-collection","Collections","Monolith" -"post","/commandcenter/v1/top-vulnerabilities","List Top Vulnerabilities","command-center-list-top-vulnerabilities","Command Center","CommandCenterMicroService.json" -"post","/commandcenter/v1/vulnerabilities/summary","List Total Vulnerable Images and Hosts","command-center-list-total-vulnerable-images-hosts","Command Center","CommandCenterMicroService.json" +"post","/api/v1/summary/{swimlane-type}","List Total Alerts based on the severity","command-center-list-total-alerts-by-severity","Command Center","CommandCenterMicroService.json" +"post","/api/v1/top-assets/{swimlane-type}","List Top N assets","command-center-list-top-assets","Command Center","CommandCenterMicroService.json" +"post","/api/v1/top-policies/{swimlane-type}","List Top Policies","command-center-list-top-policies","Command Center","CommandCenterMicroService.json" +"post","/v1/top-vulnerabilities","List Top Vulnerabilities","command-center-list-top-vulnerabilities","Command Center","CommandCenterMicroService.json" +"post","/v1/vulnerabilities/summary","List Total Vulnerable Images and Hosts","command-center-list-total-vulnerable-images-hosts","Command Center","CommandCenterMicroService.json" "get","/compliance/posture","Get Compliance Statistics Breakdown - GET","get-compliance-posture","Compliance Posture","Monolith" "post","/compliance/posture","Get Compliance Statistics Breakdown - POST","post-compliance-posture","Compliance Posture","Monolith" "get","/compliance/posture/{complianceId}","Get Compliance Statistics for Standard ID - GET","get-compliance-posture-for-standard","Compliance Posture","Monolith" From 166f57df95e0b95fb13196101ff3f4a1857c92be Mon Sep 17 00:00:00 2001 From: AbiMano4688 Date: Tue, 10 Oct 2023 17:31:24 +0530 Subject: [PATCH 04/15] CDEM APIs --- openapi-specs/cspm/CDEMMicroServices.json | 1279 +++++++++++++++++ .../cspm/consolidated_spec/all_endpoints.csv | 20 + 2 files changed, 1299 insertions(+) create mode 100644 openapi-specs/cspm/CDEMMicroServices.json diff --git a/openapi-specs/cspm/CDEMMicroServices.json b/openapi-specs/cspm/CDEMMicroServices.json new file mode 100644 index 000000000..7166d915a --- /dev/null +++ b/openapi-specs/cspm/CDEMMicroServices.json @@ -0,0 +1,1279 @@ +{ + "openapi": "3.0.1", + "info": { + "title": "OpenAPI definition", + "version": "v0" + }, + "servers": [ + { + "url": "https://api.prismacloud.io" + }, + { + "url": "https://api2.prismacloud.io" + }, + { + "url": "https://api3.prismacloud.io" + }, + { + "url": "https://api4.prismacloud.io" + }, + { + "url": "https://api.anz.prismacloud.io" + }, + { + "url": "https://api.eu.prismacloud.io" + }, + { + "url": "https://api2.eu.prismacloud.io" + }, + { + "url": "https://api.gov.prismacloud.io" + }, + { + "url": "https://api.prismacloud.cn" + }, + { + "url": "https://api.ca.prismacloud.io" + }, + { + "url": "https://api.sg.prismacloud.io" + }, + { + "url": "https://api.uk.prismacloud.io" + }, + { + "url": "https://api.ind.prismacloud.io" + }, + { + "url": "https://api.jp.prismacloud.io" + }, + { + "url": "https://api.fr.prismacloud.io" + } + ], + "tags": [ + { + "name": "Cloud Discovery and Exposure Management", + "description": "Discovery and Exposure Management APIs help you in identifying unmanaged or exposed assets that must be secured." + } + ], + "paths": { + "/asm/api/v1/convert-cloud-account": { + "post": { + "tags": [ + "Cloud Discovery and Exposure Management" + ], + "summary": "Onboard Cloud Accounts", + "description": "Onboard cloud accounts.", + "operationId": "onboardCloudAccounts", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/CloudAccountsList" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/AccountConversionResponseList" + } + } + } + } + }, + "x-public": "true", + "security": [ + { + "x-redlock-auth": [] + } + ] + } + }, + "/asm/api/v1/asset": { + "post": { + "tags": [ + "Cloud Discovery and Exposure Management" + ], + "summary": "Get Asset Inventory", + "description": "Gets the list of assets from asset inventory.", + "operationId": "assetInventoryForL3", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/AssetInventoryRequest" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + } + }, + "x-public": "true", + "security": [ + { + "x-redlock-auth": [] + } + ] + } + }, + "/asm/api/v1/asset/{asset_id}/finding": { + "post": { + "tags": [ + "Cloud Discovery and Exposure Management" + ], + "summary": "Get Findings for Asset by ID", + "description": "Get the list of findings for an asset based on ID.", + "operationId": "getAssetFindings", + "parameters": [ + { + "name": "asset_id", + "in": "path", + "required": true, + "schema": { + "type": "string", + "format": "uuid" + } + } + ], + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/FindingRequest" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + } + }, + "x-public": "true", + "security": [ + { + "x-redlock-auth": [] + } + ] + } + }, + "/asm/api/v1/asset/{asset_id}/finding/filters": { + "post": { + "tags": [ + "Cloud Discovery and Exposure Management" + ], + "summary": "Get Asset Finding Filters", + "description": "Gets the list of filters for asset findings.", + "operationId": "getFindingFilters", + "parameters": [ + { + "name": "asset_id", + "in": "path", + "required": true, + "schema": { + "type": "string", + "format": "uuid" + } + } + ], + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/FindingRequest" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + } + }, + "x-public": "true", + "security": [ + { + "x-redlock-auth": [] + } + ] + } + }, + "/asm/api/v1/asset/email": { + "post": { + "tags": [ + "Cloud Discovery and Exposure Management" + ], + "summary": "Send Assets Email", + "description": "Sends email with details of assets.", + "operationId": "sendAssetDetailEmailFromSidecar", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/SidecarOverview" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "type": "string" + } + } + } + } + }, + "x-public": "true", + "security": [ + { + "x-redlock-auth": [] + } + ] + } + }, + "/asm/api/v1/asset/aggregation-by-resource-type": { + "post": { + "tags": [ + "Cloud Discovery and Exposure Management" + ], + "summary": "Get Asset Count by Asset type", + "description": "Gets the count of assets by asset type.", + "operationId": "getAssetCountByAssetTypeForL2", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ResourceTypeAggregation" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + } + }, + "x-public": "true", + "security": [ + { + "x-redlock-auth": [] + } + ] + } + }, + "/asm/api/v1/asset/aggregation-by-cloud-type": { + "post": { + "tags": [ + "Cloud Discovery and Exposure Management" + ], + "summary": "Get Assets aggregated by provider", + "description": "Gets the list of assets aggregated by the provider.", + "operationId": "getAssetsAggregatedByProviderForL1", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/CloudTypeAggregation" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + } + }, + "x-public": "true", + "security": [ + { + "x-redlock-auth": [] + } + ] + } + }, + "/asm/api/v1/service": { + "get": { + "tags": [ + "Cloud Discovery and Exposure Management" + ], + "summary": "Get Services", + "description": "Gets the list of services.", + "operationId": "listServices", + "parameters": [ + { + "name": "snapshot_date", + "in": "query", + "required": false, + "schema": { + "type": "integer", + "format": "int64" + } + }, + { + "name": "next_page_token", + "in": "query", + "required": false, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + } + }, + "x-public": "true", + "security": [ + { + "x-redlock-auth": [] + } + ] + } + }, + "/asm/api/v1/service/{serviceId}": { + "get": { + "tags": [ + "Cloud Discovery and Exposure Management" + ], + "summary": "Get Service Details", + "description": "Get service details by ID.", + "operationId": "fetchAsmServiceDetails", + "parameters": [ + { + "name": "serviceId", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "snapshot_date", + "in": "query", + "required": false, + "schema": { + "type": "string" + } + }, + { + "name": "all_service_detail", + "in": "query", + "required": false, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + } + }, + "x-public": "true", + "security": [ + { + "x-redlock-auth": [] + } + ] + } + }, + "/asm/api/v1/industry-benchmarks": { + "get": { + "tags": [ + "Cloud Discovery and Exposure Management" + ], + "summary": "Get Industry Benchmarks Data", + "description": "Get industry benchmarks data.", + "operationId": "getIndustryBenchmarks", + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + } + }, + "x-public": "true", + "security": [ + { + "x-redlock-auth": [] + } + ] + } + }, + "/asm/api/v1/dashboard/convertible-accounts": { + "get": { + "tags": [ + "Cloud Discovery and Exposure Management" + ], + "summary": "Get Convertible Accounts", + "description": "Get the list of convertible accounts.", + "operationId": "getConvertibleCloudAccounts", + "parameters": [ + { + "name": "alert_categories", + "in": "query", + "required": false, + "schema": { + "type": "string" + } + }, + { + "name": "country_code", + "in": "query", + "required": false, + "schema": { + "type": "string" + } + }, + { + "name": "next_page_token", + "in": "query", + "required": false, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + } + }, + "x-public": "true", + "security": [ + { + "x-redlock-auth": [] + } + ] + } + }, + "/asm/api/v1/dashboard/asset": { + "get": { + "tags": [ + "Cloud Discovery and Exposure Management" + ], + "summary": "Get Assets", + "description": "Get the list of assets.", + "operationId": "listAssets", + "parameters": [ + { + "name": "convertible", + "in": "query", + "required": false, + "schema": { + "type": "string" + } + }, + { + "name": "cloud_account_id", + "in": "query", + "required": false, + "schema": { + "type": "string" + } + }, + { + "name": "alert_categories", + "in": "query", + "required": false, + "schema": { + "type": "string" + } + }, + { + "name": "country_code", + "in": "query", + "required": false, + "schema": { + "type": "string" + } + }, + { + "name": "next_page_token", + "in": "query", + "required": false, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + } + }, + "x-public": "true", + "security": [ + { + "x-redlock-auth": [] + } + ] + } + }, + "/asm/api/v1/dashboard/asset/trend": { + "get": { + "tags": [ + "Cloud Discovery and Exposure Management" + ], + "summary": "Get Asset Trend", + "description": "Get asset trend by manage type and remediation.", + "operationId": "fetchAssetsByManageTypeAndRemediation", + "parameters": [ + { + "name": "timestamp", + "in": "query", + "required": true, + "schema": { + "type": "integer", + "format": "int64" + } + } + ], + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/AssetTrend" + } + } + } + } + } + }, + "x-public": "true", + "security": [ + { + "x-redlock-auth": [] + } + ] + } + }, + "/asm/api/v1/dashboard/asset/top-risk": { + "get": { + "tags": [ + "Cloud Discovery and Exposure Management" + ], + "summary": "Get Asset Top Risks", + "description": "Get the list of top risks for assets.", + "operationId": "getTopRisks", + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + } + }, + "x-public": "true", + "security": [ + { + "x-redlock-auth": [] + } + ] + } + }, + "/asm/api/v1/dashboard/asset/internet-exposure-risk": { + "get": { + "tags": [ + "Cloud Discovery and Exposure Management" + ], + "summary": "Get Internet Exposure Risk", + "description": "Get the internet exposure risk statistics.", + "operationId": "fetchInternetExposureAsmAssets", + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/AsmInternetExposureRisk" + } + } + } + } + }, + "x-public": "true", + "security": [ + { + "x-redlock-auth": [] + } + ] + } + }, + "/asm/api/v1/dashboard/asset/geolocation": { + "get": { + "tags": [ + "Cloud Discovery and Exposure Management" + ], + "summary": "Get Assets Geolocation Data", + "description": "Get assets geolocation data.", + "operationId": "fetchAssetByGeoLocation", + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/AssetsByGeoLocation" + } + } + } + } + }, + "x-public": "true", + "security": [ + { + "x-redlock-auth": [] + } + ] + } + }, + "/asm/api/v1/dashboard/asset/count": { + "get": { + "tags": [ + "Cloud Discovery and Exposure Management" + ], + "summary": "Get Assets Count", + "description": "Gets the count of assets.", + "operationId": "getAssetCounts", + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + } + }, + "x-public": "true", + "security": [ + { + "x-redlock-auth": [] + } + ] + } + }, + "/asm/api/v1/asset/{asset_id}": { + "get": { + "tags": [ + "Cloud Discovery and Exposure Management" + ], + "summary": "Get Asset by ID", + "description": "Get asset details by ID.", + "operationId": "getAssetDetails", + "parameters": [ + { + "name": "asset_id", + "in": "path", + "required": true, + "schema": { + "type": "string", + "format": "uuid" + } + }, + { + "name": "snapshot_date", + "in": "query", + "required": true, + "schema": { + "type": "integer", + "format": "int64" + } + }, + { + "name": "asset_type", + "in": "query", + "required": false, + "schema": { + "type": "string" + } + }, + { + "name": "manage_type", + "in": "query", + "required": false, + "schema": { + "type": "string", + "default": "UNMANAGED" + } + }, + { + "name": "all_asset_details", + "in": "query", + "required": false, + "schema": { + "type": "boolean", + "default": false + } + } + ], + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + } + }, + "x-public": "true", + "security": [ + { + "x-redlock-auth": [] + } + ] + } + }, + "/asm/api/v1/asset/{asmAssetId}/service": { + "get": { + "tags": [ + "Cloud Discovery and Exposure Management" + ], + "summary": "Get Asset Services by ID", + "description": "Get the list of services for assets by ID.", + "operationId": "fetchAsmServicesLinkedToAsset", + "parameters": [ + { + "name": "asmAssetId", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "snapshot_date", + "in": "query", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "next_page_token", + "in": "query", + "required": false, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + } + }, + "x-public": "true", + "security": [ + { + "x-redlock-auth": [] + } + ] + } + }, + "/asm/api/v1/asset/filters": { + "get": { + "tags": [ + "Cloud Discovery and Exposure Management" + ], + "summary": "Get Asset Filters", + "description": "Gets the list of filters for assets.", + "operationId": "getAssetFilters", + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/AssetFilterResponse" + } + } + } + } + }, + "x-public": "true", + "security": [ + { + "x-redlock-auth": [] + } + ] + } + } + }, + "components": { + "schemas": { + "CloudAccountDetails": { + "type": "object", + "properties": { + "accountId": { + "type": "string" + }, + "accountName": { + "type": "string" + }, + "cloudType": { + "type": "string" + } + } + }, + "CloudAccountsList": { + "type": "object", + "properties": { + "cloudAccounts": { + "uniqueItems": true, + "type": "array", + "items": { + "$ref": "#/components/schemas/CloudAccountDetails" + } + } + } + }, + "AccountConversionResponse": { + "type": "object", + "properties": { + "status": { + "type": "integer", + "format": "int32" + }, + "error": { + "type": "string" + }, + "conversionStatus": { + "type": "string" + }, + "message": { + "type": "string" + }, + "path": { + "type": "string" + } + } + }, + "AccountConversionResponseList": { + "type": "object", + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/components/schemas/AccountConversionResponse" + } + } + } + }, + "AssetInventoryRequest": { + "type": "object", + "properties": { + "snapshotDate": { + "type": "integer", + "format": "int64" + }, + "cloudTypes": { + "uniqueItems": true, + "type": "array", + "items": { + "type": "string" + } + }, + "assetTypes": { + "uniqueItems": true, + "type": "array", + "items": { + "type": "string" + } + }, + "manageType": { + "type": "string" + }, + "serviceTypes": { + "uniqueItems": true, + "type": "array", + "items": { + "type": "string" + } + }, + "nextPageToken": { + "type": "string" + }, + "searchText": { + "type": "string" + } + } + }, + "FindingRequest": { + "type": "object", + "properties": { + "snapshotDate": { + "type": "integer", + "format": "int64" + }, + "types": { + "type": "array", + "items": { + "type": "string" + } + }, + "severities": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "SidecarOverview": { + "type": "object", + "properties": { + "pcAssetId": { + "type": "string" + }, + "asmAssetId": { + "type": "string", + "format": "uuid" + }, + "name": { + "type": "string" + }, + "cloudTypes": { + "uniqueItems": true, + "type": "array", + "items": { + "type": "string", + "enum": [ + "AWS", + "AZURE", + "GCP", + "ALIBABA_CLOUD" + ] + } + }, + "cloudAccountId": { + "type": "string" + }, + "cloudAccountName": { + "type": "string" + }, + "conversionStatus": { + "type": "string", + "enum": [ + "DISCOVERED", + "IN_PROGRESS", + "UNABLE_TO_CONVERT", + "FAILED", + "CONVERTED" + ] + }, + "type": { + "type": "string" + } + } + }, + "ResourceTypeAggregation": { + "type": "object", + "properties": { + "cloudTypes": { + "uniqueItems": true, + "type": "array", + "items": { + "type": "string" + } + }, + "snapshotDate": { + "type": "integer", + "format": "int64" + }, + "serviceTypes": { + "uniqueItems": true, + "type": "array", + "items": { + "type": "string" + } + }, + "assetTypes": { + "uniqueItems": true, + "type": "array", + "items": { + "type": "string" + } + }, + "manageType": { + "type": "string" + } + } + }, + "CloudTypeAggregation": { + "type": "object", + "properties": { + "snapshotDate": { + "type": "integer", + "format": "int64" + }, + "assetTypes": { + "uniqueItems": true, + "type": "array", + "items": { + "type": "string" + } + }, + "manageType": { + "type": "string" + }, + "serviceTypes": { + "uniqueItems": true, + "type": "array", + "items": { + "type": "string" + } + }, + "cloudTypes": { + "uniqueItems": true, + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "AssetTrend": { + "type": "object", + "properties": { + "ts": { + "type": "integer", + "format": "int64" + }, + "managedAssetCount": { + "type": "integer", + "format": "int64" + }, + "unmanagedAssetCount": { + "type": "integer", + "format": "int64" + }, + "remediatedAssetCount": { + "type": "integer", + "format": "int64" + } + } + }, + "AsmInternetExposureRisk": { + "type": "object", + "properties": { + "lastScanTs": { + "type": "integer", + "format": "int64" + }, + "managedAsset": { + "$ref": "#/components/schemas/Assets" + }, + "unManagedAsset": { + "$ref": "#/components/schemas/Assets" + }, + "remediatedAsset": { + "$ref": "#/components/schemas/Assets" + }, + "unmanagedAssetsRatio": { + "$ref": "#/components/schemas/AssetsRatio" + } + } + }, + "Assets": { + "type": "object", + "properties": { + "count": { + "type": "integer", + "format": "int64" + }, + "delta": { + "type": "number", + "format": "double" + } + } + }, + "AssetsRatio": { + "type": "object", + "properties": { + "value": { + "type": "number", + "format": "double" + }, + "delta": { + "type": "number", + "format": "double" + } + } + }, + "AssetsByGeoLocation": { + "type": "object", + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/components/schemas/GeoLocation" + } + } + } + }, + "GeoLocation": { + "type": "object", + "properties": { + "country": { + "type": "string" + }, + "count": { + "type": "integer", + "format": "int32" + }, + "convertible": { + "type": "integer", + "format": "int32" + }, + "nonConvertible": { + "type": "integer", + "format": "int32" + } + } + }, + "AssetFilterResponse": { + "type": "object", + "properties": { + "serviceTypes": { + "type": "array", + "items": { + "type": "string" + } + }, + "cloudTypes": { + "uniqueItems": true, + "type": "array", + "items": { + "type": "string" + } + }, + "assetTypes": { + "type": "array", + "items": { + "type": "string" + } + } + } + } + }, + "securitySchemes": { + "x-redlock-auth": { + "description": "The x-redlock-auth value is a JSON Web Token (JWT).", + "in": "header", + "name": "x-redlock-auth", + "type": "apiKey" + } + } + } +} diff --git a/openapi-specs/cspm/consolidated_spec/all_endpoints.csv b/openapi-specs/cspm/consolidated_spec/all_endpoints.csv index faac237a4..6a8513aee 100644 --- a/openapi-specs/cspm/consolidated_spec/all_endpoints.csv +++ b/openapi-specs/cspm/consolidated_spec/all_endpoints.csv @@ -77,6 +77,26 @@ "get","/v2/inventory/trend","Asset Inventory Trend View V2 - GET","asset-inventory-trend-v2","Asset Inventory","Monolith" "post","/v2/inventory/trend","Asset Inventory Trend View V2 - POST","post-method-asset-inventory-trend-v2","Asset Inventory","Monolith" "get","/audit/redlock","Prisma Cloud Audit Logs","rl-audit-logs","Audit Logs","Monolith" +"post","/asm/api/v1/convert-cloud-account","Onboard Cloud Accounts","onboardCloudAccounts","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"post","/asm/api/v1/asset","Get Asset Inventory","assetInventoryForL3","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"post","/asm/api/v1/asset/{asset_id}/finding","Get Findings for Asset by ID","getAssetFindings","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"post","/asm/api/v1/asset/{asset_id}/finding/filters","Get Asset Finding Filters","getFindingFilters","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"post","/asm/api/v1/asset/email","Send Assets Email","sendAssetDetailEmailFromSidecar","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"post","/asm/api/v1/asset/aggregation-by-resource-type","Get Asset Count by Asset type","getAssetCountByAssetTypeForL2","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"post","/asm/api/v1/asset/aggregation-by-cloud-type","Get Assets aggregated by provider","getAssetsAggregatedByProviderForL1","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"get","/asm/api/v1/service","Get Services","listServices","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"get","/asm/api/v1/service/{serviceId}","Get Service Details","fetchAsmServiceDetails","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"get","/asm/api/v1/industry-benchmarks","Get Industry Benchmarks Data","getIndustryBenchmarks","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"get","/asm/api/v1/dashboard/convertible-accounts","Get Convertible Accounts","getConvertibleCloudAccounts","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"get","/asm/api/v1/dashboard/asset","Get Assets","listAssets","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"get","/asm/api/v1/dashboard/asset/trend","Get Asset Trend","fetchAssetsByManageTypeAndRemediation","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"get","/asm/api/v1/dashboard/asset/top-risk","Get Asset Top Risks","getTopRisks","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"get","/asm/api/v1/dashboard/asset/internet-exposure-risk","Get Internet Exposure Risk","fetchInternetExposureAsmAssets","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"get","/asm/api/v1/dashboard/asset/geolocation","Get Assets Geolocation Data","fetchAssetByGeoLocation","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"get","/asm/api/v1/dashboard/asset/count","Get Assets Count","getAssetCounts","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"get","/asm/api/v1/asset/{asset_id}","Get Asset by ID","getAssetDetails","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"get","/asm/api/v1/asset/{asmAssetId}/service","Get Asset Services by ID","fetchAsmServicesLinkedToAsset","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"get","/asm/api/v1/asset/filters","Get Asset Filters","getAssetFilters","Cloud Discovery and Exposure Management","CDEMMicroServices.json" "post","/cas/v1/aws_account","Add Cloud Account (AWS)","add-aws-cloud-account","Cloud Accounts (AWS)","Monolith" "put","/cas/v1/aws_account/{id}","Update Cloud Account (AWS)","update-aws-cloud-account","Cloud Accounts (AWS)","Monolith" "post","/cas/v1/cloud_account/status/aws","Get Cloud Account Status (AWS)","get-aws-cloud-account-status","Cloud Accounts (AWS)","Monolith" From 9c98932323b0a55fceec960836f4e597a90131e6 Mon Sep 17 00:00:00 2001 From: AbiMano4688 Date: Wed, 11 Oct 2023 14:20:35 +0530 Subject: [PATCH 05/15] Updated Command Center API spec file RLP-115082 --- .../cspm/CommandCenterMicroService.json | 24 +++++++------------ 1 file changed, 9 insertions(+), 15 deletions(-) diff --git a/openapi-specs/cspm/CommandCenterMicroService.json b/openapi-specs/cspm/CommandCenterMicroService.json index 5f9cafdf6..dfb739741 100644 --- a/openapi-specs/cspm/CommandCenterMicroService.json +++ b/openapi-specs/cspm/CommandCenterMicroService.json @@ -25,12 +25,13 @@ "Command Center" ], "summary": "List Total Alerts based on the severity", - "description": "Gets the alert count summary based on the severity for the request time, accounts, account groups and swimlane type", + "description": "Gets the alert count summary based on the severity for the request time, accounts, account groups and swimlane type. Maximum time range supported is last 30 days.", "operationId": "command-center-list-total-alerts-by-severity", "parameters": [ { "name": "swimlane-type", "in": "path", + "description": "Type of the swimlane. Allowed values: [misconfigurations, incidents, exposures, iam, data-security, attack-path]", "required": true, "schema": { "type": "string" @@ -120,12 +121,13 @@ "Command Center" ], "summary": "List Top N assets", - "description": "Gets the data for the top N assets with highest alerts, based on the type for the request time, accounts account groups and swimlane type.", + "description": "Gets the data for the top N assets with highest alerts, based on the type for the request time, accounts account groups and swimlane type. Maximum time range supported is last 30 days.", "operationId": "command-center-list-top-assets", "parameters": [ { "name": "swimlane-type", "in": "path", + "description": "Type of the swimlane. Allowed values: [misconfigurations, incidents, exposures, iam, data-security, attack-path]", "required": true, "schema": { "type": "string" @@ -215,12 +217,13 @@ "Command Center" ], "summary": "List Top Policies", - "description": "Gets the data for the top N policies with most alerts, based on the type for the request time, accounts, account groups and swimlane type.", + "description": "Gets the data for the top N policies with most alerts, based on the type for the request time, accounts, account groups and swimlane type. Maximum time range supported is last 30 days.", "operationId": "command-center-list-top-policies", "parameters": [ { "name": "swimlane-type", "in": "path", + "description": "Type of the swimlane. Allowed values: [misconfigurations, incidents, exposures, iam, data-security, attack-path]", "required": true, "schema": { "type": "string" @@ -500,7 +503,7 @@ "type": "string" }, "value": { - "description": "Absolute Time containing start and end time", + "description": "Absolute Time containing start and end time. Maximum time range supported is last 30 days.", "type": "object", "allOf": [ { @@ -551,7 +554,7 @@ "type": "object", "properties": { "name": { - "description": "Name of the allowed Filter types", + "description": "Name of the allowed Filter types. Allowed names: [account.group, cloud.account]", "type": "string", "allOf": [ { @@ -596,25 +599,16 @@ "type": "string" }, "value": { - "description": "Relative time supporting past hour, week and month", + "description": "Relative time supporting past hour, week and month. Maximum time range supported is 1 month", "type": "object", "allOf": [ { "$ref": "#/components/schemas/RelativeTimeDuration" } ] - }, - "relativeTimeType": { - "$ref": "#/components/schemas/RelativeTimeType" } } }, - "RelativeTimeType": { - "enum": [ - "BACKWARD" - ], - "type": "string" - }, "SummaryResponse": { "type": "object", "properties": { From 121f7a01ecca55be753c064fee7f549694de65ee Mon Sep 17 00:00:00 2001 From: AbiMano4688 Date: Thu, 12 Oct 2023 10:37:35 +0530 Subject: [PATCH 06/15] edits --- openapi-specs/cspm/CommandCenterMicroService.json | 10 +++++----- openapi-specs/cspm/code2cloudMicroService.json | 12 +++++++----- 2 files changed, 12 insertions(+), 10 deletions(-) diff --git a/openapi-specs/cspm/CommandCenterMicroService.json b/openapi-specs/cspm/CommandCenterMicroService.json index dfb739741..d7bece9ef 100644 --- a/openapi-specs/cspm/CommandCenterMicroService.json +++ b/openapi-specs/cspm/CommandCenterMicroService.json @@ -24,7 +24,7 @@ "tags": [ "Command Center" ], - "summary": "List Total Alerts based on the severity", + "summary": "List Total Alerts by Severity", "description": "Gets the alert count summary based on the severity for the request time, accounts, account groups and swimlane type. Maximum time range supported is last 30 days.", "operationId": "command-center-list-total-alerts-by-severity", "parameters": [ @@ -112,7 +112,7 @@ } ], "x-public": "true", - "x-ga": "23.10.2" + "x-ga": "23.10.2-darwin" } }, "/api/v1/top-assets/{swimlane-type}": { @@ -120,7 +120,7 @@ "tags": [ "Command Center" ], - "summary": "List Top N assets", + "summary": "List Top N Assets", "description": "Gets the data for the top N assets with highest alerts, based on the type for the request time, accounts account groups and swimlane type. Maximum time range supported is last 30 days.", "operationId": "command-center-list-top-assets", "parameters": [ @@ -208,7 +208,7 @@ } ], "x-public": "true", - "x-ga": "23.10.2" + "x-ga": "23.10.2-darwin" } }, "/api/v1/top-policies/{swimlane-type}": { @@ -304,7 +304,7 @@ } ], "x-public": "true", - "x-ga": "23.10.2" + "x-ga": "23.10.2-darwin" } }, "/v1/top-vulnerabilities": { diff --git a/openapi-specs/cspm/code2cloudMicroService.json b/openapi-specs/cspm/code2cloudMicroService.json index f8ef7412f..48fe63d92 100644 --- a/openapi-specs/cspm/code2cloudMicroService.json +++ b/openapi-specs/cspm/code2cloudMicroService.json @@ -6,7 +6,7 @@ }, "tags": [ { - "name": "Code to Cloud Dashboard", + "name": "Code to Cloud", "description": "Use code to cloud dashboard to get a continuously updated snapshot view into the security posture of your cloud environment, streamline tracking and reporting. You can use the following APIs to fetch some of the dashboard details." } ], @@ -14,7 +14,7 @@ "/c2c/api/v1/deploy/trend": { "get": { "tags": [ - "Code to Cloud Dashboard" + "Code to Cloud" ], "summary": "List Deploy Trend", "description": "Get the last 30 days deploy metrics, which is one data point for each day. Timestamp values are rounded off to nearest day based on stack timezone. \n\n**Note:** You need System Admin or System Admin Read Only role to access this API.", @@ -78,13 +78,14 @@ "x-redlock-auth": [] } ], - "x-public": "true" + "x-public": "true", + "x-ga":"23.10.2-darwin" } }, "/c2c/api/v1/runtime/trend": { "get": { "tags": [ - "Code to Cloud Dashboard" + "Code to Cloud" ], "summary": "List Runtime Trend", "description": "Get the last 30 days runtime metrics, which is one data point for each day. Timestamp values are rounded off to nearest day based on stack timezone. \n\n**Note:** You need System Admin or System Admin Read Only role to access this API.", @@ -148,7 +149,8 @@ "x-redlock-auth": [] } ], - "x-public": "true" + "x-public": "true", + "x-ga":"23.10.2-darwin" } } }, From ebc43c33a02c258e7617cabb7efd3878717cfc12 Mon Sep 17 00:00:00 2001 From: AbiMano4688 Date: Thu, 12 Oct 2023 11:58:41 +0530 Subject: [PATCH 07/15] Added darwin-only note in relevant APIs and included script change --- openapi-specs/cspm/CollectionsMicroservice.json | 10 +++++----- openapi-specs/cspm/CommandCenterMicroService.json | 6 +++--- openapi-specs/cspm/adjustSpecFilesForPanDev.sh | 2 +- openapi-specs/cspm/code2cloudMicroService.json | 8 ++++---- openapi-specs/cspm/consolidated_spec/all_endpoints.csv | 8 ++++---- 5 files changed, 17 insertions(+), 17 deletions(-) diff --git a/openapi-specs/cspm/CollectionsMicroservice.json b/openapi-specs/cspm/CollectionsMicroservice.json index 6babaaab0..8159d8edd 100644 --- a/openapi-specs/cspm/CollectionsMicroservice.json +++ b/openapi-specs/cspm/CollectionsMicroservice.json @@ -72,7 +72,7 @@ "Collections" ], "summary": "Get Collection by ID", - "description": "Returns all details of a Collection.", + "description": "Returns all details of a Collection.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "externalDocs": { "url": "entitlement/api/v1/collection/#id", "x-ga": "false" @@ -175,7 +175,7 @@ "Collections" ], "summary": "Update Collection", - "description": "Update Collection or Asset Groups details.", + "description": "Update Collection or Asset Groups details.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "externalDocs": { "url": "entitlement/api/v1/collection/#id", "x-ga": "false" @@ -288,7 +288,7 @@ "Collections" ], "summary": "Delete Collection", - "description": "Deletes a Collection with the specified ID.", + "description": "Deletes a Collection with the specified ID.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "externalDocs": { "url": "entitlement/api/v1/collection/#id", "x-ga": "false" @@ -386,7 +386,7 @@ "Collections" ], "summary": "Get All Collections", - "description": "Returns all Collections in a paginated format, sorted by ID desc.", + "description": "Returns all Collections in a paginated format, sorted by ID desc.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "externalDocs": { "url": "entitlement/api/v1/collection", "x-ga": "false" @@ -516,7 +516,7 @@ "Collections" ], "summary": "Create Collection", - "description": "Create a new Collection comprising of Asset Group Types. You can use '*' to include all Ids for a given assetGroupType.", + "description": "Create a new Collection comprising of Asset Group Types. You can use '*' to include all Ids for a given assetGroupType.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "externalDocs": { "url": "entitlement/api/v1/collection", "x-ga": "false" diff --git a/openapi-specs/cspm/CommandCenterMicroService.json b/openapi-specs/cspm/CommandCenterMicroService.json index d7bece9ef..54b0b98b9 100644 --- a/openapi-specs/cspm/CommandCenterMicroService.json +++ b/openapi-specs/cspm/CommandCenterMicroService.json @@ -25,7 +25,7 @@ "Command Center" ], "summary": "List Total Alerts by Severity", - "description": "Gets the alert count summary based on the severity for the request time, accounts, account groups and swimlane type. Maximum time range supported is last 30 days.", + "description": "Gets the alert count summary based on the severity for the request time, accounts, account groups and swimlane type. Maximum time range supported is last 30 days.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "operationId": "command-center-list-total-alerts-by-severity", "parameters": [ { @@ -121,7 +121,7 @@ "Command Center" ], "summary": "List Top N Assets", - "description": "Gets the data for the top N assets with highest alerts, based on the type for the request time, accounts account groups and swimlane type. Maximum time range supported is last 30 days.", + "description": "Gets the data for the top N assets with highest alerts, based on the type for the request time, accounts account groups and swimlane type. Maximum time range supported is last 30 days.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "operationId": "command-center-list-top-assets", "parameters": [ { @@ -217,7 +217,7 @@ "Command Center" ], "summary": "List Top Policies", - "description": "Gets the data for the top N policies with most alerts, based on the type for the request time, accounts, account groups and swimlane type. Maximum time range supported is last 30 days.", + "description": "Gets the data for the top N policies with most alerts, based on the type for the request time, accounts, account groups and swimlane type. Maximum time range supported is last 30 days.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "operationId": "command-center-list-top-policies", "parameters": [ { diff --git a/openapi-specs/cspm/adjustSpecFilesForPanDev.sh b/openapi-specs/cspm/adjustSpecFilesForPanDev.sh index 3663163f7..6ce1ccfdf 100755 --- a/openapi-specs/cspm/adjustSpecFilesForPanDev.sh +++ b/openapi-specs/cspm/adjustSpecFilesForPanDev.sh @@ -51,7 +51,7 @@ for file in *.json; do jq '.info.description as $tag_desc| if($tag_desc!=null) then .tags[]?.description |= $tag_desc else . end' $file | \ # Add note for darwin-only APIs - #jq 'if ((.paths[][]."x-ga" !=null) and (.paths[][]."x-ga" | contains("darwin"))) then .paths[][].description += "\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n" else . end' | \ + jq '.paths[][] |= if(."x-ga" and (."x-ga"|contains("darwin"))) then .description+="\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n" else . end' | \ # remove S2S headers or parameters if any jq '.paths |= del(.[][].parameters[]? | select(.description!=null ) | select (.description | contains("S2S")))' | \ diff --git a/openapi-specs/cspm/code2cloudMicroService.json b/openapi-specs/cspm/code2cloudMicroService.json index 48fe63d92..d8d7a12fb 100644 --- a/openapi-specs/cspm/code2cloudMicroService.json +++ b/openapi-specs/cspm/code2cloudMicroService.json @@ -17,7 +17,7 @@ "Code to Cloud" ], "summary": "List Deploy Trend", - "description": "Get the last 30 days deploy metrics, which is one data point for each day. Timestamp values are rounded off to nearest day based on stack timezone. \n\n**Note:** You need System Admin or System Admin Read Only role to access this API.", + "description": "Get the last 30 days deploy metrics, which is one data point for each day. Timestamp values are rounded off to nearest day based on stack timezone. \n\n**Note:** You need System Admin or System Admin Read Only role to access this API.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "operationId": "code-to-cloud-list-deploy-trend", "parameters": [ { @@ -79,7 +79,7 @@ } ], "x-public": "true", - "x-ga":"23.10.2-darwin" + "x-ga": "23.10.2-darwin" } }, "/c2c/api/v1/runtime/trend": { @@ -88,7 +88,7 @@ "Code to Cloud" ], "summary": "List Runtime Trend", - "description": "Get the last 30 days runtime metrics, which is one data point for each day. Timestamp values are rounded off to nearest day based on stack timezone. \n\n**Note:** You need System Admin or System Admin Read Only role to access this API.", + "description": "Get the last 30 days runtime metrics, which is one data point for each day. Timestamp values are rounded off to nearest day based on stack timezone. \n\n**Note:** You need System Admin or System Admin Read Only role to access this API.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "operationId": "code-to-cloud-list-runtime-trend", "parameters": [ { @@ -150,7 +150,7 @@ } ], "x-public": "true", - "x-ga":"23.10.2-darwin" + "x-ga": "23.10.2-darwin" } } }, diff --git a/openapi-specs/cspm/consolidated_spec/all_endpoints.csv b/openapi-specs/cspm/consolidated_spec/all_endpoints.csv index 6a8513aee..4f746a3fe 100644 --- a/openapi-specs/cspm/consolidated_spec/all_endpoints.csv +++ b/openapi-specs/cspm/consolidated_spec/all_endpoints.csv @@ -147,8 +147,8 @@ "delete","/entitlement/api/v1/collection/{id}","Delete Collection","delete-collection-by-id","Collections","Monolith" "get","/entitlement/api/v1/collection","Get All Collections","get-all-collections","Collections","Monolith" "post","/entitlement/api/v1/collection","Create Collection","create-collection","Collections","Monolith" -"post","/api/v1/summary/{swimlane-type}","List Total Alerts based on the severity","command-center-list-total-alerts-by-severity","Command Center","CommandCenterMicroService.json" -"post","/api/v1/top-assets/{swimlane-type}","List Top N assets","command-center-list-top-assets","Command Center","CommandCenterMicroService.json" +"post","/api/v1/summary/{swimlane-type}","List Total Alerts by Severity","command-center-list-total-alerts-by-severity","Command Center","CommandCenterMicroService.json" +"post","/api/v1/top-assets/{swimlane-type}","List Top N Assets","command-center-list-top-assets","Command Center","CommandCenterMicroService.json" "post","/api/v1/top-policies/{swimlane-type}","List Top Policies","command-center-list-top-policies","Command Center","CommandCenterMicroService.json" "post","/v1/top-vulnerabilities","List Top Vulnerabilities","command-center-list-top-vulnerabilities","Command Center","CommandCenterMicroService.json" "post","/v1/vulnerabilities/summary","List Total Vulnerable Images and Hosts","command-center-list-total-vulnerable-images-hosts","Command Center","CommandCenterMicroService.json" @@ -407,5 +407,5 @@ "get","/user/role/{id}","User Role Info","get-user-role","User Roles","Monolith" "put","/user/role/{id}","Update User Role","update-user-role","User Roles","Monolith" "delete","/user/role/{id}","Delete User Role","delete-user-role","User Roles","Monolith" -"get","/c2c/api/v1/deploy/trend","List Deploy Trend","code-to-cloud-list-deploy-trend","Code to Cloud Dashboard","code2cloudMicroService.json" -"get","/c2c/api/v1/runtime/trend","List Runtime Trend","code-to-cloud-list-runtime-trend","Code to Cloud Dashboard","code2cloudMicroService.json" +"get","/c2c/api/v1/deploy/trend","List Deploy Trend","code-to-cloud-list-deploy-trend","Code to Cloud","code2cloudMicroService.json" +"get","/c2c/api/v1/runtime/trend","List Runtime Trend","code-to-cloud-list-runtime-trend","Code to Cloud","code2cloudMicroService.json" From 93db375a4288576290dadee6984d8b80d74ac388 Mon Sep 17 00:00:00 2001 From: AbiMano4688 Date: Thu, 12 Oct 2023 12:29:23 +0530 Subject: [PATCH 08/15] edits --- openapi-specs/cspm/CollectionsMicroservice.json | 10 +++++----- openapi-specs/cspm/CommandCenterMicroService.json | 6 +++--- openapi-specs/cspm/code2cloudMicroService.json | 4 ++-- openapi-specs/cspm/consolidated_spec/all_endpoints.csv | 2 +- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/openapi-specs/cspm/CollectionsMicroservice.json b/openapi-specs/cspm/CollectionsMicroservice.json index 8159d8edd..595e9daae 100644 --- a/openapi-specs/cspm/CollectionsMicroservice.json +++ b/openapi-specs/cspm/CollectionsMicroservice.json @@ -72,7 +72,7 @@ "Collections" ], "summary": "Get Collection by ID", - "description": "Returns all details of a Collection.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", + "description": "Returns all details of a Collection.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "externalDocs": { "url": "entitlement/api/v1/collection/#id", "x-ga": "false" @@ -175,7 +175,7 @@ "Collections" ], "summary": "Update Collection", - "description": "Update Collection or Asset Groups details.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", + "description": "Update Collection or Asset Groups details.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "externalDocs": { "url": "entitlement/api/v1/collection/#id", "x-ga": "false" @@ -288,7 +288,7 @@ "Collections" ], "summary": "Delete Collection", - "description": "Deletes a Collection with the specified ID.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", + "description": "Deletes a Collection with the specified ID.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "externalDocs": { "url": "entitlement/api/v1/collection/#id", "x-ga": "false" @@ -386,7 +386,7 @@ "Collections" ], "summary": "Get All Collections", - "description": "Returns all Collections in a paginated format, sorted by ID desc.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", + "description": "Returns all Collections in a paginated format, sorted by ID desc.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "externalDocs": { "url": "entitlement/api/v1/collection", "x-ga": "false" @@ -516,7 +516,7 @@ "Collections" ], "summary": "Create Collection", - "description": "Create a new Collection comprising of Asset Group Types. You can use '*' to include all Ids for a given assetGroupType.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", + "description": "Create a new Collection comprising of Asset Group Types. You can use '*' to include all Ids for a given assetGroupType.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "externalDocs": { "url": "entitlement/api/v1/collection", "x-ga": "false" diff --git a/openapi-specs/cspm/CommandCenterMicroService.json b/openapi-specs/cspm/CommandCenterMicroService.json index 54b0b98b9..f14967fec 100644 --- a/openapi-specs/cspm/CommandCenterMicroService.json +++ b/openapi-specs/cspm/CommandCenterMicroService.json @@ -25,7 +25,7 @@ "Command Center" ], "summary": "List Total Alerts by Severity", - "description": "Gets the alert count summary based on the severity for the request time, accounts, account groups and swimlane type. Maximum time range supported is last 30 days.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", + "description": "Gets the alert count summary based on the severity for the request time, accounts, account groups and swimlane type. Maximum time range supported is last 30 days.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "operationId": "command-center-list-total-alerts-by-severity", "parameters": [ { @@ -121,7 +121,7 @@ "Command Center" ], "summary": "List Top N Assets", - "description": "Gets the data for the top N assets with highest alerts, based on the type for the request time, accounts account groups and swimlane type. Maximum time range supported is last 30 days.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", + "description": "Gets the data for the top N assets with highest alerts, based on the type for the request time, accounts account groups and swimlane type. Maximum time range supported is last 30 days.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "operationId": "command-center-list-top-assets", "parameters": [ { @@ -217,7 +217,7 @@ "Command Center" ], "summary": "List Top Policies", - "description": "Gets the data for the top N policies with most alerts, based on the type for the request time, accounts, account groups and swimlane type. Maximum time range supported is last 30 days.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", + "description": "Gets the data for the top N policies with most alerts, based on the type for the request time, accounts, account groups and swimlane type. Maximum time range supported is last 30 days.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "operationId": "command-center-list-top-policies", "parameters": [ { diff --git a/openapi-specs/cspm/code2cloudMicroService.json b/openapi-specs/cspm/code2cloudMicroService.json index d8d7a12fb..8cdf87b22 100644 --- a/openapi-specs/cspm/code2cloudMicroService.json +++ b/openapi-specs/cspm/code2cloudMicroService.json @@ -17,7 +17,7 @@ "Code to Cloud" ], "summary": "List Deploy Trend", - "description": "Get the last 30 days deploy metrics, which is one data point for each day. Timestamp values are rounded off to nearest day based on stack timezone. \n\n**Note:** You need System Admin or System Admin Read Only role to access this API.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", + "description": "Get the last 30 days deploy metrics, which is one data point for each day. Timestamp values are rounded off to nearest day based on stack timezone. \n\n**Note:** You need System Admin or System Admin Read Only role to access this API.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "operationId": "code-to-cloud-list-deploy-trend", "parameters": [ { @@ -88,7 +88,7 @@ "Code to Cloud" ], "summary": "List Runtime Trend", - "description": "Get the last 30 days runtime metrics, which is one data point for each day. Timestamp values are rounded off to nearest day based on stack timezone. \n\n**Note:** You need System Admin or System Admin Read Only role to access this API.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", + "description": "Get the last 30 days runtime metrics, which is one data point for each day. Timestamp values are rounded off to nearest day based on stack timezone. \n\n**Note:** You need System Admin or System Admin Read Only role to access this API.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "operationId": "code-to-cloud-list-runtime-trend", "parameters": [ { diff --git a/openapi-specs/cspm/consolidated_spec/all_endpoints.csv b/openapi-specs/cspm/consolidated_spec/all_endpoints.csv index 4f746a3fe..cb85ec305 100644 --- a/openapi-specs/cspm/consolidated_spec/all_endpoints.csv +++ b/openapi-specs/cspm/consolidated_spec/all_endpoints.csv @@ -321,7 +321,7 @@ "get","/authn/api/v1/oauth2/config","Get OIDC Configuration","get-oauth2-config","SSO","PermissionGroupsMicroService.json" "put","/authn/api/v1/oauth2/config","Update OIDC Configuration","update-oauth2-config","SSO","PermissionGroupsMicroService.json" "post","/authn/api/v1/oauth2/config","Create an OIDC Configuration","create-oauth2-config","SSO","PermissionGroupsMicroService.json" -"patch","/authn/api/v1/oauth2/config","Update OIDC Configuration","patch-oauth2-config","SSO","PermissionGroupsMicroService.json" +"patch","/authn/api/v1/oauth2/config","Update OIDC Configuration Partially","patch-oauth2-config","SSO","PermissionGroupsMicroService.json" "get","/authz/v1/permission_group","Get all existing Permission Groups","getAll","Permission Groups","PermissionGroupsMicroService.json" "post","/authz/v1/permission_group","Add new Custom Permission Group","save","Permission Groups","PermissionGroupsMicroService.json" "get","/authz/v1/feature","Get all active features","getFeatures","Permission Groups","PermissionGroupsMicroService.json" From c2609ffc55c17b8b56eb7e13d329090adc91fbb0 Mon Sep 17 00:00:00 2001 From: AbiMano4688 Date: Thu, 12 Oct 2023 13:13:31 +0530 Subject: [PATCH 09/15] fixed multiple addition of note --- openapi-specs/cspm/CollectionsMicroservice.json | 10 +++++----- openapi-specs/cspm/CommandCenterMicroService.json | 6 +++--- openapi-specs/cspm/adjustSpecFilesForPanDev.sh | 4 +++- openapi-specs/cspm/code2cloudMicroService.json | 4 ++-- 4 files changed, 13 insertions(+), 11 deletions(-) diff --git a/openapi-specs/cspm/CollectionsMicroservice.json b/openapi-specs/cspm/CollectionsMicroservice.json index 595e9daae..8159d8edd 100644 --- a/openapi-specs/cspm/CollectionsMicroservice.json +++ b/openapi-specs/cspm/CollectionsMicroservice.json @@ -72,7 +72,7 @@ "Collections" ], "summary": "Get Collection by ID", - "description": "Returns all details of a Collection.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", + "description": "Returns all details of a Collection.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "externalDocs": { "url": "entitlement/api/v1/collection/#id", "x-ga": "false" @@ -175,7 +175,7 @@ "Collections" ], "summary": "Update Collection", - "description": "Update Collection or Asset Groups details.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", + "description": "Update Collection or Asset Groups details.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "externalDocs": { "url": "entitlement/api/v1/collection/#id", "x-ga": "false" @@ -288,7 +288,7 @@ "Collections" ], "summary": "Delete Collection", - "description": "Deletes a Collection with the specified ID.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", + "description": "Deletes a Collection with the specified ID.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "externalDocs": { "url": "entitlement/api/v1/collection/#id", "x-ga": "false" @@ -386,7 +386,7 @@ "Collections" ], "summary": "Get All Collections", - "description": "Returns all Collections in a paginated format, sorted by ID desc.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", + "description": "Returns all Collections in a paginated format, sorted by ID desc.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "externalDocs": { "url": "entitlement/api/v1/collection", "x-ga": "false" @@ -516,7 +516,7 @@ "Collections" ], "summary": "Create Collection", - "description": "Create a new Collection comprising of Asset Group Types. You can use '*' to include all Ids for a given assetGroupType.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", + "description": "Create a new Collection comprising of Asset Group Types. You can use '*' to include all Ids for a given assetGroupType.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "externalDocs": { "url": "entitlement/api/v1/collection", "x-ga": "false" diff --git a/openapi-specs/cspm/CommandCenterMicroService.json b/openapi-specs/cspm/CommandCenterMicroService.json index f14967fec..54b0b98b9 100644 --- a/openapi-specs/cspm/CommandCenterMicroService.json +++ b/openapi-specs/cspm/CommandCenterMicroService.json @@ -25,7 +25,7 @@ "Command Center" ], "summary": "List Total Alerts by Severity", - "description": "Gets the alert count summary based on the severity for the request time, accounts, account groups and swimlane type. Maximum time range supported is last 30 days.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", + "description": "Gets the alert count summary based on the severity for the request time, accounts, account groups and swimlane type. Maximum time range supported is last 30 days.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "operationId": "command-center-list-total-alerts-by-severity", "parameters": [ { @@ -121,7 +121,7 @@ "Command Center" ], "summary": "List Top N Assets", - "description": "Gets the data for the top N assets with highest alerts, based on the type for the request time, accounts account groups and swimlane type. Maximum time range supported is last 30 days.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", + "description": "Gets the data for the top N assets with highest alerts, based on the type for the request time, accounts account groups and swimlane type. Maximum time range supported is last 30 days.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "operationId": "command-center-list-top-assets", "parameters": [ { @@ -217,7 +217,7 @@ "Command Center" ], "summary": "List Top Policies", - "description": "Gets the data for the top N policies with most alerts, based on the type for the request time, accounts, account groups and swimlane type. Maximum time range supported is last 30 days.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", + "description": "Gets the data for the top N policies with most alerts, based on the type for the request time, accounts, account groups and swimlane type. Maximum time range supported is last 30 days.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "operationId": "command-center-list-top-policies", "parameters": [ { diff --git a/openapi-specs/cspm/adjustSpecFilesForPanDev.sh b/openapi-specs/cspm/adjustSpecFilesForPanDev.sh index a4b47e892..e40da9e68 100755 --- a/openapi-specs/cspm/adjustSpecFilesForPanDev.sh +++ b/openapi-specs/cspm/adjustSpecFilesForPanDev.sh @@ -51,8 +51,10 @@ for file in *.json; do jq '.info.description as $tag_desc| if($tag_desc!=null) then .tags[]?.description |= $tag_desc else . end' $file | \ # Add note for darwin-only APIs - jq '.paths[][] |= if(."x-ga" and (."x-ga"|contains("darwin"))) then .description+="\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n" else . end' | \ + #jq '.paths[][] |= if(."x-ga" and (."x-ga"|contains("darwin")) and (.description | contains("Darwin release only") | not)) then .description+="\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n" else . end' | \ + jq '.paths[][] |= if(."x-ga" and (."x-ga" |contains("darwin")) and (.description | test("Darwin release only") | not)) then .description+="\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n" else . end' | \ + # remove S2S headers or parameters if any jq '.paths |= del(.[][].parameters[]? | select(.description!=null ) | select (.description | contains("S2S")))' | \ diff --git a/openapi-specs/cspm/code2cloudMicroService.json b/openapi-specs/cspm/code2cloudMicroService.json index 8cdf87b22..d8d7a12fb 100644 --- a/openapi-specs/cspm/code2cloudMicroService.json +++ b/openapi-specs/cspm/code2cloudMicroService.json @@ -17,7 +17,7 @@ "Code to Cloud" ], "summary": "List Deploy Trend", - "description": "Get the last 30 days deploy metrics, which is one data point for each day. Timestamp values are rounded off to nearest day based on stack timezone. \n\n**Note:** You need System Admin or System Admin Read Only role to access this API.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", + "description": "Get the last 30 days deploy metrics, which is one data point for each day. Timestamp values are rounded off to nearest day based on stack timezone. \n\n**Note:** You need System Admin or System Admin Read Only role to access this API.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "operationId": "code-to-cloud-list-deploy-trend", "parameters": [ { @@ -88,7 +88,7 @@ "Code to Cloud" ], "summary": "List Runtime Trend", - "description": "Get the last 30 days runtime metrics, which is one data point for each day. Timestamp values are rounded off to nearest day based on stack timezone. \n\n**Note:** You need System Admin or System Admin Read Only role to access this API.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", + "description": "Get the last 30 days runtime metrics, which is one data point for each day. Timestamp values are rounded off to nearest day based on stack timezone. \n\n**Note:** You need System Admin or System Admin Read Only role to access this API.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "operationId": "code-to-cloud-list-runtime-trend", "parameters": [ { From b73607a3e248390a1a59cd78ef746131f4d4a1ab Mon Sep 17 00:00:00 2001 From: AbiMano4688 Date: Mon, 16 Oct 2023 15:06:07 +0530 Subject: [PATCH 10/15] RLP-113729 defaultmemberstate --- openapi-specs/cspm/CloudAccounts(AWS).json | 8 +++ openapi-specs/cspm/CloudAccounts(All).json | 51 +++++++++++++++++++ openapi-specs/cspm/CloudAccounts(Azure).json | 16 ++++++ openapi-specs/cspm/CloudAccounts(GCP).json | 25 +++++++++ .../cspm/CloudAccounts(OCIandAlibaba).json | 17 +++++++ 5 files changed, 117 insertions(+) diff --git a/openapi-specs/cspm/CloudAccounts(AWS).json b/openapi-specs/cspm/CloudAccounts(AWS).json index 2078963ef..be3b481c7 100644 --- a/openapi-specs/cspm/CloudAccounts(AWS).json +++ b/openapi-specs/cspm/CloudAccounts(AWS).json @@ -514,6 +514,14 @@ "Feature": { "description": "Model for Feature", "properties": { + "defaultMemberState": { + "description": "Enable or disable the feature for all the member accounts linked to this organization. You can enable or disable the defaultMemberState only if the feature state is enabled for the organization. Applicable only for Serverless Function Scanning and Agentless Workload Scanning features.", + "enum": [ + "enabled", + "disabled" + ], + "type": "string" + }, "name": { "description": "Feature name obtained from **[Fetch Supported Features endpoint](/prisma-cloud/api/cspm/fetch-supported-features)**", "example": "Remediation", diff --git a/openapi-specs/cspm/CloudAccounts(All).json b/openapi-specs/cspm/CloudAccounts(All).json index efb8cba3f..220542058 100644 --- a/openapi-specs/cspm/CloudAccounts(All).json +++ b/openapi-specs/cspm/CloudAccounts(All).json @@ -177,6 +177,9 @@ "format": "int32", "type": "integer" }, + "autoConsent": { + "type": "string" + }, "cloudAccountOwner": { "description": "Cloud account owner", "type": "string" @@ -332,6 +335,9 @@ "readOnly": true, "type": "string" }, + "autoConsent": { + "type": "string" + }, "cloudAccountOwner": { "description": "Cloud account owner", "type": "string" @@ -501,6 +507,9 @@ "readOnly": true, "type": "string" }, + "autoConsent": { + "type": "string" + }, "cloudAccountOwner": { "description": "Cloud account owner", "type": "string" @@ -525,6 +534,9 @@ "readOnly": true, "type": "string" }, + "customMemberRoleNameEnabled": { + "type": "boolean" + }, "defaultAccountGroupId": { "description": "Default Account Group", "type": "string" @@ -630,6 +642,9 @@ "description": "Role ARN", "type": "string" }, + "skipOverrideMemberRoleName": { + "type": "boolean" + }, "storageScanConfig": { "allOf": [ { @@ -647,6 +662,9 @@ "storageUUID": { "description": "Storage UUID", "type": "string" + }, + "unifiedCftDisabled": { + "type": "boolean" } }, "type": "object" @@ -688,6 +706,9 @@ "format": "int32", "type": "integer" }, + "autoConsent": { + "type": "string" + }, "cloudAccountOwner": { "description": "Cloud account owner", "type": "string" @@ -829,6 +850,9 @@ "format": "int32", "type": "integer" }, + "autoConsent": { + "type": "string" + }, "cloudAccountOwner": { "description": "Cloud account owner", "type": "string" @@ -1055,6 +1079,9 @@ "format": "int32", "type": "integer" }, + "autoConsent": { + "type": "string" + }, "cloudAccountOwner": { "description": "Cloud account owner", "type": "string" @@ -1162,6 +1189,13 @@ "CloudAccountPatchModel": { "description": "Model for Account Group View", "properties": { + "autoConsent": { + "description": "Auto Consent State", + "enum": [ + "enabled/disabled" + ], + "type": "string" + }, "enabled": { "description": "Cloud Account Status", "enum": [ @@ -1349,6 +1383,14 @@ "Feature": { "description": "Model for Feature", "properties": { + "defaultMemberState": { + "description": "Enable or disable the feature for all the member accounts linked to this organization. You can enable or disable the defaultMemberState only if the feature state is enabled for the organization. Applicable only for Serverless Function Scanning and Agentless Workload Scanning features.", + "enum": [ + "enabled", + "disabled" + ], + "type": "string" + }, "name": { "description": "Feature name obtained from **[Fetch Supported Features endpoint](/prisma-cloud/api/cspm/fetch-supported-features)**", "example": "Remediation", @@ -1402,6 +1444,9 @@ "format": "int32", "type": "integer" }, + "autoConsent": { + "type": "string" + }, "cloudAccountOwner": { "description": "Cloud account owner", "type": "string" @@ -1543,6 +1588,9 @@ "format": "int32", "type": "integer" }, + "autoConsent": { + "type": "string" + }, "cloudAccountOwner": { "description": "Cloud account owner", "type": "string" @@ -1723,6 +1771,9 @@ "format": "int32", "type": "integer" }, + "autoConsent": { + "type": "string" + }, "cloudAccountOwner": { "description": "Cloud account owner", "type": "string" diff --git a/openapi-specs/cspm/CloudAccounts(Azure).json b/openapi-specs/cspm/CloudAccounts(Azure).json index 9e167c0a1..8d55aa9e0 100644 --- a/openapi-specs/cspm/CloudAccounts(Azure).json +++ b/openapi-specs/cspm/CloudAccounts(Azure).json @@ -64,6 +64,14 @@ "AzureCloudAccountRequestModel": { "description": "Model containing the request for Azure Standalone and Tenant Cloud Account", "properties": { + "accountGroupMode": { + "description": "*Applicable only for role: **System Admin** and account type: **tenant** when ```rootSyncEnabled``` is set to ```true```.*\n\n* **MANUAL** - Create account groups manually in Prisma Cloud.\n\n* **AUTOMAP** - Automatically creates the account groups in Prisma Cloud replicating the hierarchy in Azure Cloud.", + "enum": [ + "MANUAL", + "AUTOMAP" + ], + "type": "string" + }, "clientId": { "description": "Application (Client) ID", "type": "string" @@ -222,6 +230,14 @@ "Feature": { "description": "Model for Feature", "properties": { + "defaultMemberState": { + "description": "Enable or disable the feature for all the member accounts linked to this organization. You can enable or disable the defaultMemberState only if the feature state is enabled for the organization. Applicable only for Serverless Function Scanning and Agentless Workload Scanning features.", + "enum": [ + "enabled", + "disabled" + ], + "type": "string" + }, "name": { "description": "Feature name obtained from **[Fetch Supported Features endpoint](/prisma-cloud/api/cspm/fetch-supported-features)**", "example": "Remediation", diff --git a/openapi-specs/cspm/CloudAccounts(GCP).json b/openapi-specs/cspm/CloudAccounts(GCP).json index 907332068..fc7506656 100644 --- a/openapi-specs/cspm/CloudAccounts(GCP).json +++ b/openapi-specs/cspm/CloudAccounts(GCP).json @@ -153,6 +153,14 @@ "Feature": { "description": "Model for Feature", "properties": { + "defaultMemberState": { + "description": "Enable or disable the feature for all the member accounts linked to this organization. You can enable or disable the defaultMemberState only if the feature state is enabled for the organization. Applicable only for Serverless Function Scanning and Agentless Workload Scanning features.", + "enum": [ + "enabled", + "disabled" + ], + "type": "string" + }, "name": { "description": "Feature name obtained from **[Fetch Supported Features endpoint](/prisma-cloud/api/cspm/fetch-supported-features)**", "example": "Remediation", @@ -356,6 +364,23 @@ } }, "type": "object" + }, + "RestApiResponseModel": { + "description": "Model for RestApiResponse", + "properties": { + "nextPageToken": { + "description": "Next page token", + "type": "string" + }, + "response": { + "description": "Response", + "items": { + "$ref": "#/components/schemas/GcpNodeModel" + }, + "type": "array" + } + }, + "type": "object" } } }, diff --git a/openapi-specs/cspm/CloudAccounts(OCIandAlibaba).json b/openapi-specs/cspm/CloudAccounts(OCIandAlibaba).json index d37931c15..ed2be6ef4 100644 --- a/openapi-specs/cspm/CloudAccounts(OCIandAlibaba).json +++ b/openapi-specs/cspm/CloudAccounts(OCIandAlibaba).json @@ -1102,6 +1102,14 @@ "Feature": { "description": "Model for Feature", "properties": { + "defaultMemberState": { + "description": "Enable or disable the feature for all the member accounts linked to this organization. You can enable or disable the defaultMemberState only if the feature state is enabled for the organization. Applicable only for Serverless Function Scanning and Agentless Workload Scanning features.", + "enum": [ + "enabled", + "disabled" + ], + "type": "string" + }, "name": { "description": "Feature name obtained from **[Fetch Supported Features endpoint](/prisma-cloud/api/cspm/fetch-supported-features)**", "example": "Remediation", @@ -1701,6 +1709,9 @@ "required": true, "schema": { "enum": [ + "aws", + "azure", + "gcp", "alibaba_cloud", "oci" ], @@ -1778,6 +1789,9 @@ "required": true, "schema": { "enum": [ + "aws", + "azure", + "gcp", "alibaba_cloud", "oci" ], @@ -1845,6 +1859,9 @@ "required": true, "schema": { "enum": [ + "aws", + "azure", + "gcp", "alibaba_cloud", "oci" ], From 47db499f8df27c44ac8dc6e18ae4bd97240dd7b9 Mon Sep 17 00:00:00 2001 From: AbiMano4688 Date: Mon, 16 Oct 2023 15:57:11 +0530 Subject: [PATCH 11/15] Added codetocloud Category Description and CDEM Parameter desc --- openapi-specs/cspm/CDEMMicroServices.json | 41 ++++++++++++++++--- .../cspm/code2cloudMicroService.json | 2 +- 2 files changed, 36 insertions(+), 7 deletions(-) diff --git a/openapi-specs/cspm/CDEMMicroServices.json b/openapi-specs/cspm/CDEMMicroServices.json index 7166d915a..aa5050573 100644 --- a/openapi-specs/cspm/CDEMMicroServices.json +++ b/openapi-specs/cspm/CDEMMicroServices.json @@ -146,6 +146,7 @@ { "name": "asset_id", "in": "path", + "description": "ID of asset", "required": true, "schema": { "type": "string", @@ -195,6 +196,7 @@ { "name": "asset_id", "in": "path", + "description": "ID of asset", "required": true, "schema": { "type": "string", @@ -358,6 +360,7 @@ { "name": "snapshot_date", "in": "query", + "description": "Snapshot date", "required": false, "schema": { "type": "integer", @@ -367,6 +370,7 @@ { "name": "next_page_token", "in": "query", + "description": "Next page token", "required": false, "schema": { "type": "string" @@ -405,6 +409,7 @@ { "name": "serviceId", "in": "path", + "description": "ID of service", "required": true, "schema": { "type": "string" @@ -413,6 +418,7 @@ { "name": "snapshot_date", "in": "query", + "description": "Snapshot date", "required": false, "schema": { "type": "string" @@ -421,6 +427,7 @@ { "name": "all_service_detail", "in": "query", + "description": "Expand service details input", "required": false, "schema": { "type": "string" @@ -487,6 +494,7 @@ { "name": "alert_categories", "in": "query", + "description": "Category of alerts", "required": false, "schema": { "type": "string" @@ -495,6 +503,7 @@ { "name": "country_code", "in": "query", + "description": "Country code", "required": false, "schema": { "type": "string" @@ -503,6 +512,7 @@ { "name": "next_page_token", "in": "query", + "description": "Next page token", "required": false, "schema": { "type": "string" @@ -541,6 +551,7 @@ { "name": "convertible", "in": "query", + "description": "Convertible input", "required": false, "schema": { "type": "string" @@ -549,6 +560,7 @@ { "name": "cloud_account_id", "in": "query", + "description": "Cloud account ID", "required": false, "schema": { "type": "string" @@ -557,6 +569,7 @@ { "name": "alert_categories", "in": "query", + "description": "Category of alerts", "required": false, "schema": { "type": "string" @@ -565,6 +578,7 @@ { "name": "country_code", "in": "query", + "description": "Country codes", "required": false, "schema": { "type": "string" @@ -573,6 +587,7 @@ { "name": "next_page_token", "in": "query", + "description": "Next page token", "required": false, "schema": { "type": "string" @@ -611,6 +626,7 @@ { "name": "timestamp", "in": "query", + "description": "Timestamp", "required": true, "schema": { "type": "integer", @@ -765,6 +781,7 @@ { "name": "asset_id", "in": "path", + "description": "Asset ID", "required": true, "schema": { "type": "string", @@ -774,6 +791,7 @@ { "name": "snapshot_date", "in": "query", + "description": "Snapshot date", "required": true, "schema": { "type": "integer", @@ -783,6 +801,7 @@ { "name": "asset_type", "in": "query", + "description": "Asset type", "required": false, "schema": { "type": "string" @@ -791,6 +810,7 @@ { "name": "manage_type", "in": "query", + "description": "Manage type", "required": false, "schema": { "type": "string", @@ -800,6 +820,7 @@ { "name": "all_asset_details", "in": "query", + "description": "Boolean flag for all details.", "required": false, "schema": { "type": "boolean", @@ -847,6 +868,7 @@ { "name": "snapshot_date", "in": "query", + "description": "Snapshot date", "required": true, "schema": { "type": "string" @@ -855,6 +877,7 @@ { "name": "next_page_token", "in": "query", + "description": "Next page token", "required": false, "schema": { "type": "string" @@ -936,7 +959,8 @@ "$ref": "#/components/schemas/CloudAccountDetails" } } - } + }, + "description": "List of cloud accounts." }, "AccountConversionResponse": { "type": "object", @@ -1007,7 +1031,8 @@ "searchText": { "type": "string" } - } + }, + "description": "Asset Inventory request" }, "FindingRequest": { "type": "object", @@ -1028,7 +1053,8 @@ "type": "string" } } - } + }, + "description": "Finding request" }, "SidecarOverview": { "type": "object", @@ -1075,7 +1101,8 @@ "type": { "type": "string" } - } + }, + "description": "Asset overview" }, "ResourceTypeAggregation": { "type": "object", @@ -1108,7 +1135,8 @@ "manageType": { "type": "string" } - } + }, + "description": "Resource type aggregation." }, "CloudTypeAggregation": { "type": "object", @@ -1141,7 +1169,8 @@ "type": "string" } } - } + }, + "description": "Cloud type aggregation." }, "AssetTrend": { "type": "object", diff --git a/openapi-specs/cspm/code2cloudMicroService.json b/openapi-specs/cspm/code2cloudMicroService.json index d8d7a12fb..fbb961028 100644 --- a/openapi-specs/cspm/code2cloudMicroService.json +++ b/openapi-specs/cspm/code2cloudMicroService.json @@ -7,7 +7,7 @@ "tags": [ { "name": "Code to Cloud", - "description": "Use code to cloud dashboard to get a continuously updated snapshot view into the security posture of your cloud environment, streamline tracking and reporting. You can use the following APIs to fetch some of the dashboard details." + "description": "Use code to cloud dashboard to get a continuously updated snapshot view into the security posture of your cloud environment, streamline tracking and reporting. You can use the following APIs to get the trendline datapoints for deploytime and runtime respectively." } ], "paths": { From 5ad37ce4473a31b9c1e97b4d08361c272f2c180b Mon Sep 17 00:00:00 2001 From: AbiMano4688 Date: Mon, 16 Oct 2023 17:27:33 +0530 Subject: [PATCH 12/15] CDEm and review comments from Chithra --- openapi-specs/cspm/CDEMMicroServices.json | 2 +- openapi-specs/cspm/CloudAccounts(AWS).json | 2 +- openapi-specs/cspm/CloudAccounts(Azure).json | 2 +- openapi-specs/cspm/CloudAccounts(GCP).json | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/openapi-specs/cspm/CDEMMicroServices.json b/openapi-specs/cspm/CDEMMicroServices.json index aa5050573..1d461ca83 100644 --- a/openapi-specs/cspm/CDEMMicroServices.json +++ b/openapi-specs/cspm/CDEMMicroServices.json @@ -54,7 +54,7 @@ "tags": [ { "name": "Cloud Discovery and Exposure Management", - "description": "Discovery and Exposure Management APIs help you in identifying unmanaged or exposed assets that must be secured." + "description": "Discovery and Exposure Management(CDEM) APIs help you in identifying unmanaged or exposed assets that must be secured." } ], "paths": { diff --git a/openapi-specs/cspm/CloudAccounts(AWS).json b/openapi-specs/cspm/CloudAccounts(AWS).json index be3b481c7..e11de57ec 100644 --- a/openapi-specs/cspm/CloudAccounts(AWS).json +++ b/openapi-specs/cspm/CloudAccounts(AWS).json @@ -515,7 +515,7 @@ "description": "Model for Feature", "properties": { "defaultMemberState": { - "description": "Enable or disable the feature for all the member accounts linked to this organization. You can enable or disable the defaultMemberState only if the feature state is enabled for the organization. Applicable only for Serverless Function Scanning and Agentless Workload Scanning features.", + "description": "Enable or disable the feature for all the member accounts linked to this organization. You can enable or disable the defaultMemberState only if the feature state is enabled for the organization. Applicable only for ```Serverless Function Scanning``` and ```Agentless Workload Scanning``` features.", "enum": [ "enabled", "disabled" diff --git a/openapi-specs/cspm/CloudAccounts(Azure).json b/openapi-specs/cspm/CloudAccounts(Azure).json index 8d55aa9e0..b32559a16 100644 --- a/openapi-specs/cspm/CloudAccounts(Azure).json +++ b/openapi-specs/cspm/CloudAccounts(Azure).json @@ -231,7 +231,7 @@ "description": "Model for Feature", "properties": { "defaultMemberState": { - "description": "Enable or disable the feature for all the member accounts linked to this organization. You can enable or disable the defaultMemberState only if the feature state is enabled for the organization. Applicable only for Serverless Function Scanning and Agentless Workload Scanning features.", + "description": "Enable or disable the feature for all the member accounts linked to this organization. You can enable or disable the defaultMemberState only if the feature state is enabled for the organization. Applicable only for ```Serverless Function Scanning``` and ```Agentless Workload Scanning``` features.", "enum": [ "enabled", "disabled" diff --git a/openapi-specs/cspm/CloudAccounts(GCP).json b/openapi-specs/cspm/CloudAccounts(GCP).json index fc7506656..449270acf 100644 --- a/openapi-specs/cspm/CloudAccounts(GCP).json +++ b/openapi-specs/cspm/CloudAccounts(GCP).json @@ -154,7 +154,7 @@ "description": "Model for Feature", "properties": { "defaultMemberState": { - "description": "Enable or disable the feature for all the member accounts linked to this organization. You can enable or disable the defaultMemberState only if the feature state is enabled for the organization. Applicable only for Serverless Function Scanning and Agentless Workload Scanning features.", + "description": "Enable or disable the feature for all the member accounts linked to this organization. You can enable or disable the defaultMemberState only if the feature state is enabled for the organization. Applicable only for ```Serverless Function Scanning``` and ```Agentless Workload Scanning``` features.", "enum": [ "enabled", "disabled" From 1d7260708f3ab95b142d3226a9c2bb14ebb35ffc Mon Sep 17 00:00:00 2001 From: AbiMano4688 Date: Tue, 17 Oct 2023 11:44:59 +0530 Subject: [PATCH 13/15] code2cloud API desc update and removed darwin only note from CommandCenter APIs --- openapi-specs/cspm/CommandCenterMicroService.json | 15 ++++++--------- openapi-specs/cspm/code2cloudMicroService.json | 12 ++++++------ 2 files changed, 12 insertions(+), 15 deletions(-) diff --git a/openapi-specs/cspm/CommandCenterMicroService.json b/openapi-specs/cspm/CommandCenterMicroService.json index 54b0b98b9..ba5662e4b 100644 --- a/openapi-specs/cspm/CommandCenterMicroService.json +++ b/openapi-specs/cspm/CommandCenterMicroService.json @@ -25,7 +25,7 @@ "Command Center" ], "summary": "List Total Alerts by Severity", - "description": "Gets the alert count summary based on the severity for the request time, accounts, account groups and swimlane type. Maximum time range supported is last 30 days.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", + "description": "Gets the alert count summary based on the severity for the request time, accounts, account groups and swimlane type. Maximum time range supported is last 30 days.", "operationId": "command-center-list-total-alerts-by-severity", "parameters": [ { @@ -111,8 +111,7 @@ "x-redlock-auth": [] } ], - "x-public": "true", - "x-ga": "23.10.2-darwin" + "x-public": "true" } }, "/api/v1/top-assets/{swimlane-type}": { @@ -121,7 +120,7 @@ "Command Center" ], "summary": "List Top N Assets", - "description": "Gets the data for the top N assets with highest alerts, based on the type for the request time, accounts account groups and swimlane type. Maximum time range supported is last 30 days.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", + "description": "Gets the data for the top N assets with highest alerts, based on the type for the request time, accounts account groups and swimlane type. Maximum time range supported is last 30 days.", "operationId": "command-center-list-top-assets", "parameters": [ { @@ -207,8 +206,7 @@ "x-redlock-auth": [] } ], - "x-public": "true", - "x-ga": "23.10.2-darwin" + "x-public": "true" } }, "/api/v1/top-policies/{swimlane-type}": { @@ -217,7 +215,7 @@ "Command Center" ], "summary": "List Top Policies", - "description": "Gets the data for the top N policies with most alerts, based on the type for the request time, accounts, account groups and swimlane type. Maximum time range supported is last 30 days.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", + "description": "Gets the data for the top N policies with most alerts, based on the type for the request time, accounts, account groups and swimlane type. Maximum time range supported is last 30 days.", "operationId": "command-center-list-top-policies", "parameters": [ { @@ -303,8 +301,7 @@ "x-redlock-auth": [] } ], - "x-public": "true", - "x-ga": "23.10.2-darwin" + "x-public": "true" } }, "/v1/top-vulnerabilities": { diff --git a/openapi-specs/cspm/code2cloudMicroService.json b/openapi-specs/cspm/code2cloudMicroService.json index fbb961028..69e2af546 100644 --- a/openapi-specs/cspm/code2cloudMicroService.json +++ b/openapi-specs/cspm/code2cloudMicroService.json @@ -17,7 +17,7 @@ "Code to Cloud" ], "summary": "List Deploy Trend", - "description": "Get the last 30 days deploy metrics, which is one data point for each day. Timestamp values are rounded off to nearest day based on stack timezone. \n\n**Note:** You need System Admin or System Admin Read Only role to access this API.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", + "description": "Get the last 30 day trend of open deployment vulnerabilities with 1 data point for each day. The API will return the critical and high severity vulnerability count for Container Registry Image, ECR Image, Azure Registry Image, Google Container Registry Image and Google Artifact Image. The timestamp values are in epoch format and in milliseconds.\n\n**Note:** You need System Admin or System Admin Read Only role to access this API.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "operationId": "code-to-cloud-list-deploy-trend", "parameters": [ { @@ -88,7 +88,7 @@ "Code to Cloud" ], "summary": "List Runtime Trend", - "description": "Get the last 30 days runtime metrics, which is one data point for each day. Timestamp values are rounded off to nearest day based on stack timezone. \n\n**Note:** You need System Admin or System Admin Read Only role to access this API.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", + "description": "Get the last 30 days runtime trend of open alerts with 1 data point for each day. The API returns the open alert count of critical and high severity incidents for Policy Category and Attack Path policies. The timestamp values are in epoch format and in milliseconds. \n\n**Note:** You need System Admin or System Admin Read Only role to access this API.\n:::info\nThis endpoint is available on the Prisma Cloud Darwin release only.\n:::\n", "operationId": "code-to-cloud-list-runtime-trend", "parameters": [ { @@ -252,7 +252,7 @@ "type": "object", "properties": { "timestamp": { - "type": "number" + "type": "long" }, "urgentVulns": { "type": "number" @@ -355,7 +355,7 @@ "type": "object", "properties": { "timestamp": { - "type": "number" + "type": "long" }, "buildErrors": { "type": "number" @@ -372,7 +372,7 @@ "type": "object", "properties": { "timestamp": { - "type": "number" + "type": "long" }, "vulnerabilities": { "type": "number" @@ -386,7 +386,7 @@ "type": "object", "properties": { "timestamp": { - "type": "number" + "type": "long" }, "alerts": { "type": "number" From 485fa6c985589000373dbf0abe5264cb42e17ef9 Mon Sep 17 00:00:00 2001 From: AbiMano4688 Date: Wed, 18 Oct 2023 16:59:11 +0530 Subject: [PATCH 14/15] CDEM API edits --- openapi-specs/cspm/CDEMMicroServices.json | 67 +++++++++---------- .../cspm/consolidated_spec/all_endpoints.csv | 28 ++++---- 2 files changed, 47 insertions(+), 48 deletions(-) diff --git a/openapi-specs/cspm/CDEMMicroServices.json b/openapi-specs/cspm/CDEMMicroServices.json index 1d461ca83..6084062a5 100644 --- a/openapi-specs/cspm/CDEMMicroServices.json +++ b/openapi-specs/cspm/CDEMMicroServices.json @@ -64,7 +64,7 @@ "Cloud Discovery and Exposure Management" ], "summary": "Onboard Cloud Accounts", - "description": "Onboard cloud accounts.", + "description": "Onboard the cloud accounts to CSPM in order to secure the unmanaged assets identified by the CDEM dashboard.", "operationId": "onboardCloudAccounts", "requestBody": { "content": { @@ -101,8 +101,8 @@ "tags": [ "Cloud Discovery and Exposure Management" ], - "summary": "Get Asset Inventory", - "description": "Gets the list of assets from asset inventory.", + "summary": "Get Assets List", + "description": "Get the list of assets based on cloud-type, asset-type, manage-type, and service-type.", "operationId": "assetInventoryForL3", "requestBody": { "content": { @@ -139,8 +139,8 @@ "tags": [ "Cloud Discovery and Exposure Management" ], - "summary": "Get Findings for Asset by ID", - "description": "Get the list of findings for an asset based on ID.", + "summary": "Get Findings of an Asset ", + "description": "Get the list of findings of an asset by asset id. Findings are security issues, including vulnerabilities discovered on the asset. ", "operationId": "getAssetFindings", "parameters": [ { @@ -189,8 +189,8 @@ "tags": [ "Cloud Discovery and Exposure Management" ], - "summary": "Get Asset Finding Filters", - "description": "Gets the list of filters for asset findings.", + "summary": "Get Asset Findings Filter", + "description": "Get the list of filters and their possible values based on which you can retrieve the findings of an asset.", "operationId": "getFindingFilters", "parameters": [ { @@ -239,7 +239,7 @@ "tags": [ "Cloud Discovery and Exposure Management" ], - "summary": "Send Assets Email", + "summary": "Send email to logged in user, with asset details", "description": "Sends email with details of assets.", "operationId": "sendAssetDetailEmailFromSidecar", "requestBody": { @@ -277,8 +277,8 @@ "tags": [ "Cloud Discovery and Exposure Management" ], - "summary": "Get Asset Count by Asset type", - "description": "Gets the count of assets by asset type.", + "summary": "Get Aggregated Asset Count by Asset Type", + "description": "Get count of assets aggregated by asset type based on cloud provider,service type,asset-type, and manage-type.", "operationId": "getAssetCountByAssetTypeForL2", "requestBody": { "content": { @@ -315,8 +315,8 @@ "tags": [ "Cloud Discovery and Exposure Management" ], - "summary": "Get Assets aggregated by provider", - "description": "Gets the list of assets aggregated by the provider.", + "summary": "Get Aggregated Asset Count by Cloud Type", + "description": "Get count of assets aggregated by cloud service provider.", "operationId": "getAssetsAggregatedByProviderForL1", "requestBody": { "content": { @@ -354,7 +354,7 @@ "Cloud Discovery and Exposure Management" ], "summary": "Get Services", - "description": "Gets the list of services.", + "description": "Get the list of services.", "operationId": "listServices", "parameters": [ { @@ -403,13 +403,13 @@ "Cloud Discovery and Exposure Management" ], "summary": "Get Service Details", - "description": "Get service details by ID.", + "description": "Get details of a service by service id", "operationId": "fetchAsmServiceDetails", "parameters": [ { "name": "serviceId", "in": "path", - "description": "ID of service", + "description": "ID of the service", "required": true, "schema": { "type": "string" @@ -459,8 +459,8 @@ "tags": [ "Cloud Discovery and Exposure Management" ], - "summary": "Get Industry Benchmarks Data", - "description": "Get industry benchmarks data.", + "summary": "Get Industry Benchmark Data", + "description": "Get industry benchmark data which is used to identify the vulnerabilities and security risks.", "operationId": "getIndustryBenchmarks", "responses": { "200": { @@ -488,7 +488,7 @@ "Cloud Discovery and Exposure Management" ], "summary": "Get Convertible Accounts", - "description": "Get the list of convertible accounts.", + "description": "Get the list of accounts that are not managed by CSPM but can be onboarded to CSPM.", "operationId": "getConvertibleCloudAccounts", "parameters": [ { @@ -544,8 +544,8 @@ "tags": [ "Cloud Discovery and Exposure Management" ], - "summary": "Get Assets", - "description": "Get the list of assets.", + "summary": "Get Convertible Assets", + "description": "Get the list of unmanaged assets that can be onboarded to CSPM.", "operationId": "listAssets", "parameters": [ { @@ -619,8 +619,8 @@ "tags": [ "Cloud Discovery and Exposure Management" ], - "summary": "Get Asset Trend", - "description": "Get asset trend by manage type and remediation.", + "summary": "Get Asset Trend for last 90 days", + "description": "Get asset trend for managed, unmanaged, and remediated assets.", "operationId": "fetchAssetsByManageTypeAndRemediation", "parameters": [ { @@ -690,8 +690,8 @@ "tags": [ "Cloud Discovery and Exposure Management" ], - "summary": "Get Internet Exposure Risk", - "description": "Get the internet exposure risk statistics.", + "summary": "Get Internet Exposure Risk Distribution", + "description": "Get the internet exposure risk statistics of every asset type for last 24 hours", "operationId": "fetchInternetExposureAsmAssets", "responses": { "200": { @@ -718,8 +718,7 @@ "tags": [ "Cloud Discovery and Exposure Management" ], - "summary": "Get Assets Geolocation Data", - "description": "Get assets geolocation data.", + "summary": "Get Assets Count Across Location", "operationId": "fetchAssetByGeoLocation", "responses": { "200": { @@ -746,8 +745,8 @@ "tags": [ "Cloud Discovery and Exposure Management" ], - "summary": "Get Assets Count", - "description": "Gets the count of assets.", + "summary": "Get Convertible Assets Count", + "description": "Get the total number of convertible assets.", "operationId": "getAssetCounts", "responses": { "200": { @@ -774,8 +773,8 @@ "tags": [ "Cloud Discovery and Exposure Management" ], - "summary": "Get Asset by ID", - "description": "Get asset details by ID.", + "summary": "Get Asset Details by ID", + "description": "Get asset overview or details by asset id.", "operationId": "getAssetDetails", "parameters": [ { @@ -820,7 +819,7 @@ { "name": "all_asset_details", "in": "query", - "description": "Boolean flag for all details.", + "description": "Set it true to fetch all asset details.", "required": false, "schema": { "type": "boolean", @@ -853,8 +852,8 @@ "tags": [ "Cloud Discovery and Exposure Management" ], - "summary": "Get Asset Services by ID", - "description": "Get the list of services for assets by ID.", + "summary": "Get List of Service for an Asset", + "description": "Get the list of services for assets by asset-id.", "operationId": "fetchAsmServicesLinkedToAsset", "parameters": [ { @@ -910,7 +909,7 @@ "Cloud Discovery and Exposure Management" ], "summary": "Get Asset Filters", - "description": "Gets the list of filters for assets.", + "description": "Gets the list of supported asset filters and their values based on which you can fetch asset details.", "operationId": "getAssetFilters", "responses": { "200": { diff --git a/openapi-specs/cspm/consolidated_spec/all_endpoints.csv b/openapi-specs/cspm/consolidated_spec/all_endpoints.csv index cb85ec305..0642253e0 100644 --- a/openapi-specs/cspm/consolidated_spec/all_endpoints.csv +++ b/openapi-specs/cspm/consolidated_spec/all_endpoints.csv @@ -78,24 +78,24 @@ "post","/v2/inventory/trend","Asset Inventory Trend View V2 - POST","post-method-asset-inventory-trend-v2","Asset Inventory","Monolith" "get","/audit/redlock","Prisma Cloud Audit Logs","rl-audit-logs","Audit Logs","Monolith" "post","/asm/api/v1/convert-cloud-account","Onboard Cloud Accounts","onboardCloudAccounts","Cloud Discovery and Exposure Management","CDEMMicroServices.json" -"post","/asm/api/v1/asset","Get Asset Inventory","assetInventoryForL3","Cloud Discovery and Exposure Management","CDEMMicroServices.json" -"post","/asm/api/v1/asset/{asset_id}/finding","Get Findings for Asset by ID","getAssetFindings","Cloud Discovery and Exposure Management","CDEMMicroServices.json" -"post","/asm/api/v1/asset/{asset_id}/finding/filters","Get Asset Finding Filters","getFindingFilters","Cloud Discovery and Exposure Management","CDEMMicroServices.json" -"post","/asm/api/v1/asset/email","Send Assets Email","sendAssetDetailEmailFromSidecar","Cloud Discovery and Exposure Management","CDEMMicroServices.json" -"post","/asm/api/v1/asset/aggregation-by-resource-type","Get Asset Count by Asset type","getAssetCountByAssetTypeForL2","Cloud Discovery and Exposure Management","CDEMMicroServices.json" -"post","/asm/api/v1/asset/aggregation-by-cloud-type","Get Assets aggregated by provider","getAssetsAggregatedByProviderForL1","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"post","/asm/api/v1/asset","Get Assets List","assetInventoryForL3","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"post","/asm/api/v1/asset/{asset_id}/finding","Get Findings of an Asset ","getAssetFindings","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"post","/asm/api/v1/asset/{asset_id}/finding/filters","Get Asset Findings Filter","getFindingFilters","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"post","/asm/api/v1/asset/email","Send email to logged in user, with asset details","sendAssetDetailEmailFromSidecar","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"post","/asm/api/v1/asset/aggregation-by-resource-type","Get Aggregated Asset Count by Asset Type","getAssetCountByAssetTypeForL2","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"post","/asm/api/v1/asset/aggregation-by-cloud-type","Get Aggregated Asset Count by Cloud Type","getAssetsAggregatedByProviderForL1","Cloud Discovery and Exposure Management","CDEMMicroServices.json" "get","/asm/api/v1/service","Get Services","listServices","Cloud Discovery and Exposure Management","CDEMMicroServices.json" "get","/asm/api/v1/service/{serviceId}","Get Service Details","fetchAsmServiceDetails","Cloud Discovery and Exposure Management","CDEMMicroServices.json" -"get","/asm/api/v1/industry-benchmarks","Get Industry Benchmarks Data","getIndustryBenchmarks","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"get","/asm/api/v1/industry-benchmarks","Get Industry Benchmark Data","getIndustryBenchmarks","Cloud Discovery and Exposure Management","CDEMMicroServices.json" "get","/asm/api/v1/dashboard/convertible-accounts","Get Convertible Accounts","getConvertibleCloudAccounts","Cloud Discovery and Exposure Management","CDEMMicroServices.json" -"get","/asm/api/v1/dashboard/asset","Get Assets","listAssets","Cloud Discovery and Exposure Management","CDEMMicroServices.json" -"get","/asm/api/v1/dashboard/asset/trend","Get Asset Trend","fetchAssetsByManageTypeAndRemediation","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"get","/asm/api/v1/dashboard/asset","Get Convertible Assets","listAssets","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"get","/asm/api/v1/dashboard/asset/trend","Get Asset Trend for last 90 days","fetchAssetsByManageTypeAndRemediation","Cloud Discovery and Exposure Management","CDEMMicroServices.json" "get","/asm/api/v1/dashboard/asset/top-risk","Get Asset Top Risks","getTopRisks","Cloud Discovery and Exposure Management","CDEMMicroServices.json" -"get","/asm/api/v1/dashboard/asset/internet-exposure-risk","Get Internet Exposure Risk","fetchInternetExposureAsmAssets","Cloud Discovery and Exposure Management","CDEMMicroServices.json" -"get","/asm/api/v1/dashboard/asset/geolocation","Get Assets Geolocation Data","fetchAssetByGeoLocation","Cloud Discovery and Exposure Management","CDEMMicroServices.json" -"get","/asm/api/v1/dashboard/asset/count","Get Assets Count","getAssetCounts","Cloud Discovery and Exposure Management","CDEMMicroServices.json" -"get","/asm/api/v1/asset/{asset_id}","Get Asset by ID","getAssetDetails","Cloud Discovery and Exposure Management","CDEMMicroServices.json" -"get","/asm/api/v1/asset/{asmAssetId}/service","Get Asset Services by ID","fetchAsmServicesLinkedToAsset","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"get","/asm/api/v1/dashboard/asset/internet-exposure-risk","Get Internet Exposure Risk Distribution","fetchInternetExposureAsmAssets","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"get","/asm/api/v1/dashboard/asset/geolocation","Get Assets Count Across Location","fetchAssetByGeoLocation","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"get","/asm/api/v1/dashboard/asset/count","Get Convertible Assets Count","getAssetCounts","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"get","/asm/api/v1/asset/{asset_id}","Get Asset Details by ID","getAssetDetails","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"get","/asm/api/v1/asset/{asmAssetId}/service","Get List of Service for an Asset","fetchAsmServicesLinkedToAsset","Cloud Discovery and Exposure Management","CDEMMicroServices.json" "get","/asm/api/v1/asset/filters","Get Asset Filters","getAssetFilters","Cloud Discovery and Exposure Management","CDEMMicroServices.json" "post","/cas/v1/aws_account","Add Cloud Account (AWS)","add-aws-cloud-account","Cloud Accounts (AWS)","Monolith" "put","/cas/v1/aws_account/{id}","Update Cloud Account (AWS)","update-aws-cloud-account","Cloud Accounts (AWS)","Monolith" From 4b0f57bede186ea397d1f495287be5212f06f421 Mon Sep 17 00:00:00 2001 From: AbiMano4688 Date: Wed, 18 Oct 2023 18:48:25 +0530 Subject: [PATCH 15/15] fixed admin guide links --- openapi-specs/cspm/CDEMMicroServices.json | 214 +++++++++++++----- openapi-specs/cspm/DataSecurityDashboard.json | 4 +- openapi-specs/cspm/DataSecurityInventory.json | 6 +- openapi-specs/cspm/DataSecuritySettings.json | 4 +- openapi-specs/cspm/IAMIdpMicroService.json | 4 +- openapi-specs/cspm/IAMMicroService.json | 4 +- openapi-specs/cspm/SearchMicroService.json | 4 +- openapi-specs/cspm/UserRoles.json | 5 +- .../cspm/consolidated_spec/all_endpoints.csv | 16 +- .../api/cspm/api-integration-config.md | 6 +- products/prisma-cloud/api/cspm/cspm-api.md | 5 +- products/prisma-cloud/docs/cspm/cspm-gs.md | 2 +- 12 files changed, 191 insertions(+), 83 deletions(-) diff --git a/openapi-specs/cspm/CDEMMicroServices.json b/openapi-specs/cspm/CDEMMicroServices.json index 6084062a5..7c906eb3a 100644 --- a/openapi-specs/cspm/CDEMMicroServices.json +++ b/openapi-specs/cspm/CDEMMicroServices.json @@ -73,8 +73,7 @@ "$ref": "#/components/schemas/CloudAccountsList" } } - }, - "required": true + } }, "responses": { "200": { @@ -103,7 +102,7 @@ ], "summary": "Get Assets List", "description": "Get the list of assets based on cloud-type, asset-type, manage-type, and service-type.", - "operationId": "assetInventoryForL3", + "operationId": "asset-inventory-for-l3", "requestBody": { "content": { "application/json": { @@ -111,8 +110,7 @@ "$ref": "#/components/schemas/AssetInventoryRequest" } } - }, - "required": true + } }, "responses": { "200": { @@ -161,8 +159,7 @@ "$ref": "#/components/schemas/FindingRequest" } } - }, - "required": true + } }, "responses": { "200": { @@ -211,8 +208,7 @@ "$ref": "#/components/schemas/FindingRequest" } } - }, - "required": true + } }, "responses": { "200": { @@ -239,9 +235,9 @@ "tags": [ "Cloud Discovery and Exposure Management" ], - "summary": "Send email to logged in user, with asset details", + "summary": "Send Asset Details via Email", "description": "Sends email with details of assets.", - "operationId": "sendAssetDetailEmailFromSidecar", + "operationId": "send-asset-detail-email-from-sidecar", "requestBody": { "content": { "application/json": { @@ -249,8 +245,7 @@ "$ref": "#/components/schemas/SidecarOverview" } } - }, - "required": true + } }, "responses": { "200": { @@ -279,7 +274,7 @@ ], "summary": "Get Aggregated Asset Count by Asset Type", "description": "Get count of assets aggregated by asset type based on cloud provider,service type,asset-type, and manage-type.", - "operationId": "getAssetCountByAssetTypeForL2", + "operationId": "get-asset-count-by-asset-type-for-l2", "requestBody": { "content": { "application/json": { @@ -287,8 +282,7 @@ "$ref": "#/components/schemas/ResourceTypeAggregation" } } - }, - "required": true + } }, "responses": { "200": { @@ -317,7 +311,7 @@ ], "summary": "Get Aggregated Asset Count by Cloud Type", "description": "Get count of assets aggregated by cloud service provider.", - "operationId": "getAssetsAggregatedByProviderForL1", + "operationId": "get-assets-aggregated-by-provider-for-l1", "requestBody": { "content": { "application/json": { @@ -325,8 +319,7 @@ "$ref": "#/components/schemas/CloudTypeAggregation" } } - }, - "required": true + } }, "responses": { "200": { @@ -431,7 +424,8 @@ "required": false, "schema": { "type": "string" - } + }, + "example": true } ], "responses": { @@ -621,7 +615,7 @@ ], "summary": "Get Asset Trend for last 90 days", "description": "Get asset trend for managed, unmanaged, and remediated assets.", - "operationId": "fetchAssetsByManageTypeAndRemediation", + "operationId": "fetch-assets-by-manage-type-and-remediation", "parameters": [ { "name": "timestamp", @@ -692,7 +686,7 @@ ], "summary": "Get Internet Exposure Risk Distribution", "description": "Get the internet exposure risk statistics of every asset type for last 24 hours", - "operationId": "fetchInternetExposureAsmAssets", + "operationId": "fetch-internet-exposure-asm-assets", "responses": { "200": { "description": "OK", @@ -719,7 +713,7 @@ "Cloud Discovery and Exposure Management" ], "summary": "Get Assets Count Across Location", - "operationId": "fetchAssetByGeoLocation", + "operationId": "fetch-asset-by-geo-location", "responses": { "200": { "description": "OK", @@ -775,7 +769,7 @@ ], "summary": "Get Asset Details by ID", "description": "Get asset overview or details by asset id.", - "operationId": "getAssetDetails", + "operationId": "get-asset-details", "parameters": [ { "name": "asset_id", @@ -938,13 +932,22 @@ "type": "object", "properties": { "accountId": { + "title": "Account ID", "type": "string" }, "accountName": { + "title": "Account name", "type": "string" }, "cloudType": { - "type": "string" + "title": "Cloud types", + "type": "string", + "enum": [ + "AWS", + "GCP", + "AZURE", + "ALIBABA_CLOUD" + ] } } }, @@ -958,8 +961,7 @@ "$ref": "#/components/schemas/CloudAccountDetails" } } - }, - "description": "List of cloud accounts." + } }, "AccountConversionResponse": { "type": "object", @@ -997,81 +999,130 @@ "type": "object", "properties": { "snapshotDate": { + "title": "Snapshot date", "type": "integer", "format": "int64" }, "cloudTypes": { + "title": "Cloud types", "uniqueItems": true, "type": "array", "items": { - "type": "string" - } + "title": "Cloud types", + "type": "string", + "enum": [ + "AWS", + "GCP", + "AZURE", + "ALIBABA_CLOUD" + ] + }, + "enum": [ + "AWS", + "GCP", + "AZURE", + "ALIBABA_CLOUD" + ] }, "assetTypes": { + "title": "Asset types", "uniqueItems": true, "type": "array", "items": { - "type": "string" - } + "title": "Asset types", + "type": "string", + "default": "['Domain', 'ResponsiveIP']" + }, + "default": "['Domain', 'ResponsiveIP']" }, "manageType": { - "type": "string" + "title": "Manage type", + "type": "string", + "enum": [ + "MANAGED", + "UNMANAGED" + ], + "default": "UNMANAGED" }, "serviceTypes": { + "title": "Service types", "uniqueItems": true, "type": "array", "items": { + "title": "Service types", "type": "string" } }, "nextPageToken": { + "title": "Next page token", "type": "string" }, "searchText": { + "title": "Seach text", "type": "string" } - }, - "description": "Asset Inventory request" + } }, "FindingRequest": { "type": "object", "properties": { "snapshotDate": { + "title": "Snapshot date in ms", "type": "integer", "format": "int64" }, "types": { + "title": "List of types", "type": "array", "items": { + "title": "List of types", "type": "string" } }, "severities": { + "title": "List of severities", "type": "array", "items": { - "type": "string" - } + "title": "List of severities", + "type": "string", + "enum": [ + "High", + "Critical", + "Medium", + "Low" + ] + }, + "enum": [ + "High", + "Critical", + "Medium", + "Low" + ] } - }, - "description": "Finding request" + } }, "SidecarOverview": { "type": "object", "properties": { "pcAssetId": { + "title": "Prisma Cloud asset ID", "type": "string" }, "asmAssetId": { + "title": "CDEM asset ID", "type": "string", "format": "uuid" }, "name": { + "title": "Name", "type": "string" }, "cloudTypes": { + "title": "Set of cloud types", "uniqueItems": true, "type": "array", "items": { + "title": "Set of cloud types", "type": "string", "enum": [ "AWS", @@ -1082,12 +1133,15 @@ } }, "cloudAccountId": { + "title": "Cloud account ID", "type": "string" }, "cloudAccountName": { + "title": "Cloud account name", "type": "string" }, "conversionStatus": { + "title": "Conversion status", "type": "string", "enum": [ "DISCOVERED", @@ -1098,78 +1152,130 @@ ] }, "type": { + "title": "Type", "type": "string" } - }, - "description": "Asset overview" + } }, "ResourceTypeAggregation": { "type": "object", "properties": { "cloudTypes": { + "title": "Cloud types", "uniqueItems": true, "type": "array", "items": { - "type": "string" - } + "title": "Cloud types", + "type": "string", + "enum": [ + "AWS", + "GCP", + "AZURE", + "ALIBABA_CLOUD" + ] + }, + "enum": [ + "AWS", + "GCP", + "AZURE", + "ALIBABA_CLOUD" + ] }, "snapshotDate": { + "title": "Snapshot date", "type": "integer", "format": "int64" }, "serviceTypes": { + "title": "Service types", "uniqueItems": true, "type": "array", "items": { + "title": "Service types", "type": "string" } }, "assetTypes": { + "title": "Asset types", "uniqueItems": true, "type": "array", "items": { - "type": "string" - } + "title": "Asset types", + "type": "string", + "default": "['Domain', 'ResponsiveIP']" + }, + "default": "['Domain', 'ResponsiveIP']" }, "manageType": { - "type": "string" + "title": "Manage type", + "type": "string", + "enum": [ + "MANAGED", + "UNMANAGED" + ], + "default": "UNMANAGED" } - }, - "description": "Resource type aggregation." + } }, "CloudTypeAggregation": { "type": "object", "properties": { "snapshotDate": { + "title": "Snapshot Date in ms", "type": "integer", "format": "int64" }, "assetTypes": { + "title": "Asset types", "uniqueItems": true, "type": "array", "items": { - "type": "string" - } + "title": "Asset types", + "type": "string", + "default": "['Domain', 'ResponsiveIP']" + }, + "default": "['Domain', 'ResponsiveIP']" }, "manageType": { - "type": "string" + "title": "Manage type", + "type": "string", + "enum": [ + "MANAGED", + "UNMANAGED" + ], + "default": "UNMANAGED" }, "serviceTypes": { + "title": "Service types", "uniqueItems": true, "type": "array", "items": { + "title": "Service types", "type": "string" } }, "cloudTypes": { + "title": "Cloud types", "uniqueItems": true, "type": "array", "items": { - "type": "string" - } + "title": "Cloud types", + "type": "string", + "enum": [ + "AWS", + "GCP", + "AZURE", + "ALIBABA_CLOUD" + ] + }, + "enum": [ + "AWS", + "GCP", + "AZURE", + "ALIBABA_CLOUD" + ] } - }, - "description": "Cloud type aggregation." + } }, "AssetTrend": { "type": "object", diff --git a/openapi-specs/cspm/DataSecurityDashboard.json b/openapi-specs/cspm/DataSecurityDashboard.json index b297195c3..9682b11f7 100644 --- a/openapi-specs/cspm/DataSecurityDashboard.json +++ b/openapi-specs/cspm/DataSecurityDashboard.json @@ -406,7 +406,7 @@ }, "info": { "contact": {}, - "description": "The Data Security capabilities on Prisma Cloud enable you to discover and classify data stored \nin AWS S3 buckets and protect accidental exposure, misuse, or sharing of sensitive data. The \ndata dashboard provides visibility into your S3 storage. \n\nTo get started with data security, see \n[Prisma Cloud Data Security](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud-data-security.html).\n", + "description": "The Data Security capabilities on Prisma Cloud enable you to discover and classify data stored \nin AWS S3 buckets and protect accidental exposure, misuse, or sharing of sensitive data. The \ndata dashboard provides visibility into your S3 storage. \n\nTo get started with data security, see \n[Prisma Cloud Data Security](https://docs.prismacloud.io/en/classic/cspm-admin-guide/prisma-cloud-data-security/prisma-cloud-data-security). \nIf you are upgraded to the Darwin release, \nsee [Prisma Cloud Data Security](https://docs.prismacloud.io/en/enterprise-edition/content-collections/administration/configure-data-security/configure-data-security).\n", "title": "Prisma Cloud Data Security Dashboard API Overview", "version": "Latest" }, @@ -750,7 +750,7 @@ ], "tags": [ { - "description": "The Data Security capabilities on Prisma Cloud enable you to discover and classify data stored \nin AWS S3 buckets and protect accidental exposure, misuse, or sharing of sensitive data. The \ndata dashboard provides visibility into your S3 storage. \n\nTo get started with data security, see \n[Prisma Cloud Data Security](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud-data-security.html).\n", + "description": "The Data Security capabilities on Prisma Cloud enable you to discover and classify data stored \nin AWS S3 buckets and protect accidental exposure, misuse, or sharing of sensitive data. The \ndata dashboard provides visibility into your S3 storage. \n\nTo get started with data security, see \n[Prisma Cloud Data Security](https://docs.prismacloud.io/en/classic/cspm-admin-guide/prisma-cloud-data-security/prisma-cloud-data-security). \nIf you are upgraded to the Darwin release, \nsee [Prisma Cloud Data Security](https://docs.prismacloud.io/en/enterprise-edition/content-collections/administration/configure-data-security/configure-data-security).\n", "name": "Data Security Dashboard" } ] diff --git a/openapi-specs/cspm/DataSecurityInventory.json b/openapi-specs/cspm/DataSecurityInventory.json index 8c3252986..5eb21436e 100644 --- a/openapi-specs/cspm/DataSecurityInventory.json +++ b/openapi-specs/cspm/DataSecurityInventory.json @@ -1036,7 +1036,7 @@ "operator": { "description": "Operator", "enum": [ - "=" + "tag:yaml.org,2002:value =" ], "type": "string" }, @@ -1051,7 +1051,7 @@ }, "info": { "contact": {}, - "description": "The Data Security capabilities on Prisma Cloud enable you to discover and classify data stored \nin AWS S3 buckets and protect accidental exposure, misuse, or sharing of sensitive data. The\ndata inventory provides information about the number of S3 storage buckets being monitored and\nabout how objects are exposed—public, sensitive, or malware.\n\n To get started with data security, see \n[Prisma Cloud Data Security](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud-data-security.html). \n", + "description": "The Data Security capabilities on Prisma Cloud enable you to discover and classify data stored \nin AWS S3 buckets and protect accidental exposure, misuse, or sharing of sensitive data. The\ndata inventory provides information about the number of S3 storage buckets being monitored and\nabout how objects are exposed—public, sensitive, or malware.\n\n To get started with data security, see \n [Prisma Cloud Data Security](https://docs.prismacloud.io/en/classic/cspm-admin-guide/prisma-cloud-data-security/prisma-cloud-data-security). \n If you are upgraded to the Darwin release, \n see [Prisma Cloud Data Security](https://docs.prismacloud.io/en/enterprise-edition/content-collections/administration/configure-data-security/configure-data-security). \n", "title": "Prisma Cloud Data Security Inventory API Overview", "version": "Latest" }, @@ -1700,7 +1700,7 @@ ], "tags": [ { - "description": "The Data Security capabilities on Prisma Cloud enable you to discover and classify data stored \nin AWS S3 buckets and protect accidental exposure, misuse, or sharing of sensitive data. The\ndata inventory provides information about the number of S3 storage buckets being monitored and\nabout how objects are exposed—public, sensitive, or malware.\n\n To get started with data security, see \n[Prisma Cloud Data Security](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud-data-security.html). \n", + "description": "The Data Security capabilities on Prisma Cloud enable you to discover and classify data stored \nin AWS S3 buckets and protect accidental exposure, misuse, or sharing of sensitive data. The\ndata inventory provides information about the number of S3 storage buckets being monitored and\nabout how objects are exposed—public, sensitive, or malware.\n\n To get started with data security, see \n [Prisma Cloud Data Security](https://docs.prismacloud.io/en/classic/cspm-admin-guide/prisma-cloud-data-security/prisma-cloud-data-security). \n If you are upgraded to the Darwin release, \n see [Prisma Cloud Data Security](https://docs.prismacloud.io/en/enterprise-edition/content-collections/administration/configure-data-security/configure-data-security). \n", "name": "Data Security Inventory" } ] diff --git a/openapi-specs/cspm/DataSecuritySettings.json b/openapi-specs/cspm/DataSecuritySettings.json index c5bef60e6..cc88c88b1 100644 --- a/openapi-specs/cspm/DataSecuritySettings.json +++ b/openapi-specs/cspm/DataSecuritySettings.json @@ -1010,7 +1010,7 @@ }, "info": { "contact": {}, - "description": "Prisma Cloud Data Security enables you to discover and classify data stored \nin AWS S3 buckets and protect accidental exposure, misuse, or sharing of sensitive data. You can use\nthe data security settings APIs to manage data profiles, data patterns, and snippets.\n\n### Error Handling\n\nAs with other Prisma Cloud public API requests, Data Security Settings API requests return standard \nHTTP response codes. When more details are available, the error response includes the following:\n\nProperty | Type | Description \n-----------| ---- | ----------- \nmessage | string | Error message\nname | string | Exception name\ndetail | string | Exception details \n\nTo get started with data security, see \n[Prisma Cloud Data Security](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud-data-security.html).\n", + "description": "Prisma Cloud Data Security enables you to discover and classify data stored \nin AWS S3 buckets and protect accidental exposure, misuse, or sharing of sensitive data. You can use\nthe data security settings APIs to manage data profiles, data patterns, and snippets.\n\n### Error Handling\n\nAs with other Prisma Cloud public API requests, Data Security Settings API requests return standard \nHTTP response codes. When more details are available, the error response includes the following:\n\nProperty | Type | Description \n-----------| ---- | ----------- \nmessage | string | Error message\nname | string | Exception name\ndetail | string | Exception details \n\nTo get started with data security, see \n[Prisma Cloud Data Security](https://docs.prismacloud.io/en/classic/cspm-admin-guide/prisma-cloud-data-security/prisma-cloud-data-security). \nIf you are upgraded to the Darwin release, \nsee [Prisma Cloud Data Security](https://docs.prismacloud.io/en/enterprise-edition/content-collections/administration/configure-data-security/configure-data-security).\n", "title": "Prisma Cloud Data Security Settings API Overview", "version": "Latest" }, @@ -1887,7 +1887,7 @@ ], "tags": [ { - "description": "Prisma Cloud Data Security enables you to discover and classify data stored \nin AWS S3 buckets and protect accidental exposure, misuse, or sharing of sensitive data. You can use\nthe data security settings APIs to manage data profiles, data patterns, and snippets.\n\n### Error Handling\n\nAs with other Prisma Cloud public API requests, Data Security Settings API requests return standard \nHTTP response codes. When more details are available, the error response includes the following:\n\nProperty | Type | Description \n-----------| ---- | ----------- \nmessage | string | Error message\nname | string | Exception name\ndetail | string | Exception details \n\nTo get started with data security, see \n[Prisma Cloud Data Security](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud-data-security.html).\n", + "description": "Prisma Cloud Data Security enables you to discover and classify data stored \nin AWS S3 buckets and protect accidental exposure, misuse, or sharing of sensitive data. You can use\nthe data security settings APIs to manage data profiles, data patterns, and snippets.\n\n### Error Handling\n\nAs with other Prisma Cloud public API requests, Data Security Settings API requests return standard \nHTTP response codes. When more details are available, the error response includes the following:\n\nProperty | Type | Description \n-----------| ---- | ----------- \nmessage | string | Error message\nname | string | Exception name\ndetail | string | Exception details \n\nTo get started with data security, see \n[Prisma Cloud Data Security](https://docs.prismacloud.io/en/classic/cspm-admin-guide/prisma-cloud-data-security/prisma-cloud-data-security). \nIf you are upgraded to the Darwin release, \nsee [Prisma Cloud Data Security](https://docs.prismacloud.io/en/enterprise-edition/content-collections/administration/configure-data-security/configure-data-security).\n", "name": "Data Security Settings" } ] diff --git a/openapi-specs/cspm/IAMIdpMicroService.json b/openapi-specs/cspm/IAMIdpMicroService.json index e844a37e5..98ffed1c2 100644 --- a/openapi-specs/cspm/IAMIdpMicroService.json +++ b/openapi-specs/cspm/IAMIdpMicroService.json @@ -2,7 +2,7 @@ "openapi": "3.0.1", "info": { "title": "IAM IDP Security API Overview", - "description": "Prisma Cloud identity and access management (IAM) security integrates with the identity \nprovider (IdP) service Okta to ingest single sign-on (SSO) data for the effective permissions \ncalculation in the IAM Security module.\n\n\nSee [Integrate Prisma Cloud with Okta](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud-iam-security/integrate-prisma-cloud-with-okta.html#id2990b78d-1bdc-4090-a716-d899e62db060)\nfor more information.\n", + "description": "Prisma Cloud identity and access management (IAM) security integrates with the identity \nprovider (IdP) service Okta to ingest single sign-on (SSO) data for the effective permissions \ncalculation in the IAM Security module.\n\n\nFor more information, see [Integrate Prisma Cloud with Okta](https://docs.prismacloud.io/en/classic/cspm-admin-guide/prisma-cloud-iam-security/integrate-prisma-cloud-with-okta). If you are upgraded to the Darwin release, see [Integrate Prisma Cloud with Okta](https://docs.prismacloud.io/en/enterprise-edition/content-collections/administration/configure-iam-security/integrate-prisma-cloud-with-okta)\n.", "version": "Latest", "contact": {} }, @@ -56,7 +56,7 @@ "tags": [ { "name": "IAM IDP", - "description": "Prisma Cloud identity and access management (IAM) security integrates with the identity \nprovider (IdP) service Okta to ingest single sign-on (SSO) data for the effective permissions \ncalculation in the IAM Security module.\n\n\nSee [Integrate Prisma Cloud with Okta](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud-iam-security/integrate-prisma-cloud-with-okta.html#id2990b78d-1bdc-4090-a716-d899e62db060)\nfor more information.\n" + "description": "Prisma Cloud identity and access management (IAM) security integrates with the identity \nprovider (IdP) service Okta to ingest single sign-on (SSO) data for the effective permissions \ncalculation in the IAM Security module.\n\n\nFor more information, see [Integrate Prisma Cloud with Okta](https://docs.prismacloud.io/en/classic/cspm-admin-guide/prisma-cloud-iam-security/integrate-prisma-cloud-with-okta). If you are upgraded to the Darwin release, see [Integrate Prisma Cloud with Okta](https://docs.prismacloud.io/en/enterprise-edition/content-collections/administration/configure-iam-security/integrate-prisma-cloud-with-okta)\n." } ], "paths": { diff --git a/openapi-specs/cspm/IAMMicroService.json b/openapi-specs/cspm/IAMMicroService.json index 1b3a7dce4..c422a50d0 100644 --- a/openapi-specs/cspm/IAMMicroService.json +++ b/openapi-specs/cspm/IAMMicroService.json @@ -2,7 +2,7 @@ "openapi": "3.0.1", "info": { "title": "IAM Security API Overview", - "description": "Prisma Cloud identity and access management (IAM) security provides:\n* Visiblity—Query all relevant IAM entities\n* Gonvernance—Monitor your cloud environment for overly-used permissions\n* Response—Automatically remediate permissions\n\nThe IAM security endpoints enable you to investigate IAM data programmatically.\n\nSee [Primsa Cloud IAM Security](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud-iam-security/what-is-prisma-cloud-iam-security.html)\nfor more information.\n\n\n### Error Handling\n\nLike other Prisma Cloud public API requests, the IAM security API requests return standard HTTP response codes. \nUnlike most other CSPM API error handling, IAM security API error responses do not include an [x-redlock-status](//prisma-cloud/api/cspm/api-errors)\nin the response header.\n\n\n### Pagination\n\nYou can control the number of items in a response for endpoints that support pagination. \nUse request parameter **limit** to control the maximum number of items in a response. If the response includes\n**data.nextPageToken**, use **data.nextPageToken** as the request parameter **pageToken** in a request for\nthe next page of data. \n\nThe following table summarizes the request parameters for pagination:\n\nRequest Parameter | Description \n-----------| -------\n**limit** | Maximum number of items to return in a page.\n**pageToken** | Use the **data.nextPageToken** value from the previous response object to return the next page of data.\n", + "description": "Prisma Cloud identity and access management (IAM) security provides:\n* Visiblity—Query all relevant IAM entities\n* Gonvernance—Monitor your cloud environment for overly-used permissions\n* Response—Automatically remediate permissions\n\nThe IAM security endpoints enable you to investigate IAM data programmatically.\n\nFor more information, see [Primsa Cloud IAM Security](https://docs.prismacloud.io/en/classic/cspm-admin-guide/prisma-cloud-iam-security/what-is-prisma-cloud-iam-security)\n. If you are upgraded to the Darwin release, see [Primsa Cloud IAM Security]https://docs.prismacloud.io/en/enterprise-edition/content-collections/administration/configure-iam-security/what-is-prisma-cloud-iam-security\n \n\n\n### Error Handling\n\nLike other Prisma Cloud public API requests, the IAM security API requests return standard HTTP response codes. \nUnlike most other CSPM API error handling, IAM security API error responses do not include an [x-redlock-status](//prisma-cloud/api/cspm/api-errors)\nin the response header.\n\n\n### Pagination\n\nYou can control the number of items in a response for endpoints that support pagination. \nUse request parameter **limit** to control the maximum number of items in a response. If the response includes\n**data.nextPageToken**, use **data.nextPageToken** as the request parameter **pageToken** in a request for\nthe next page of data. \n\nThe following table summarizes the request parameters for pagination:\n\nRequest Parameter | Description \n-----------| -------\n**limit** | Maximum number of items to return in a page.\n**pageToken** | Use the **data.nextPageToken** value from the previous response object to return the next page of data.\n", "version": "Latest", "contact": {} }, @@ -56,7 +56,7 @@ "tags": [ { "name": "IAM", - "description": "Prisma Cloud identity and access management (IAM) security provides:\n* Visiblity—Query all relevant IAM entities\n* Gonvernance—Monitor your cloud environment for overly-used permissions\n* Response—Automatically remediate permissions\n\nThe IAM security endpoints enable you to investigate IAM data programmatically.\n\nSee [Primsa Cloud IAM Security](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud-iam-security/what-is-prisma-cloud-iam-security.html)\nfor more information.\n\n\n### Error Handling\n\nLike other Prisma Cloud public API requests, the IAM security API requests return standard HTTP response codes. \nUnlike most other CSPM API error handling, IAM security API error responses do not include an [x-redlock-status](//prisma-cloud/api/cspm/api-errors)\nin the response header.\n\n\n### Pagination\n\nYou can control the number of items in a response for endpoints that support pagination. \nUse request parameter **limit** to control the maximum number of items in a response. If the response includes\n**data.nextPageToken**, use **data.nextPageToken** as the request parameter **pageToken** in a request for\nthe next page of data. \n\nThe following table summarizes the request parameters for pagination:\n\nRequest Parameter | Description \n-----------| -------\n**limit** | Maximum number of items to return in a page.\n**pageToken** | Use the **data.nextPageToken** value from the previous response object to return the next page of data.\n" + "description": "Prisma Cloud identity and access management (IAM) security provides:\n* Visiblity—Query all relevant IAM entities\n* Gonvernance—Monitor your cloud environment for overly-used permissions\n* Response—Automatically remediate permissions\n\nThe IAM security endpoints enable you to investigate IAM data programmatically.\n\nFor more information, see [Primsa Cloud IAM Security](https://docs.prismacloud.io/en/classic/cspm-admin-guide/prisma-cloud-iam-security/what-is-prisma-cloud-iam-security)\n. If you are upgraded to the Darwin release, see [Primsa Cloud IAM Security]https://docs.prismacloud.io/en/enterprise-edition/content-collections/administration/configure-iam-security/what-is-prisma-cloud-iam-security\n \n\n\n### Error Handling\n\nLike other Prisma Cloud public API requests, the IAM security API requests return standard HTTP response codes. \nUnlike most other CSPM API error handling, IAM security API error responses do not include an [x-redlock-status](//prisma-cloud/api/cspm/api-errors)\nin the response header.\n\n\n### Pagination\n\nYou can control the number of items in a response for endpoints that support pagination. \nUse request parameter **limit** to control the maximum number of items in a response. If the response includes\n**data.nextPageToken**, use **data.nextPageToken** as the request parameter **pageToken** in a request for\nthe next page of data. \n\nThe following table summarizes the request parameters for pagination:\n\nRequest Parameter | Description \n-----------| -------\n**limit** | Maximum number of items to return in a page.\n**pageToken** | Use the **data.nextPageToken** value from the previous response object to return the next page of data.\n" } ], "paths": { diff --git a/openapi-specs/cspm/SearchMicroService.json b/openapi-specs/cspm/SearchMicroService.json index 8aa33909a..79359bcb3 100644 --- a/openapi-specs/cspm/SearchMicroService.json +++ b/openapi-specs/cspm/SearchMicroService.json @@ -2,7 +2,7 @@ "openapi": "3.0.1", "info": { "title": "Prisma Cloud RQL APIs", - "description": "You can use the Resource Query Language (RQL) to perform configuration checks across cloud services as well as \ngain real-time insights into user and network events to gain security visibility and create policy guardrails \nin your cloud environment. See the [Prisma Cloud documentation](https://docs.paloaltonetworks.com/prisma/prisma-cloud.html) for more information.\n", + "description": "You can use the Resource Query Language (RQL) to perform configuration checks across cloud services as well as \ngain real-time insights into user and network events to gain security visibility and create policy guardrails \nin your cloud environment. For more information, see [Prisma Cloud documentation](https://docs.prismacloud.io/en/classic/cspm-admin-guide/get-started-with-prisma-cloud/get-started-with-prisma-cloud). If you are upgraded to the Darwin release, see [Prisma Cloud documentation](https://docs.prismacloud.io/en/enterprise-edition/content-collections/get-started/get-started).\n", "contact": {}, "license": { "name": "Public" @@ -59,7 +59,7 @@ "tags": [ { "name": "Search", - "description": "You can use the Resource Query Language (RQL) to perform configuration checks across cloud services as well as \ngain real-time insights into user and network events to gain security visibility and create policy guardrails \nin your cloud environment. See the [Prisma Cloud documentation](https://docs.paloaltonetworks.com/prisma/prisma-cloud.html) for more information.\n" + "description": "You can use the Resource Query Language (RQL) to perform configuration checks across cloud services as well as \ngain real-time insights into user and network events to gain security visibility and create policy guardrails \nin your cloud environment. For more information, see [Prisma Cloud documentation](https://docs.prismacloud.io/en/classic/cspm-admin-guide/get-started-with-prisma-cloud/get-started-with-prisma-cloud). If you are upgraded to the Darwin release, see [Prisma Cloud documentation](https://docs.prismacloud.io/en/enterprise-edition/content-collections/get-started/get-started).\n" } ], "paths": { diff --git a/openapi-specs/cspm/UserRoles.json b/openapi-specs/cspm/UserRoles.json index 4e60d96f6..2917bc522 100644 --- a/openapi-specs/cspm/UserRoles.json +++ b/openapi-specs/cspm/UserRoles.json @@ -279,7 +279,7 @@ ] }, "post": { - "description": "Creates a new user role. \r\n\r\nSee [Prisma Cloud Administrator Permissions](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/manage-prisma-cloud-administrators/prisma-cloud-admin-permissions.html) \nfor the permissions associated with each role.\n\nNote that the request body parameter **accountGroupIds** is required but can be an empty array.\n", + "description": "Creates a new user role. \r\n\r\nFor the permissions associated with each role, see [Prisma Cloud Administrator Permissions](https://docs.prismacloud.io/en/classic/cspm-admin-guide/manage-prisma-cloud-administrators/prisma-cloud-admin-permissions).\nIf you are upgraded to the Darwin release, see [Prisma Cloud Administrator Permissions](https://docs.prismacloud.io/en/enterprise-edition/content-collections/administration/prisma-cloud-admin-permissions). \n\n\nNote that the request body parameter **accountGroupIds** is required but can be an empty array.\n", "operationId": "add-user-role", "requestBody": { "content": { @@ -385,7 +385,8 @@ "COMPUTE_ACCOUNT_READ_ONLY", "JIT_ADMIN", "APPSEC_ADMIN", - "JIT_REQUESTER" + "JIT_REQUESTER", + "SYSTEM_AUDITOR" ], "type": "string" }, diff --git a/openapi-specs/cspm/consolidated_spec/all_endpoints.csv b/openapi-specs/cspm/consolidated_spec/all_endpoints.csv index 0642253e0..ca092758f 100644 --- a/openapi-specs/cspm/consolidated_spec/all_endpoints.csv +++ b/openapi-specs/cspm/consolidated_spec/all_endpoints.csv @@ -78,23 +78,23 @@ "post","/v2/inventory/trend","Asset Inventory Trend View V2 - POST","post-method-asset-inventory-trend-v2","Asset Inventory","Monolith" "get","/audit/redlock","Prisma Cloud Audit Logs","rl-audit-logs","Audit Logs","Monolith" "post","/asm/api/v1/convert-cloud-account","Onboard Cloud Accounts","onboardCloudAccounts","Cloud Discovery and Exposure Management","CDEMMicroServices.json" -"post","/asm/api/v1/asset","Get Assets List","assetInventoryForL3","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"post","/asm/api/v1/asset","Get Assets List","asset-inventory-for-l3","Cloud Discovery and Exposure Management","CDEMMicroServices.json" "post","/asm/api/v1/asset/{asset_id}/finding","Get Findings of an Asset ","getAssetFindings","Cloud Discovery and Exposure Management","CDEMMicroServices.json" "post","/asm/api/v1/asset/{asset_id}/finding/filters","Get Asset Findings Filter","getFindingFilters","Cloud Discovery and Exposure Management","CDEMMicroServices.json" -"post","/asm/api/v1/asset/email","Send email to logged in user, with asset details","sendAssetDetailEmailFromSidecar","Cloud Discovery and Exposure Management","CDEMMicroServices.json" -"post","/asm/api/v1/asset/aggregation-by-resource-type","Get Aggregated Asset Count by Asset Type","getAssetCountByAssetTypeForL2","Cloud Discovery and Exposure Management","CDEMMicroServices.json" -"post","/asm/api/v1/asset/aggregation-by-cloud-type","Get Aggregated Asset Count by Cloud Type","getAssetsAggregatedByProviderForL1","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"post","/asm/api/v1/asset/email","Send Asset Details via Email","send-asset-detail-email-from-sidecar","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"post","/asm/api/v1/asset/aggregation-by-resource-type","Get Aggregated Asset Count by Asset Type","get-asset-count-by-asset-type-for-l2","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"post","/asm/api/v1/asset/aggregation-by-cloud-type","Get Aggregated Asset Count by Cloud Type","get-assets-aggregated-by-provider-for-l1","Cloud Discovery and Exposure Management","CDEMMicroServices.json" "get","/asm/api/v1/service","Get Services","listServices","Cloud Discovery and Exposure Management","CDEMMicroServices.json" "get","/asm/api/v1/service/{serviceId}","Get Service Details","fetchAsmServiceDetails","Cloud Discovery and Exposure Management","CDEMMicroServices.json" "get","/asm/api/v1/industry-benchmarks","Get Industry Benchmark Data","getIndustryBenchmarks","Cloud Discovery and Exposure Management","CDEMMicroServices.json" "get","/asm/api/v1/dashboard/convertible-accounts","Get Convertible Accounts","getConvertibleCloudAccounts","Cloud Discovery and Exposure Management","CDEMMicroServices.json" "get","/asm/api/v1/dashboard/asset","Get Convertible Assets","listAssets","Cloud Discovery and Exposure Management","CDEMMicroServices.json" -"get","/asm/api/v1/dashboard/asset/trend","Get Asset Trend for last 90 days","fetchAssetsByManageTypeAndRemediation","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"get","/asm/api/v1/dashboard/asset/trend","Get Asset Trend for last 90 days","fetch-assets-by-manage-type-and-remediation","Cloud Discovery and Exposure Management","CDEMMicroServices.json" "get","/asm/api/v1/dashboard/asset/top-risk","Get Asset Top Risks","getTopRisks","Cloud Discovery and Exposure Management","CDEMMicroServices.json" -"get","/asm/api/v1/dashboard/asset/internet-exposure-risk","Get Internet Exposure Risk Distribution","fetchInternetExposureAsmAssets","Cloud Discovery and Exposure Management","CDEMMicroServices.json" -"get","/asm/api/v1/dashboard/asset/geolocation","Get Assets Count Across Location","fetchAssetByGeoLocation","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"get","/asm/api/v1/dashboard/asset/internet-exposure-risk","Get Internet Exposure Risk Distribution","fetch-internet-exposure-asm-assets","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"get","/asm/api/v1/dashboard/asset/geolocation","Get Assets Count Across Location","fetch-asset-by-geo-location","Cloud Discovery and Exposure Management","CDEMMicroServices.json" "get","/asm/api/v1/dashboard/asset/count","Get Convertible Assets Count","getAssetCounts","Cloud Discovery and Exposure Management","CDEMMicroServices.json" -"get","/asm/api/v1/asset/{asset_id}","Get Asset Details by ID","getAssetDetails","Cloud Discovery and Exposure Management","CDEMMicroServices.json" +"get","/asm/api/v1/asset/{asset_id}","Get Asset Details by ID","get-asset-details","Cloud Discovery and Exposure Management","CDEMMicroServices.json" "get","/asm/api/v1/asset/{asmAssetId}/service","Get List of Service for an Asset","fetchAsmServicesLinkedToAsset","Cloud Discovery and Exposure Management","CDEMMicroServices.json" "get","/asm/api/v1/asset/filters","Get Asset Filters","getAssetFilters","Cloud Discovery and Exposure Management","CDEMMicroServices.json" "post","/cas/v1/aws_account","Add Cloud Account (AWS)","add-aws-cloud-account","Cloud Accounts (AWS)","Monolith" diff --git a/products/prisma-cloud/api/cspm/api-integration-config.md b/products/prisma-cloud/api/cspm/api-integration-config.md index 44c49bf15..f518a8156 100644 --- a/products/prisma-cloud/api/cspm/api-integration-config.md +++ b/products/prisma-cloud/api/cspm/api-integration-config.md @@ -8,7 +8,7 @@ The Prisma Cloud integration API endpoints enable you to receive Prisma Cloud al The request body for some of the endpoints includes an `integrationConfig` parameter that is a map of key/value pairs. The type of integration defines the content of these key/value pairs. The information below provides the details for this `integrationConfig` parameter for each listed technology. -Note that most external systems require some configuration before you can use the Prisma Cloud API endpoints to add an integration to that system. See [Prisma Cloud Integrations](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/configure-external-integrations-on-prisma-cloud/prisma-cloud-integrations.html) for details. +Note that most external systems require some configuration before you can use the Prisma Cloud API endpoints to add an integration to that system. For more details, see [Prisma Cloud Integrations](https://docs-preview.prismacloud.io/en/classic/cspm-admin-guide/configure-external-integrations-on-prisma-cloud/prisma-cloud-integrations). If you are upgraded to the Darwin release, see [Prisma Cloud Integrations](https://docs.prismacloud.io/en/enterprise-edition/content-collections/administration/configure-external-integrations-on-prisma-cloud/prisma-cloud-integrations). ### Amazon S3 @@ -71,7 +71,7 @@ To test an Amazon S3 integration, make your request as described in ### Amazon SQS -Prisma Cloud can send alerts to Amazon Simple Queue Service (SQS). Customers can consume these alerts through a Splunk add-on or through the AWS CloudFormation service. Once you [configure Amazon SQS to receive Prisma Cloud alerts](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/configure-external-integrations-on-prisma-cloud/integrate-prisma-cloud-with-amazon-sqs.html), you can use an API request to add the Amazon SQS integration to Prisma Cloud. +Prisma Cloud can send alerts to Amazon Simple Queue Service (SQS). Customers can consume these alerts through a Splunk add-on or through the AWS CloudFormation service. Once you [configure Amazon SQS to receive Prisma Cloud alerts](https://docs-preview.prismacloud.io/en/classic/cspm-admin-guide/configure-external-integrations-on-prisma-cloud/integrate-prisma-cloud-with-amazon-sqs), you can use an API request to add the Amazon SQS integration to Prisma Cloud. If you are upgraded to Darwin, see [configure Amazon SQS to receive Prisma Cloud alerts](https://docs.prismacloud.io/en/enterprise-edition/content-collections/administration/configure-external-integrations-on-prisma-cloud/integrate-prisma-cloud-with-amazon-sqs). #### Add, Update, or Test an Amazon SQS Integration @@ -135,7 +135,7 @@ To test an Amazon SQS integration, make the request with the corresponding reque ### Azure Service Bus Queue -Prisma Cloud can send alerts to an Azure Service Bus messaging service. To authorize access, you can either (1) use a shared access signature to limit access permissions to the Service Bus namespace or queue or (2) use the service principal credentials associated with the Azure Cloud account you've on-boarded to Prisma Cloud. If you plan to use the service principal that uses Azure Active Directory to authorize requests, you must include the additional role _Azure Service Bus Data Sender_ and enable _send_ access to the Service Bus namespace and queues. See [Integrate Prisma Cloud with Azure Service Bus](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/configure-external-integrations-on-prisma-cloud/integrate-prisma-cloud-with-azure-service-bus-queue.html) for details about these prerequisites. +Prisma Cloud can send alerts to an Azure Service Bus messaging service. To authorize access, you can either (1) use a shared access signature to limit access permissions to the Service Bus namespace or queue or (2) use the service principal credentials associated with the Azure Cloud account you've on-boarded to Prisma Cloud. If you plan to use the service principal that uses Azure Active Directory to authorize requests, you must include the additional role _Azure Service Bus Data Sender_ and enable _send_ access to the Service Bus namespace and queues. For details about these prerequisites, see [Integrate Prisma Cloud with Azure Service Bus](https://docs-preview.prismacloud.io/en/classic/cspm-admin-guide/configure-external-integrations-on-prisma-cloud/integrate-prisma-cloud-with-azure-service-bus-queue). If you are upgraded to the Darwin release, see [Integrate Prisma Cloud with Azure Service Bus](https://docs.prismacloud.io/en/enterprise-edition/content-collections/administration/configure-external-integrations-on-prisma-cloud/integrate-prisma-cloud-with-azure-service-bus-queue). #### Add, Update, or Test an Azure Service Bus Queue Integration diff --git a/products/prisma-cloud/api/cspm/cspm-api.md b/products/prisma-cloud/api/cspm/cspm-api.md index 823f995bd..638a84e4e 100644 --- a/products/prisma-cloud/api/cspm/cspm-api.md +++ b/products/prisma-cloud/api/cspm/cspm-api.md @@ -14,13 +14,14 @@ CSPM API requests require right privileges ### CSPM User Roles -To have the right privileges for a CSPM API request, you must have a [Prisma Cloud user role](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/manage-prisma-cloud-administrators/prisma-cloud-administrator-roles.html) with sufficient permissions. See [Prisma Cloud Administrator Permissions](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/manage-prisma-cloud-administrators/prisma-cloud-admin-permissions.html) for the permissions associated with each role. +To have the right privileges for a CSPM API request, you must have a [Prisma Cloud user role](https://docs-preview.prismacloud.io/en/classic/cspm-admin-guide/manage-prisma-cloud-administrators/prisma-cloud-administrator-roles) with sufficient permissions. If you are upgraded to the Darwin release, see [Prisma Cloud user role](https://docs.prismacloud.io/en/enterprise-edition/content-collections/administration/prisma-cloud-administrator-roles). +For the permissions associated with each role, see [Prisma Cloud Administrator Permissions](https://docs.prismacloud.io/en/classic/cspm-admin-guide/manage-prisma-cloud-administrators/prisma-cloud-admin-permissions). If you are upgraded to the Darwin release, see [Prisma Cloud Administrator Permissions](https://docs.prismacloud.io/en/enterprise-edition/content-collections/administration/prisma-cloud-admin-permissions). ### CSPM API Authorization To have the right authorization for a CSPM API request, follow the high-level steps below: -1. [Obtain an access key](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/manage-prisma-cloud-administrators/create-access-keys.html) from your Prisma Cloud system administrator. +1. [Obtain an access key](https://docs-preview.prismacloud.io/en/classic/cspm-admin-guide/manage-prisma-cloud-administrators/create-access-keys) from your Prisma Cloud system administrator. If you are upgraded to the Darwin release, see [Obtain an access key](https://docs.prismacloud.io/en/enterprise-edition/content-collections/administration/create-access-keys). 2. Make a CSPM API request to [log in](/prisma-cloud/api/cspm/app-login) . A successful request returns a JSON Web Token (JWT). Almost all CSPM API requests use this JWT for authorization. diff --git a/products/prisma-cloud/docs/cspm/cspm-gs.md b/products/prisma-cloud/docs/cspm/cspm-gs.md index 8e83e0acc..9dd7c82c8 100644 --- a/products/prisma-cloud/docs/cspm/cspm-gs.md +++ b/products/prisma-cloud/docs/cspm/cspm-gs.md @@ -35,7 +35,7 @@ cURL is a command line tool for transferring data with URLS and has been in deve ## Use cURL to Generate JWT Tokens in Prisma Cloud -The first step is to generate access keys which are a secure way for enabling programmatic access to the Prisma Cloud REST API. Access keys have two components; Access Key ID and Secret Key which should be copied and saved in a secure location for later reuse as they’re not stored in Prisma Cloud. Refer to the Prisma Cloud documentation for instructions on [how to create an access key](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/manage-prisma-cloud-administrators/create-access-keys.html#idb225a52a-85ea-4b0c-9d69-d2dfca250e16). You can then use cURL to generate your x-redlock-auth JWT token with the following command: +The first step is to generate access keys which are a secure way for enabling programmatic access to the Prisma Cloud REST API. Access keys have two components; Access Key ID and Secret Key which should be copied and saved in a secure location for later reuse as they’re not stored in Prisma Cloud. Refer to the Prisma Cloud documentation for instructions on [how to create an access key](https://docs.prismacloud.io/en/classic/cspm-admin-guide/manage-prisma-cloud-administrators/create-access-keys). If you are upgraded to Darwin, see [how to create an access key](https://docs.prismacloud.io/en/enterprise-edition/content-collections/administration/create-access-keys). You can then use cURL to generate your x-redlock-auth JWT token with the following command: curl -X POST \