Skip to content

Commit

Permalink
Merge pull request #752 from PaloAltoNetworks/pascal1-api-ref
Browse files Browse the repository at this point in the history
pascal1-api-ref
  • Loading branch information
smitapaloalto authored Oct 9, 2024
2 parents 8798f98 + c546fb1 commit a6ac432
Show file tree
Hide file tree
Showing 565 changed files with 116,224 additions and 38 deletions.
18 changes: 9 additions & 9 deletions docusaurus.config.js
Original file line number Diff line number Diff line change
Expand Up @@ -840,8 +840,8 @@ const config = {
specPath: "openapi-specs/compute",
outputDir: "products/compute/api",
sidebarOptions: { groupPathsBy: "tag", categoryLinkSource: "tag" },
version: "33.00",
label: "v33.00",
version: "33.01",
label: "v33.01",
showExtensions: true,
hideSendButton: true,
baseUrl: "/compute/api/",
Expand All @@ -860,13 +860,6 @@ const config = {
},
},
},
compute_3203: {
specPath: "openapi-specs/compute/32-03",
outputDir: "products/compute/api/32-03",
showExtensions: true,
sidebarOptions: { groupPathsBy: "tag", categoryLinkSource: "tag" },
baseUrl: "/compute/api/32-03/",
},
compute_3204: {
specPath: "openapi-specs/compute/32-04",
outputDir: "products/compute/api/32-04",
Expand Down Expand Up @@ -895,6 +888,13 @@ const config = {
sidebarOptions: { groupPathsBy: "tag", categoryLinkSource: "tag" },
baseUrl: "/compute/api/32-07/",
},
compute_3300: {
specPath: "openapi-specs/compute/33-00",
outputDir: "products/compute/api/33-00",
showExtensions: true,
sidebarOptions: { groupPathsBy: "tag", categoryLinkSource: "tag" },
baseUrl: "/compute/api/33-00/",
},
},
},
],
Expand Down
11 changes: 11 additions & 0 deletions openapi-specs/compute/33-00/desc/SCAP/get.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
This endpoint will return any SCAP datastreams uploaded to the console. This endpoint will return a 404 error if you have not configured your console to consume SCAP datastreams.

The following is an example curl command that uses basic auth to retrieve any uploaded datastreams configured for SCAP scanning:

```bash
$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X GET \
https://<CONSOLE>:8083/api/v1/scap
```
11 changes: 11 additions & 0 deletions openapi-specs/compute/33-00/desc/SCAP/id_delete.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
This endpoint will delete any SCAP datastreams uploaded to the console. You can find `xml_name` from the `GET /api/v1/scap` endpoint.

The following is an example curl command that uses basic auth to delete an uploaded datastreams configured for SCAP scanning:

```bash
$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X DELETE \
https://<CONSOLE>:8083/api/v1/scap/{xml_name}
```
12 changes: 12 additions & 0 deletions openapi-specs/compute/33-00/desc/SCAP/post.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
This endpoint will allow you to add a SCAP datastream to the console.

The following is an example curl command that uses basic auth to add an uploaded datastreams configured for SCAP scanning:

```bash
$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X POST \
-d '{"XMLName":{"Space":"","Local":""}}' \
https://<CONSOLE>:8083/api/v1/scap
```
2 changes: 2 additions & 0 deletions openapi-specs/compute/33-00/desc/SCAP/scap.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
Import custom security checklists and evaluate them against your container images.
Custom checklists complement the predefined compliance checks provided in the default Prisma Cloud Compute installation.
1 change: 1 addition & 0 deletions openapi-specs/compute/33-00/desc/_ping/_ping.md
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Checks if the Console is alive, responsive, and reachable from your network host.
14 changes: 14 additions & 0 deletions openapi-specs/compute/33-00/desc/_ping/get.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
Checks if Console is reachable from your network host.

### cURL Request

Refer to the following cURL example command that pings Console and prints the HTTP response code:

```bash
$ curl -k \
-s \
-o /dev/null \
-w "%{http_code}\n" \
-X GET \
https://<CONSOLE>/api/v<VERSION>/_ping
```
6 changes: 6 additions & 0 deletions openapi-specs/compute/33-00/desc/agentless/agentless.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
The agentless security scan monitors hosts and containers for vulnerabilities and compliance risks by scanning the root volumes of snapshots without the need to install an agent.
Supported cloud service provider platforms for agentless scanning:
* Hosts - Amazon AWS, Google Cloud Platform, Microsoft Azure, and Oracle Cloud Infrastructure.
* Containers- AWS, Azure, and GCP

When you add a cloud account in the Prisma Cloud Compute (Manage > Cloud accounts), enable the agentless scan option and configure the scan scope.
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
Shows the progress of an ongoing scan on hosts or containers for vulnerabilities and compliance.

### cURL Request

Refer to the following example cURL command:

```
$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X GET \
“https://<CONSOLE>/api/v<VERSION>/agentless/progress”
```

### cURL Response

Refer to the following example cURL response:

```
{
"hostname": "",
"id": "",
"scanTime": "2022-11-09T11:10:51.649Z",
"type": "agentlessHost",
"discovery": true,
"total": 5,
"scanned": 2,
"title": "Agentless discovering"
}
]
```
17 changes: 17 additions & 0 deletions openapi-specs/compute/33-00/desc/agentless/post_agentless_scan.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
Scans the hosts or containers for vulnerabilities and compliance.

**Before you begin**
Make sure that you download (use the agentless/templates API) and apply the permission templates in the supported cloud accounts: AWS, Azure, GCP, and OCI.


### cURL Request

Refer to the following example cURL command:

```
$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X POST \
“https://<CONSOLE>/api/v<VERSION>/agentless/scan”
```
13 changes: 13 additions & 0 deletions openapi-specs/compute/33-00/desc/agentless/post_agentless_stop.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
Stops an ongoing scan on hosts or containers for vulnerabilities and compliance.

### cURL Request

Refer to the following example cURL command:

```
$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X POST \
“https://<CONSOLE>/api/v<VERSION>/agentless/stop”
```
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
Downloads a tarball file that contains the agentless resource permission templates for the cloud accounts. Apply these permission templates to complete the onboarding process for agentless scanning.

* AWS: The tarball contains templates in JSON format ending with the following names:
* _aws_hub_target_user_permissions.json
* _aws_hub_user_permissions.json
* _aws_target_user_permissions.json

For more information on how to apply the permission templates, refer to the "Configure agentless scanning" section in the Prisma Cloud Compute administration guide.

* Azure: Use the following script, that comes bundled in the tarball file, to apply permission template to an Azure cloud account:
* apply_azure_permissions.sh: Run the script with a location (that specifies location of the resource) parameter. For more information on location parameters, see [resource location in ARM template](https://learn.microsoft.com/en-us/azure/azure-resource-manager/templates/resource-location?tabs=azure-cli).

* OCI: Use the following script, that comes bundled in the tarball file, to apply permission template to an OCI cloud account:
* pcc-apply-permissions.sh: Run the script with a compartment name parameter.

* GCP: The tarball contains Jinja templates in YAML format ending with the following names:
* _hub_target_access_permissions.yaml.jinja
* _hub_target_user_permissions.yaml.jinja
* _hub_user_permissions.yaml.jinja
* _target_user_permissions.yaml.jinja

For more information on how to apply the permission templates, refer to the "Configure agentless scanning" section in the Prisma Cloud Compute administration guide.

**Note**: The body parameter `credentialID` is required to download templates in tar.gz format.

### Before you begin
Add the supported cloud accounts (AWS, Azure, GCP, and OCI) in Prisma Cloud Compute.

### cURL Request

Refer to the following example cURL command:

```
$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X POST \
-O <agentlesstemplate.tar.gz> \
-d {"credentialID":"aws_docs"} \
“https://<CONSOLE>/api/v<VERSION>/agentless/templates”
```
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
Manage alert profiles, which let you surface critical policy breaches by sending alerts to channels, such as email, Slack, and JIRA.

Alert profiles define which events should be sent to which channel.
Each profile declares:

* One or more recipients.
* One or more triggers, that raise alerts by sending messages on the configured channel.

11 changes: 11 additions & 0 deletions openapi-specs/compute/33-00/desc/alert-profiles/get.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
Retrieve a list of all alert profiles created in the system.

The following example curl command uses basic auth to retrieve all alert profiles:

```bash
$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X GET \
https://<CONSOLE>:8083/api/v1/alert-profiles
```
14 changes: 14 additions & 0 deletions openapi-specs/compute/33-00/desc/alert-profiles/id_delete.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
Deletes an alert profile entry by name.
In the request payload, specify the alert profile name.
This method has no response data.

The following example curl command deletes an existing alert profile named `PROFILE-NAME`.

```bash
$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X DELETE \
https://<CONSOLE>:8083/api/v1/alert-profiles/<PROFILE-NAME>
```

20 changes: 20 additions & 0 deletions openapi-specs/compute/33-00/desc/alert-profiles/names_get.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
Retrieve a list of only the names of all alert profiles created in the system.

The following example curl command uses basic auth to retrieve all alert profiles' names:

```bash
$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X GET \
https://<CONSOLE>:8083/api/v1/alert-profiles/names
```

Example Response:

```
[
"jira",
"aqsa vulns"
]
```
32 changes: 32 additions & 0 deletions openapi-specs/compute/33-00/desc/alert-profiles/post.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
Update an existing alert profile created in the system.

The following example curl command uses basic auth to add a Jira Alert profile:

```bash
$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X POST \
https://<CONSOLE>:8083/api/v1/alert-profiles \
-d ' {
"name": "jira",
"_id": "jira",
"jira": {
"enabled": true,
"projectKey": "TWIS",
"issueType": "Task",
"priority": "High",
"labels": [],
"assignee": ""
}
"policy": {
"cve": {
"enabled": true,
"allRules": true,
"rules": [],
"clients": [
"jira"
]
}
} '
```
14 changes: 14 additions & 0 deletions openapi-specs/compute/33-00/desc/alert-profiles/test_post.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
Sends a test alert to verify successful configuration of the alert profile settings.

The following example curl command uses basic auth to send test alert for an email alert profile:

```bash
$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X POST \
-d <REQUEST-PAYLOAD>
https://<CONSOLE>:8083/api/v1/alert-profiles/test
```

In this case, the `REQUEST-PAYLOAD` would be the full JSON formatted alert profile from the base `GET` command
8 changes: 8 additions & 0 deletions openapi-specs/compute/33-00/desc/api_restrictions.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
Paginated API requests are capped to a max of 50 returned objects because very large responses could DoS Console.

If the response contains more than 50 objects, cycle through the collection with the `offset` query parameter to retrieve more objects.
For example:

```
https://<CONSOLE>/api/v1/images?limit=50&offset=X
```
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Prisma Cloud Compute creates and stores host application rules for your environment.
11 changes: 11 additions & 0 deletions openapi-specs/compute/33-00/desc/application-control/get.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
Retrieves the host application control rules.

The following example curl command uses basic auth to retrieve the control rules:

```bash
$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X GET \
“https://<CONSOLE>/api/v<VERSION>/application-control/host”
```
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Removes the given rule from the list of host application control rules.
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Update and inserts the host application control rule to the database and returns the upserted rule.
10 changes: 10 additions & 0 deletions openapi-specs/compute/33-00/desc/audits/access_delete.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
Deletes **all** access audits. This deletion cannot be undone.


```bash
$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X DELETE \
https://console:8083/api/v1/audits/access
```
12 changes: 12 additions & 0 deletions openapi-specs/compute/33-00/desc/audits/access_download_get.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
Returns the docker access audit events data in CSV format that are logged and aggregated for any container resource protected by a Defender in Prisma Cloud Compute.

**Note**: You can download the access events from Console under **Monitor > Events > Docker audits > Download CSV**.

```bash
$ curl -k \
-u <USER> \
-H 'Content-Type: text/csv' \
-X GET \
-O <access_audits.csv> \
"https://<CONSOLE>/api/v<VERSION>/audits/access/download?type=docker"
```
Loading

0 comments on commit a6ac432

Please sign in to comment.