Pascal update-2 API changes

docusaurus.config.js

@@ -1041,8 +1041,8 @@ const config = {
             specPath: "openapi-specs/compute",
             outputDir: "products/compute/api",
             sidebarOptions: { groupPathsBy: "tag", categoryLinkSource: "tag" },
-            version: "33.01",
-            label: "v33.01",
+            version: "33.02",
+            label: "v33.02",
             showExtensions: true,
             hideSendButton: true,
             baseUrl: "/compute/api/",
@@ -1061,13 +1061,6 @@ const config = {
               },
             },
           },
-          compute_3204: {
-            specPath: "openapi-specs/compute/32-04",
-            outputDir: "products/compute/api/32-04",
-            showExtensions: true,
-            sidebarOptions: { groupPathsBy: "tag", categoryLinkSource: "tag" },
-            baseUrl: "/compute/api/32-04/",
-          },
           compute_3205: {
             specPath: "openapi-specs/compute/32-05",
             outputDir: "products/compute/api/32-05",
@@ -1096,6 +1089,13 @@ const config = {
             sidebarOptions: { groupPathsBy: "tag", categoryLinkSource: "tag" },
             baseUrl: "/compute/api/33-00/",
           },
+          compute_3301: {
+            specPath: "openapi-specs/compute/33-01",
+            outputDir: "products/compute/api/33-01",
+            showExtensions: true,
+            sidebarOptions: { groupPathsBy: "tag", categoryLinkSource: "tag" },
+            baseUrl: "/compute/api/33-01/",
+          },
         },
       },
     ],

openapi-specs/compute/33-01/desc/SCAP/get.md

@@ -0,0 +1,11 @@
+This endpoint will return any SCAP datastreams uploaded to the console. This endpoint will return a 404 error if you have not configured your console to consume SCAP datastreams.
+
+The following is an example curl command that uses basic auth to retrieve any uploaded datastreams configured for SCAP scanning:
+
+```bash
+$ curl -k \
+  -u <USER> \
+  -H 'Content-Type: application/json' \
+  -X GET \
+  https://<CONSOLE>:8083/api/v1/scap
+```

openapi-specs/compute/33-01/desc/SCAP/id_delete.md

@@ -0,0 +1,11 @@
+This endpoint will delete any SCAP datastreams uploaded to the console. You can find `xml_name` from the `GET /api/v1/scap` endpoint.
+
+The following is an example curl command that uses basic auth to delete an uploaded datastreams configured for SCAP scanning:
+
+```bash
+$ curl -k \
+  -u <USER> \
+  -H 'Content-Type: application/json' \
+  -X DELETE \
+  https://<CONSOLE>:8083/api/v1/scap/{xml_name}
+```

openapi-specs/compute/33-01/desc/SCAP/post.md

@@ -0,0 +1,12 @@
+This endpoint will allow you to add a SCAP datastream to the console.
+
+The following is an example curl command that uses basic auth to add an uploaded datastreams configured for SCAP scanning:
+
+```bash
+$ curl -k \
+  -u <USER> \
+  -H 'Content-Type: application/json' \
+  -X POST \
+  -d '{"XMLName":{"Space":"","Local":""}}' \
+  https://<CONSOLE>:8083/api/v1/scap
+```

openapi-specs/compute/33-01/desc/SCAP/scap.md

@@ -0,0 +1,2 @@
+Import custom security checklists and evaluate them against your container images.
+Custom checklists complement the predefined compliance checks provided in the default Prisma Cloud Compute installation.

openapi-specs/compute/33-01/desc/_ping/_ping.md

@@ -0,0 +1 @@
+Checks if the Console is alive, responsive, and reachable from your network host.

openapi-specs/compute/33-01/desc/_ping/get.md

@@ -0,0 +1,14 @@
+Checks if Console is reachable from your network host.
+
+### cURL Request
+
+Refer to the following cURL example command that pings Console and prints the HTTP response code:
+
+```bash
+$ curl -k \
+  -s \
+  -o /dev/null \
+  -w "%{http_code}\n" \
+  -X GET \
+  https://<CONSOLE>/api/v<VERSION>/_ping
+```

openapi-specs/compute/33-01/desc/agentless/agentless.md

@@ -0,0 +1,6 @@
+The agentless security scan monitors hosts and containers for vulnerabilities and compliance risks by scanning the root volumes of snapshots without the need to install an agent. 
+Supported cloud service provider platforms for agentless scanning:
+* Hosts - Amazon AWS, Google Cloud Platform, Microsoft Azure, and Oracle Cloud Infrastructure. 
+* Containers- AWS, Azure, and GCP
+
+When you add a cloud account in the Prisma Cloud Compute (Manage > Cloud accounts), enable the agentless scan option and configure the scan scope.

openapi-specs/compute/33-01/desc/agentless/get_agentless_progress.md

@@ -0,0 +1,31 @@
+Shows the progress of an ongoing scan on hosts or containers for vulnerabilities and compliance.
+
+### cURL Request
+
+Refer to the following example cURL command:
+
+```
+$ curl -k \
+  -u <USER> \
+  -H 'Content-Type: application/json' \
+  -X GET \
+  “https://<CONSOLE>/api/v<VERSION>/agentless/progress”
+```
+
+### cURL Response
+
+Refer to the following example cURL response:
+
+```
+{
+    "hostname": "",
+    "id": "",
+    "scanTime": "2022-11-09T11:10:51.649Z",
+    "type": "agentlessHost",
+    "discovery": true,
+    "total": 5,
+    "scanned": 2,
+    "title": "Agentless discovering"
+  }
+]
+```

openapi-specs/compute/33-01/desc/agentless/post_agentless_scan.md

@@ -0,0 +1,17 @@
+Scans the hosts or containers for vulnerabilities and compliance.
+
+**Before you begin**
+Make sure that you download (use the agentless/templates API) and apply the permission templates in the supported cloud accounts: AWS, Azure, GCP, and OCI.
+
+
+### cURL Request
+
+Refer to the following example cURL command:
+
+```
+$ curl -k \
+  -u <USER> \
+  -H 'Content-Type: application/json' \
+  -X POST \
+  “https://<CONSOLE>/api/v<VERSION>/agentless/scan”
+```

openapi-specs/compute/33-01/desc/agentless/post_agentless_stop.md

@@ -0,0 +1,13 @@
+Stops an ongoing scan on hosts or containers for vulnerabilities and compliance.
+
+### cURL Request
+
+Refer to the following example cURL command:
+
+```
+$ curl -k \
+  -u <USER> \
+  -H 'Content-Type: application/json' \
+  -X POST \
+  “https://<CONSOLE>/api/v<VERSION>/agentless/stop”
+```

openapi-specs/compute/33-01/desc/agentless/post_agentless_templates.md

@@ -0,0 +1,41 @@
+Downloads a tarball file that contains the agentless resource permission templates for the cloud accounts. Apply these permission templates to complete the onboarding process for agentless scanning.
+
+* AWS: The tarball contains templates in JSON format ending with the following names:
+  * _aws_hub_target_user_permissions.json
+  * _aws_hub_user_permissions.json
+  * _aws_target_user_permissions.json
+
+For more information on how to apply the permission templates, refer to the "Configure agentless scanning" section in the Prisma Cloud Compute administration guide.
+
+* Azure: Use the following script, that comes bundled in the tarball file, to apply permission template to an Azure cloud account:
+  * apply_azure_permissions.sh: Run the script with a location (that specifies location of the resource) parameter. For more information on location parameters, see [resource location in ARM template](https://learn.microsoft.com/en-us/azure/azure-resource-manager/templates/resource-location?tabs=azure-cli). 
+
+* OCI: Use the following script, that comes bundled in the tarball file, to apply permission template to an OCI cloud account:
+  * pcc-apply-permissions.sh: Run the script with a compartment name parameter.
+
+* GCP: The tarball contains Jinja templates in YAML format ending with the following names:
+  * _hub_target_access_permissions.yaml.jinja
+  * _hub_target_user_permissions.yaml.jinja
+  * _hub_user_permissions.yaml.jinja
+  * _target_user_permissions.yaml.jinja
+
+For more information on how to apply the permission templates, refer to the "Configure agentless scanning" section in the Prisma Cloud Compute administration guide.
+
+**Note**: The body parameter `credentialID` is required to download templates in tar.gz format.
+
+### Before you begin
+Add the supported cloud accounts (AWS, Azure, GCP, and OCI) in Prisma Cloud Compute.
+
+### cURL Request
+
+Refer to the following example cURL command:
+
+```
+$ curl -k \
+  -u <USER> \
+  -H 'Content-Type: application/json' \
+  -X POST \
+  -O <agentlesstemplate.tar.gz> \
+  -d {"credentialID":"aws_docs"} \
+  “https://<CONSOLE>/api/v<VERSION>/agentless/templates”
+```

openapi-specs/compute/33-01/desc/alert-profiles/alert-profiles.md

@@ -0,0 +1,8 @@
+Manage alert profiles, which let you surface critical policy breaches by sending alerts to channels, such as email, Slack, and JIRA.
+
+Alert profiles define which events should be sent to which channel.
+Each profile declares:
+
+* One or more recipients.
+* One or more triggers, that raise alerts by sending messages on the configured channel.
+

openapi-specs/compute/33-01/desc/alert-profiles/get.md

@@ -0,0 +1,11 @@
+Retrieve a list of all alert profiles created in the system.
+
+The following example curl command uses basic auth to retrieve all alert profiles:
+
+```bash
+$ curl -k \
+  -u <USER> \
+  -H 'Content-Type: application/json' \
+  -X GET \
+  https://<CONSOLE>:8083/api/v1/alert-profiles
+```

openapi-specs/compute/33-01/desc/alert-profiles/id_delete.md

@@ -0,0 +1,14 @@
+Deletes an alert profile entry by name.
+In the request payload, specify the alert profile name. 
+This method has no response data.
+
+The following example curl command deletes an existing alert profile named `PROFILE-NAME`.
+
+```bash
+$ curl -k \
+  -u <USER> \
+  -H 'Content-Type: application/json' \
+  -X DELETE \
+  https://<CONSOLE>:8083/api/v1/alert-profiles/<PROFILE-NAME>
+```
+

openapi-specs/compute/33-01/desc/alert-profiles/names_get.md

@@ -0,0 +1,20 @@
+Retrieve a list of only the names of all alert profiles created in the system.
+
+The following example curl command uses basic auth to retrieve all alert profiles' names:
+
+```bash
+$ curl -k \
+  -u <USER> \
+  -H 'Content-Type: application/json' \
+  -X GET \
+  https://<CONSOLE>:8083/api/v1/alert-profiles/names
+```
+
+Example Response:
+
+```
+[
+    "jira",
+    "aqsa vulns"
+]
+```

openapi-specs/compute/33-01/desc/alert-profiles/post.md

@@ -0,0 +1,32 @@
+Update an existing alert profile created in the system.
+
+The following example curl command uses basic auth to add a Jira Alert profile:
+
+```bash
+$ curl -k \
+  -u <USER> \
+  -H 'Content-Type: application/json' \
+  -X POST \
+  https://<CONSOLE>:8083/api/v1/alert-profiles \
+  -d '  {
+    "name": "jira",
+    "_id": "jira",
+    "jira": {
+      "enabled": true,
+      "projectKey": "TWIS",
+      "issueType": "Task",
+      "priority": "High",
+      "labels": [],
+      "assignee": ""
+    }
+    "policy": {
+      "cve": {
+        "enabled": true,
+        "allRules": true,
+        "rules": [],
+        "clients": [
+          "jira"
+        ]
+      }
+    } '
+```

openapi-specs/compute/33-01/desc/alert-profiles/test_post.md

@@ -0,0 +1,14 @@
+Sends a test alert to verify successful configuration of the alert profile settings.
+
+The following example curl command uses basic auth to send test alert for an email alert profile:
+
+```bash
+$ curl -k \
+  -u <USER> \
+  -H 'Content-Type: application/json' \
+  -X POST \
+  -d <REQUEST-PAYLOAD>
+  https://<CONSOLE>:8083/api/v1/alert-profiles/test
+```
+
+In this case, the `REQUEST-PAYLOAD` would be the full JSON formatted alert profile from the base `GET` command 

openapi-specs/compute/33-01/desc/api_restrictions.md

@@ -0,0 +1,8 @@
+Paginated API requests are capped to a max of 50 returned objects because very large responses could DoS Console.
+
+If the response contains more than 50 objects, cycle through the collection with the `offset` query parameter to retrieve more objects.
+For example:
+
+```
+https://<CONSOLE>/api/v1/images?limit=50&offset=X
+```

openapi-specs/compute/33-01/desc/application-control/application-control.md

@@ -0,0 +1 @@
+Prisma Cloud Compute creates and stores host application rules for your environment.

openapi-specs/compute/33-01/desc/application-control/get.md

@@ -0,0 +1,11 @@
+Retrieves the host application control rules.
+
+The following example curl command uses basic auth to retrieve the control rules:
+
+```bash
+$ curl -k \
+  -u <USER> \
+  -H 'Content-Type: application/json' \
+  -X GET \
+  “https://<CONSOLE>/api/v<VERSION>/application-control/host”
+```

openapi-specs/compute/33-01/desc/application-control/id_delete.md

@@ -0,0 +1 @@
+Removes the given rule from the list of host application control rules.

openapi-specs/compute/33-01/desc/application-control/put.md

@@ -0,0 +1 @@
+ Update and inserts the host application control rule to the database and returns the upserted rule.

openapi-specs/compute/33-01/desc/audits/access_delete.md

@@ -0,0 +1,10 @@
+Deletes **all** access audits. This deletion cannot be undone. 
+
+
+```bash
+$ curl -k \
+  -u <USER> \
+  -H 'Content-Type: application/json' \
+  -X DELETE \
+  https://console:8083/api/v1/audits/access
+```

openapi-specs/compute/33-01/desc/audits/access_download_get.md

@@ -0,0 +1,12 @@
+Returns the docker access audit events data in CSV format that are logged and aggregated for any container resource protected by a Defender in Prisma Cloud Compute.
+
+**Note**: You can download the access events from Console under **Monitor > Events > Docker audits > Download CSV**.
+
+```bash
+$ curl -k \
+  -u <USER> \
+  -H 'Content-Type: text/csv' \
+  -X GET \
+  -O <access_audits.csv> \
+  "https://<CONSOLE>/api/v<VERSION>/audits/access/download?type=docker"
+```