PCN resources

pcn/infrastructure

CloudAccountCleaner

Used for garbage collection of all objects in an account that have not been updated since the provided time.

Example

{ "date": "2021-03-16 09:30:04 -0700 PDT" }

Relations

Initiates a cloud account clean up process for all stale objects.

Attributes

Type: time
The date after which objects must be cleaned.

CloudAddress

Managed the list of IP addresses associated with an interface.

Example

{ "IPVersion": "IPv4", "primary": true, "privateDNSName": "ip-172-20-53-29.us-west-2.compute.internal", "privateIP": "10.1.1.2", "publicDNSName": "ip-172-20-53-29.us-west-2.compute.internal", "publicIP": "10.1.1.2" }

Attributes

Designates IPv4 or IPv6.
Type: boolean
Designates the IP address as the primary IP address.
Type: string
The private DNS name associated with the address.
Type: string
The private IP address value.
Type: network
Internal representation of the private IP to accelerate operations. Not exposed to users.
Type: string
The private DNS name associated with the address.
Type: string
The private IP address value.
Type: network
Internal representation of public IP addresses to accelerate operations. Not exposed to users.

CloudAlert

Creates a Prisma Cloud policy and corresponding alert rules.

Example

{ "name": "the name", "protected": false }

Relations

Deletes the the Prisma Cloud policy with the given ID.
Retrieves the Prisma Cloud policy with the given ID.
Parameters:
  • q (string): Filtering query. Consequent q parameters will form an or.
Updates the Prisma Cloud policy with the given ID.

Attributes

Type: string
Identifier of the object.
Stores additional information about an entity.
Type: []string
List of tags attached to an entity.
Type: []string
The list of policies that apply to this alert.
Type: string
Description of the object.
Type: string
Name of the entity.
Type: string
Namespace tag attached to an entity.
Type: []string
Contains the list of normalized tags of the entities.
Type: []string
Type of notifications.
Type: boolean
Defines if the object is protected.
Selector of namespaces where this alert rule must apply. If empty it applies to current namespace.

CloudEndpoint

Manages the list of endpoints available in a cloud deployment.

Example

{ "APIID": 12344555, "VPCID": "vpc-023419c5952374917", "accountID": 9123450055, "cloudType": "AWS", "customerID": 1234455, "name": "myobject", "nativeID": "subnet-0ae4a90153dfb642c", "policyReferences": [ "sg-123" ], "protected": false, "regionName": "AWS Tokyo", "resourceID": 12344555 }

Relations

List of endpoints associated with the deployment.
Parameters:
  • q (string): Filtering query. Consequent q parameters will form an or.
Creates a cloud endpoint.
Deletes the object with the given ID.
Retrieves the endpoint with the given ID.
Updates the endpoint with the given ID.

Attributes

Type: integer
Prisma Cloud API ID (matches Prisma Cloud API ID).
Type: string
Identifier of the object.
Type: string
ID of the host VPC.
Type: string
Cloud account ID associated with the entity (matches Prisma Cloud accountID).
Stores additional information about an entity.
Type: []string
List of tags attached to an entity.
Type: []string
Internal representation of object tags retrieved from the cloud provider.
Type: string
Cloud type of the entity.
Type: time
Creation date of the object.
Type: integer
Customer ID as identified by Prisma Cloud.
Type: time
The time that the object was first ingested.
Type: string
Name of the object (optional).
Type: string
Namespace tag attached to an entity.
Type: string
ID of the cloud provider object.
Type: []string
Contains the list of normalized tags of the entities.
Endpoint related parameters.
Type: []string
A list of policy references associated with this cloud node.
Type: boolean
Defines if the object is protected.
Type: string
Region name associated with the entity.
Type: integer
Prisma Cloud Resource ID.
Type: time
Last update date of the object.

CloudEndpointData

Parameters associated with a cloud endpoint.

Example

{ "VPCAttached": false, "attachedInterfaces": [ "eni-12344", "eni-33333" ], "forwardingEnabled": false, "hasPublicIP": false, "serviceType": "NotApplicable", "type": "Instance" }

Attributes

Type: boolean
Indicates that the endpoint is directly attached to the VPC. In this case the attachedInterfaces is empty. In general this is only valid for endpoint type Gateway and Peering Connection.
Type: []string
The list of VPCs that this endpoint is directly attached to.
Type: []string
List of route tables associated with this endpoint. Depending on cloud provider it can apply in some gateways.
Type: []string
A list of interfaces attached with the endpoint. In some cases endpoints can have more than one interface.
Type: boolean
If the endpoint has multiple connections and forwarding can be enabled between them.
Type: boolean
Indicates if the endpoint has a public IP address.
Type: string
The imageID of running in the endpoint. Available for instances and potentially other 3rd parties. This can be the AMI ID in AWS or corresponding instance imageID in other clouds.
Product related metadata associated with this endpoint.
Type: string
Identifies the name of the service for service endpoints.
Identifies the service type that this endpoint represents (example Gateway Load Balancer).
Default value:
"NotApplicable"

CloudEndpointDataProductInfo

Parameters associated with a cloud endpoint data product.

Attributes

Type: string
The ID of the corresponding product.
Type: string
The type of the product.

CloudGraph

Returns a data structure representing the graph of all cloud nodes and their connections in a particular namespace.

Relations

Creates a cloud dependency graph based on ingested data and the required parameters.
Initiates a calculation of the query and retrieves the results in CloudGraph.

Attributes

Refers to the nodes of the map.
The cloud network query that should be used. This requires a POST operation on the object.
The set of destinations that have been discovered based on the query and their associated verdicts.

CloudGraphNode

Returns a data structure representing the graph of all cloud nodes and their connections in a particular namespace.

Attributes

Type: string
The native ID of the node.
Type: cloudnode
Details about the node if the query type requests full details.
The policies that were applied to this node for each destination.
The list of route tables IDs that forwarding was based on for the internal path, if routing was performed.
Type: string
The type of the node as a string.

CloudGraphNodeAction

Describes the action and corresponding policy that resulted in this decision.

Attributes

Type: string
The action that is been applied for the particular destination.
Type: string
The ID of the policies that were used in the path.

CloudInterfaceData

Parameters associated with a cloud interface.

Example

{ "attachmentType": "Instance", "routeTableID": [ "rt1233" ], "subnets": [ "subnet-074c152ae45ea0c73" ] }

Attributes

List of IP addresses/subnets (IPv4 or IPv6) associated with the interface.
Type: string
If the interface is of type or external, the relatedObjectID identifies the related service or gateway.
Type: string
The route table that must be used for this interface. Applies to Transit Gateways and other special types.
Type: []string
Security tags associated with the instance.
Type: []string
ID of subnet associated with this interface.

CloudManagedNetwork

A cloud managed network represents a set of enterprise subnets that can be used in policies.

Example

{ "APIID": 12344555, "VPCID": "vpc-023419c5952374917", "accountID": 9123450055, "cloudType": "AWS", "customerID": 1234455, "name": "myobject", "nativeID": "subnet-0ae4a90153dfb642c", "policyReferences": [ "sg-123" ], "protected": false, "regionName": "AWS Tokyo", "resourceID": 12344555, "type": "Enterprise" }

Relations

Retrieves the list of cloud attachments.
Parameters:
  • q (string): Filtering query. Consequent q parameters will form an or.
Creates a cloud managed network.
Deletes the object with the given ID.
Retrieves the object with the given ID.
Parameters:
Updates the object with the given ID.

Attributes

Type: integer
Prisma Cloud API ID (matches Prisma Cloud API ID).
Type: string
Identifier of the object.
Type: string
ID of the host VPC.
Type: string
Cloud account ID associated with the entity (matches Prisma Cloud accountID).
Stores additional information about an entity.
Type: []string
List of tags attached to an entity.
Type: []string
Internal representation of object tags retrieved from the cloud provider.
Type: string
Cloud type of the entity.
Type: time
Creation date of the object.
Type: integer
Customer ID as identified by Prisma Cloud.
Type: []string
List of CIDRs.
Type: time
The time that the object was first ingested.
Type: string
Name of the object (optional).
Type: string
Namespace tag attached to an entity.
Type: string
ID of the cloud provider object.
Type: []string
Contains the list of normalized tags of the entities.
Type: []string
A list of policy references associated with this cloud node.
Type: boolean
Defines if the object is protected.
Type: string
Region name associated with the entity.
Type: integer
Prisma Cloud Resource ID.
The type of cloud managed network.
Default value:
"Enterprise"
Type: time
Last update date of the object.

CloudNetworkInterface

Manages the set of network interfaces that are associated with endpoints.

Example

{ "APIID": 12344555, "VPCID": "vpc-023419c5952374917", "accountID": 9123450055, "cloudType": "AWS", "customerID": 1234455, "name": "myobject", "nativeID": "subnet-0ae4a90153dfb642c", "policyReferences": [ "sg-123" ], "protected": false, "regionName": "AWS Tokyo", "resourceID": 12344555 }

Relations

Retrieve the list of network interfaces associated with the deployment.
Parameters:
  • q (string): Filtering query. Consequent q parameters will form an or.
Creates a cloud network interface.
Deletes the network interface with the given ID.
Retrieves the network interface with the given ID.
Parameters:
  • q (string): Filtering query. Consequent q parameters will form an or.
Updates the network interface with the given ID.

Attributes

Type: integer
Prisma Cloud API ID (matches Prisma Cloud API ID).
Type: string
Identifier of the object.
Type: string
ID of the host VPC.
Type: string
Cloud account ID associated with the entity (matches Prisma Cloud accountID).
Stores additional information about an entity.
Type: []string
List of tags attached to an entity.
Type: []string
Internal representation of object tags retrieved from the cloud provider.
Type: string
Cloud type of the entity.
Type: time
Creation date of the object.
Type: integer
Customer ID as identified by Prisma Cloud.
Type: time
The time that the object was first ingested.
Type: string
Name of the object (optional).
Type: string
Namespace tag attached to an entity.
Type: string
ID of the cloud provider object.
Type: []string
Contains the list of normalized tags of the entities.
Cloud network interface related parameters.
Type: []string
A list of policy references associated with this cloud node.
Type: boolean
Defines if the object is protected.
Type: string
Region name associated with the entity.
Type: integer
Prisma Cloud Resource ID.
Type: time
Last update date of the object.

CloudNetworkQuery

Provides the parameters for an effective network permissions query.

Example

{ "destinationProtocol": -1, "excludeEnterpriseIPs": false, "includeUnreachable": false, "name": "the name", "protected": false, "type": "Summary" }

Relations

Retrieves the list of cloud network queries.
Parameters:
  • q (string): Filtering query. Consequent q parameters will form an or.
Creates a cloud network query.
Deletes the the cloud query with the given ID.
Retrieves the cloud query with the given ID.
Parameters:
  • q (string): Filtering query. Consequent q parameters will form an or.
Updates the cloud query with the given ID.
Initiates a calculation of the query and retrieves the results in CloudGraph.
Retrieves the policies associated with this query.
Creates a policy associated with this query.

Attributes

Type: string
Identifier of the object.
Stores additional information about an entity.
Type: []string
List of tags attached to an entity.
Type: string
Description of the object.
Type: string
The destination IP of a trace route request. Might not always be an endpoint.
Type: _portlist
The destination port or ports that should be used for the trace route command.
Type: integer
The destination protocol that should be used for the trace route commands.
Default value:
-1
A filter for selecting destinations for the query.
Type: boolean
If set, the evaluation will exclude enterprise IPs from the effective permissions.
Type: boolean
If set, the query result will return all destinations including the unreachable ones.
Type: string
Name of the entity.
Type: string
Namespace tag attached to an entity.
Type: []string
Contains the list of normalized tags of the entities.
Type: boolean
Defines if the object is protected.
Type: string
The source IP of a trace route request. Might not be always and endpoint.
A filter for selecting the sources of the request.
Indicates the type of results that should be provided by the query.
Default value:
"Summary"

CloudNetworkQueryDestination

Returns the set of discovered destinations and the associated verdicts.

Attributes

Type: string
Returns the native ID of the indirect node.
Type: boolean
Returns true if this is an indirect path through an forwarding entities.
Type: boolean
Returns true if the destination is reachable through routing.
Type: string
Returns the network security verdict for the destination.

CloudNetworkQueryFilter

Captures the parameters allowed in a query filter for a net effective permissions request.

Example

{ "accountIDs": [ "account1" ], "cloudTypes": [ "AWS" ], "regions": [ "us-west-1" ], "resourceType": "Instance" }

Attributes

Type: []string
The VPC ID of the target resources.
Type: []string
The accounts that the search must apply to. These are the actually IDs of the account as provided by the cloud provider. One or more IDs can be included.
Type: []string
The cloud types that the search must apply to.
Type: []string
A list of imageIDs that endpoints can be filtered with. Applies only to resourceType Endpoint.
Type: []string
The exact object that the search applies. If ObjectIDs are defined, the rest of the fields are ignored. An object ID can refer to an instance, VPC endpoint, or network interface.
Type: string
Restricts the query on only endpoints with the given productInfoType.
Type: string
Restricts the query to only endpoints with the provided productInfoValue. Does not apply to other resource types.
Type: []string
The region that the search must apply to.
The type of endpoint resource. The resource type is a mandatory field and a query cannot span multiple resource types.
Default value:
"Instance"
Type: []string
The list of security tags associated with the targets of the query. Security tags refer to security groups in AWS or network tags in GCP. So they can have different meaning depending on the target cloud.
Type: []string
Identifies the owner of the service that the resource is attached to. Field is not valid if the resource type is not an interface.
Type: []string
Identifies the type of service that the interface is attached to. Field is not valid if the resource type is not an interface.
Type: []string
The subnets where the resources must reside. A subnet parameter can only be provided for a network interface resource type.
Type: []string
A list of tags that select the same of endpoints for the query. These tags refer to the tags attached to the resources in the cloud provider definitions.

CloudNetworkRule

Represents an ingress or egress network rule.

Example

{ "action": "Allow" }

Attributes

Defines the action to apply to a flow.
  • Allow: allows the defined traffic.
  • Reject: rejects the defined traffic; useful in conjunction with an allow all policy.
Default value:
"Allow"
Type: []string
A list of IP CIDRS that identify remote endpoints.
Identifies the set of remote workloads that the rule relates to. The selector will identify both processing units as well as external networks that match the selector.
Type: integer
Priority of the rule. Available only for cloud ACLs.
Type: []string
Represents the ports and protocols this policy applies to. Protocol/ports are defined as tcp/80, udp/22. For protocols that do not have ports, the port designation is not allowed.
An internal representation of the networks to increase performance. Not visible to end users.

CloudNetworkRuleSet

A CloudNetworkRuleSet represents a set of cloud network security groups or firewall rules as they apply to the infrastructure.

Example

{ "APIID": 12344555, "VPCID": "vpc-023419c5952374917", "accountID": 9123450055, "cloudType": "AWS", "customerID": 1234455, "name": "myobject", "nativeID": "subnet-0ae4a90153dfb642c", "policyReferences": [ "sg-123" ], "protected": false, "regionName": "AWS Tokyo", "resourceID": 12344555 }

Relations

Retrieves the list of cloud network rule set policies.
Parameters:
  • q (string): Filtering query. Consequent q parameters will form an or.
  • propagated (boolean): Also retrieve the objects that propagate down.
Creates a cloud network ruleset.
Deletes the object with the given ID.
Retrieves the object with the given ID.
Updates the object with the given ID.

Attributes

Type: integer
Prisma Cloud API ID (matches Prisma Cloud API ID).
Type: string
Identifier of the object.
Type: string
ID of the host VPC.
Type: string
Cloud account ID associated with the entity (matches Prisma Cloud accountID).
Stores additional information about an entity.
Type: []string
List of tags attached to an entity.
Type: []string
Internal representation of object tags retrieved from the cloud provider.
Type: string
Cloud type of the entity.
Type: time
Creation date of the object.
Type: integer
Customer ID as identified by Prisma Cloud.
Type: time
The time that the object was first ingested.
Type: string
Name of the object (optional).
Type: string
Namespace tag attached to an entity.
Type: string
ID of the cloud provider object.
Type: []string
Contains the list of normalized tags of the entities.
Cloud network ruleset data.
Type: []string
A list of policy references associated with this cloud node.
Type: boolean
Defines if the object is protected.
Type: string
Region name associated with the entity.
Type: integer
Prisma Cloud Resource ID.
Type: time
Last update date of the object.

CloudNetworkRuleSetData

Parameters associated with a cloud network rule set.

Example

{ "type": "SecurityGroup" }

Attributes

The set of rules to apply to incoming traffic (traffic coming to the Processing Unit matching the subject).
The set of rules to apply to outgoing traffic (traffic coming from the Processing Unit matching the subject).
A tag expression identifying used to match processing units to which this policy applies to.
Type identifies if this is a security group rule set or ACL.

CloudNode

Manages the list of cloud nodes available in a cloud deployment.

Example

{ "APIID": 12344555, "VPCID": "vpc-023419c5952374917", "accountID": 9123450055, "cloudType": "AWS", "customerID": 1234455, "name": "myobject", "nativeID": "subnet-0ae4a90153dfb642c", "policyReferences": [ "sg-123" ], "protected": false, "regionName": "AWS Tokyo", "resourceID": 12344555, "type": "Endpoint" }

Relations

Retrieves the list of cloud nodes.
Parameters:
  • q (string): Filtering query. Consequent q parameters will form an or.
Deletes the cloud node with the given ID.
Retrieves the cloud node with the given ID.

Attributes

Type: integer
Prisma Cloud API ID (matches Prisma Cloud API ID).
Type: string
Identifier of the object.
Type: string
ID of the host VPC.
Type: string
Cloud account ID associated with the entity (matches Prisma Cloud accountID).
Stores additional information about an entity.
Type: []string
List of tags attached to an entity.
Type: []string
The list of attachments for this node.
Type: []string
Internal representation of object tags retrieved from the cloud provider.
Type: string
Cloud type of the entity.
Type: time
Creation date of the object.
Type: integer
Customer ID as identified by Prisma Cloud.
Type: time
The time that the object was first ingested.
Type: string
Name of the object (optional).
Type: string
Namespace tag attached to an entity.
Type: string
ID of the cloud provider object.
Type: []string
Contains the list of normalized tags of the entities.
The cloud attributes of the object.
Type: []string
A list of policy references associated with this cloud node.
Type: boolean
Defines if the object is protected.
Type: string
Region name associated with the entity.
Type: string
A reference to a related object.
Type: integer
Prisma Cloud Resource ID.
Type: []string
List of security tags associated with the node.
Type: string
The sub-type of the object as found in the parameters. Used for indexing.
Type: time
Last update date of the object.

CloudPolicy

Creates a Prisma Cloud policy and corresponding alert rules.

Example

{ "name": "the name", "protected": false, "severity": "Low" }

Relations

Deletes the the Prisma Cloud policy with the given ID.
Retrieves the Prisma Cloud policy with the given ID.
Parameters:
  • q (string): Filtering query. Consequent q parameters will form an or.
Updates the Prisma Cloud policy with the given ID.
Retrieves the policies associated with this query.
Creates a policy associated with this query.

Attributes

Type: string
Identifier of the object.
Stores additional information about an entity.
Type: []string
List of tags attached to an entity.
Type: string
Description of the object.
Type: string
Name of the entity.
Type: string
Namespace tag attached to an entity.
Type: []string
Contains the list of normalized tags of the entities.
Type: string
Reference to the corresponding Prisma Cloud Policy ID.
Type: boolean
Defines if the object is protected.
Type: string
The query ID that this policy refers to. This is auto-calculated since it is derived from the parent.
The severity of a policy violation.

CloudRoute

Describes a route in a route table.

Example

{ "destinationIPv4CIDR": "10.1.1.32/24", "destinationIPv6CIDR": "2001:db8::/32", "destinationPrefixListID": "pl-1234", "nextHopID": "gw_123444444", "nextHopType": "LocalGateway" }

Attributes

Type: string
The Destination CIDR for the route.
Type: string
The destination IPV6 CIDR for the route.
Type: string
The destination is identified as a prefix list ID.
Type: string
The ID of the next hop object.
Type: network
Internal representation of IPv4 networks.
Type: network
Internal representation of IPv6 networks.

CloudRouteData

Parameters associated with a cloud route table.

Example

{ "gatewayID": "tgw-009251c49cf46d940", "mainTable": true, "subnetAssociations": [ "subnet-096bb677ed112475d" ] }

Attributes

Type: string
The gateway that this route table is associated with.
Type: boolean
Indicates that this is the default route table for the VPC.
Routes associated with this route table.
Type: []string
The list of subnets that this route table is associated with.

CloudRouteTable

Manages the list of route tables available in a cloud deployment.

Example

{ "APIID": 12344555, "VPCID": "vpc-023419c5952374917", "accountID": 9123450055, "cloudType": "AWS", "customerID": 1234455, "name": "myobject", "nativeID": "subnet-0ae4a90153dfb642c", "policyReferences": [ "sg-123" ], "protected": false, "regionName": "AWS Tokyo", "resourceID": 12344555 }

Relations

Retrieves the list of routing tables.
Parameters:
  • q (string): Filtering query. Consequent q parameters will form an or.
Creates a new routing table.
Deletes the route table with the given ID.
Parameters:
  • q (string): Filtering query. Consequent q parameters will form an or.
Retrieves the route table with the given ID.
Updates the route table with the given ID.

Attributes

Type: integer
Prisma Cloud API ID (matches Prisma Cloud API ID).
Type: string
Identifier of the object.
Type: string
ID of the host VPC.
Type: string
Cloud account ID associated with the entity (matches Prisma Cloud accountID).
Stores additional information about an entity.
Type: []string
List of tags attached to an entity.
Type: []string
Internal representation of object tags retrieved from the cloud provider.
Type: string
Cloud type of the entity.
Type: time
Creation date of the object.
Type: integer
Customer ID as identified by Prisma Cloud.
Type: time
The time that the object was first ingested.
Type: string
Name of the object (optional).
Type: string
Namespace tag attached to an entity.
Type: string
ID of the cloud provider object.
Type: []string
Contains the list of normalized tags of the entities.
Route table related parameters.
Type: []string
A list of policy references associated with this cloud node.
Type: boolean
Defines if the object is protected.
Type: string
Region name associated with the entity.
Type: integer
Prisma Cloud Resource ID.
Type: time
Last update date of the object.

CloudSnapshotAccount

Initiates a poll for a particular account. Data are stored in the current namespace.

Example

{ "cloudType": "AWS", "name": "account-foo", "protected": false }

Relations

Initiates a cloud account for snapshot data ingestion.

Attributes

Stores additional information about an entity.
Type: []string
List of tags attached to an entity.
The cloud type for the account.
Default value:
"AWS"
Type: string
The name of the account.
Type: string
Namespace tag attached to an entity.
Type: []string
Contains the list of normalized tags of the entities.
Type: boolean
Defines if the object is protected.

CloudSubnet

Manages the list of subnets associated with a deployment.

Example

{ "APIID": 12344555, "VPCID": "vpc-023419c5952374917", "accountID": 9123450055, "cloudType": "AWS", "customerID": 1234455, "name": "myobject", "nativeID": "subnet-0ae4a90153dfb642c", "policyReferences": [ "sg-123" ], "protected": false, "regionName": "AWS Tokyo", "resourceID": 12344555 }

Relations

Retrieves the list of subnets.
Parameters:
  • q (string): Filtering query. Consequent q parameters will form an or.
Creates a cloud subnet.
Deletes the subnet with the given ID.
Retrieves the subnet with the given ID.
Parameters:
  • q (string): Filtering query. Consequent q parameters will form an or.
Updates the subnet with the given ID.

Attributes

Type: integer
Prisma Cloud API ID (matches Prisma Cloud API ID).
Type: string
Identifier of the object.
Type: string
ID of the host VPC.
Type: string
Cloud account ID associated with the entity (matches Prisma Cloud accountID).
Stores additional information about an entity.
Type: []string
List of tags attached to an entity.
Type: []string
Internal representation of object tags retrieved from the cloud provider.
Type: string
Cloud type of the entity.
Type: time
Creation date of the object.
Type: integer
Customer ID as identified by Prisma Cloud.
Type: time
The time that the object was first ingested.
Type: string
Name of the object (optional).
Type: string
Namespace tag attached to an entity.
Type: string
ID of the cloud provider object.
Type: []string
Contains the list of normalized tags of the entities.
Subnet related parameters.
Type: []string
A list of policy references associated with this cloud node.
Type: boolean
Defines if the object is protected.
Type: string
Region name associated with the entity.
Type: integer
Prisma Cloud Resource ID.
Type: time
Last update date of the object.

CloudSubnetData

Parameters associated with a subnet.

Example

{ "address": "10.0.0.0/8", "zoneID": "aws-east", "zoneName": "aws-east" }

Attributes

Type: string
Address CIDR of the Subnet.
Type: string
The availability zone ID of the subnet.
Type: string
The availability zone of the subnet.

CloudVPC

A CloudVPC represents a VPC as defined in an cloud provider (AWS/Azure/GCP etc). The VPC is essentially an L3 routing domain with at least one subnet attached and it defines an isolated network.

Example

{ "APIID": 12344555, "VPCID": "vpc-023419c5952374917", "accountID": 9123450055, "cloudType": "AWS", "customerID": 1234455, "name": "myobject", "nativeID": "subnet-0ae4a90153dfb642c", "policyReferences": [ "sg-123" ], "protected": false, "regionName": "AWS Tokyo", "resourceID": 12344555 }

Relations

Retrieves the list of VPCs.
Parameters:
  • q (string): Filtering query. Consequent q parameters will form an or.
Creates a cloud VPC.
Deletes the object with the given ID.
Retrieves the object with the given ID.
Updates the object with the given ID.

Attributes

Type: integer
Prisma Cloud API ID (matches Prisma Cloud API ID).
Type: string
Identifier of the object.
Type: string
ID of the host VPC.
Type: string
Cloud account ID associated with the entity (matches Prisma Cloud accountID).
Stores additional information about an entity.
Type: []string
List of tags attached to an entity.
Type: []string
Internal representation of object tags retrieved from the cloud provider.
Type: string
Cloud type of the entity.
Type: time
Creation date of the object.
Type: integer
Customer ID as identified by Prisma Cloud.
Type: time
The time that the object was first ingested.
Type: string
Name of the object (optional).
Type: string
Namespace tag attached to an entity.
Type: string
ID of the cloud provider object.
Type: []string
Contains the list of normalized tags of the entities.
VPC related parameters.
Type: []string
A list of policy references associated with this cloud node.
Type: boolean
Defines if the object is protected.
Type: string
Region name associated with the entity.
Type: integer
Prisma Cloud Resource ID.
Type: time
Last update date of the object.

CloudVPCData

Managed the list of IP addresses associated with an interface.

Example

{ "address": "10.0.0.0/8" }

Attributes

Type: string
Address CIDR of the VPC.

PollAccount

Initiates a poll for a particular account. Data are stored in the current namespace.

Example

{ "accountID": 912303033, "authorizationRegion": "us-east-1", "cloudType": "AWS", "name": "account-foo", "role": "ec2-read", "targetRegions": [ "us-east-1", "us-east-2" ] }

Relations

Initiates a poll to a new account.

Attributes

Type: string
The ID of the account.
Type: string
The region to use for authorization.
The cloud type for the account.
Default value:
"AWS"
Type: string
The name of the account.
Type: string
The role that it should use to poll the account.
Type: []string
Limit polling to these regions only. If empty, all regions will be polled.

Recommended For You