1. Home
    2. Prisma
    3. Prisma Cloud
    4. Prisma™ Cloud Administrator's Guide
    5. Connect Your Cloud Platform to Prisma Cloud
    6. Onboard Your Oracle Cloud Infrastructure Account
    7. OCI APIs Ingested by Prisma Cloud

    OCI APIs Ingested by Prisma Cloud

    List of all the OCI APIs and their permissions that Prisma Cloud supports for your OCI-related resources.
    It is recommended that you update your existing Terraform template to support the new permissions. This new Terraform template update eliminates the need to contact OCI to request a service limit extension for the policy statements.
    Service
    API Name in Prisma Cloud
    Permissions
    Permissions (New Format)
    OCI Analytics
    oci-analytics-instance
    inspect analytics-instances
    read analytics-instances
    ANALYTICS_INSTANCE_INSPECT
    ANALYTICS_INSTANCE_READ
    OCI API Management
    oci-apimanagement-apigateway
    oci-apimanagement-apigateway-deployment
    inspect api-gateways
    read api-gateways
    inspect api-deployments
    read api-deployments
    API_GATEWAY_LIST
    API_GATEWAY_READ
    API_DEPLOYMENT_LIST
    API_DEPLOYMENT_READ
    OCI Bastion
    oci-bastion
    inspect bastion-family
    read bastion-family
    BASTION_INSPECT
    BASTION_READ
    BASTION_SESSION_INSPECT
    BASTION_SESSION_READ
    OCI Big Data Service
    oci-bigdataservice-instances
    inspect bds-instances
    read bds-instances
    BDS_INSPECT
    BDS_READ
    OCI Block Storage
    oci-block-storage-volume
    oci-block-storage-volume-backup
    inspect volumes
    read backup-policy-assignments
    read volume-backups
    VOLUME_BACKUP_INSPECT
    VOLUME_BACKUP_READ
    VOLUME_INSPECT
    BACKUP_POLICY_ASSIGNMENT_INSPECT
    OCI Budgets
    oci-budgets-budget
    inspect usage-budgets
    read usage-budgets
    USAGE_BUDGET_INSPECT
    USAGE_BUDGET_READ
    OCI Certificate
    oci-certificate-certificateauthorities
    oci-certificate-certificates
    inspect certificate-authorities
    read certificate-authorities
    inspect leaf-certificates
    read leaf-certificates
    CERTIFICATE_AUTHORITY_INSPECT
    CERTIFICATE_AUTHORITY_READ
    CERTIFICATE_INSPECT
    CERTIFICATE_READ
    OCI Cloud Guard
    oci-cloudguard-security-recipe
    oci-cloudguard-security-zone
    inspect security-recipe
    read security-recipe
    inspect security-zone
    read security-zone
    SECURITY_RECIPE_INSPECT
    SECURITY_RECIPE_READ
    SECURITY_ZONE_INSPECT
    SECURITY_ZONE_READ
    OCI Compute
    oci-compute-instance
    oci-compute-boot-volume-backup
    oci-compute-vnicattachments
    oci-compute-vnics
    read instances
    inspect boot-volume-backups
    inspect vnic-attachments
    inspect vnics
    INSTANCE_INSPECT
    INSTANCE_READ
    BOOT_VOLUME_BACKUP_INSPECT
    BOOT_VOLUME_BACKUP_READ
    VNIC_ATTACHMENT_READ
    VNIC_READ
    OCI Containers And Artifacts
    oci-containers-artifacts-kubernetes-cluster
    oci-containers-artifacts-kubernetes-cluster-nodepool
    oci-containers-artifacts-containerimages
    oci-containers-artifacts-containerrepo
    inspect clusters
    inspect repos
    read repos
    CLUSTER_INSPECT
    CLUSTER_NODE_POOL_INSPECT
    CLUSTER_NODE_POOL_READ
    CLUSTER_READ
    REPOSITORY_INSPECT
    REPOSITORY_READ
    OCI Data Catalog
    oci-datacatalog-catalogs
    inspect data-catalogs
    read data-catalogs
    CATALOG_INSPECT
    CATALOG_READ
    OCI Data Flow
    oci-dataflow-applications
    This API is not supported in ap-hyderabad-1 region.
    inspect dataflow-application
    read dataflow-application
    DATAFLOW_APPLICATION_INSPECT
    DATAFLOW_APPLICATION_READ
    OCI Data Integration
    oci-dataintegration-workspaces
    inspect dis-workspaces
    read dis-workspaces
    DIS_WORKSPACE_INSPECT
    DIS_WORKSPACE_READ
    OCI Data Safe
    oci-data-safe-private-endpoint
    oci-data-safe-target-database
    inspect data-safe-private-endpoints
    read data-safe-private-endpoints
    inspect target-databases
    read target-databases
    DATA_SAFE_PRIVATE_ENDPOINT_INSPECT
    DATA_SAFE_PRIVATE_ENDPOINT_READ
    DATA_SAFE_TARGET_DATABASE_READ
    DATA_SAFE_TARGET_DATABASE_INSPECT
    OCI Data Science
    oci-datascience-projects
    inspect data-science-projects
    read data-science-projects
    DATA_SCIENCE_PROJECT_INSPECT
    DATA_SCIENCE_PROJECT_READ
    OCI Database
    oci-database-autonomous-database
    oci-oracledatabase-bmvm-dbsystem
    oci-oracledatabase-databases
    oci-database-db-home
    oci-database-db-home-patch
    oci-database-db-system-patch
    oci-database-db-node
    read db-systems
    inspect db-systems
    inspect db-homes
    inspect databases
    AUTONOMOUS_DATABASE_INSPECT
    DB_HOME_INSPECT
    DB_SYSTEM_INSPECT
    DATABASE_INSPECT
    DB_NODE_INSPECT
    DB_NODE_QUERY
    OCI DataLabeling
    oci-datalabeling-dataset
    Unsupported Format
    DATA_LABELING_DATASET_INSPECT
    DATA_LABELING_DATASET_READ
    OCI Events
    oci-events-rule
    read cloudevents-rules
    EVENTRULE_LIST
    EVENTRULE_READ
    OCI File Storage
    oci-file-storage-file-system
    oci-file-storage-export
    oci-file-storage-mount-target
    read file-systems
    read export-sets
    FILE_SYSTEM_INSPECT
    FILE_SYSTEM_READ
    EXPORT_SET_INSPECT
    EXPORT_SET_READ
    COMPARTMENT_INSPECT
    MOUNT_TARGET_INSPECT
    MOUNT_TARGET_READ
    OCI Functions
    oci-functions-applications
    oci-functions
    inspect fn-app
    read fn-app
    inspect fn-function
    read fn-function
    FN_APP_LIST
    FN_APP_READ
    FN_FUNCTION_LIST
    FN_FUNCTION_READ
    OCI IAM
    oci-iam-user
    oci-iam-group
    oci-iam-policy
    oci-iam-authentication-policy
    oci-iam-identityproviders
    oci-iam-dynamic-group
    read users
    read groups
    read policies
    read authentication-policies
    inspect identity-providers
    inspect dynamic-groups
    USER_INSPECT
    USER_READ
    GROUP_INSPECT
    POLICY_READ
    AUTHENTICATION_POLICY_INSPECT
    IDENTITY_PROVIDER_INSPECT
    DYNAMIC_GROUP_INSPECT
    OCI JMS
    oci-jms-fleet
    Unsupported Format
    FLEET_INSPECT
    FLEET_READ
    OCI Logging
    oci-logging-logs
    inspect log-groups
    LOG_GROUP_INSPECT
    LOG_GROUP_READ
    OCI MySQL
    oci-mysql-dbsystems
    inspect mysql-instances
    read mysql-instances
    MYSQL_INSTANCE_INSPECT
    MYSQL_INSTANCE_READ
    OCI Networking
    oci-networking-vcn
    oci-networking-nsg
    oci-networking-security-list
    oci-networking-loadbalancer
    oci-networking-routetable
    oci-networking-internetgateway
    oci-networking-drgattachment
    oci-networking-drg
    oci-networking-localpeeringgateway
    oci-networking-natgateway
    oci-networking-servicegateway
    oci-networking-dns-zone
    oci-networking-dns-tsigkeys
    oci-networking-subnet
    oci-networking-ipsec-connection
    oci-networking-networkloadbalancer
    read vcns
    read network-security-groups
    read security-lists
    inspect load-balancers
    inspect subnets
    INTERNET_GATEWAY_READ
    DRG_ATTACHMENT_READ
    DRG_READ
    LOCAL_PEERING_GATEWAY_READ
    NAT_GATEWAY_READ
    SERVICE_GATEWAY_READ
    DNS_ZONE_INSPECT
    inspect dns-tsig-keys
    read dns-tsig-keys
    inspect ipsec-connections
    inspect network-load-balancers
    read network-load-balancers
    VCN_READ
    NETWORK_SECURITY_GROUP_INSPECT
    NETWORK_SECURITY_GROUP_READ
    SECURITY_LIST_READ
    LOAD_BALANCER_INSPECT
    ROUTE_TABLE_READ
    SUBNET_READ
    INTERNET_GATEWAY_READ
    DRG_ATTACHMENT_READ
    DRG_READ
    LOCAL_PEERING_GATEWAY_READ
    NAT_GATEWAY_READ
    SERVICE_GATEWAY_READ
    DNS_ZONE_INSPECT
    DNS_TSIG_KEY_INSPECT
    DNS_TSIG_KEY_READ
    IPSEC_CONNECTION_READ
    NETWORK_LOAD_BALANCER_INSPECT
    NETWORK_LOAD_BALANCER_READ
    OCI NoSQL Database
    oci-nosql-database-table
    inspect nosql-tables
    read nosql-tables
    NOSQL_TABLE_INSPECT
    NOSQL_TABLE_READ
    OCI Notifications
    oci-notifications-ons-topic
    read ons-topics
    read ons-subscriptions
    ONS_SUBSCRIPTION_INSPECT
    ONS_TOPIC_INSPECT
    ONS_TOPIC_READ
    OCI Object Storage
    oci-object-storage-bucket
    read buckets
    read objectstorage-namespaces
    BUCKET_INSPECT
    BUCKET_READ
    OBJECTSTORAGE_NAMESPACE_READ
    OCI Scanning
    oci-scanning-host-scanrecipe
    oci-scanning-host-scantarget
    inspect host-scan-recipes
    read host-scan-recipes
    inspect host-scan-targets
    read host-scan-targets
    VSS_HOSTSCANRECIPE_INSPECT
    VSS_HOSTSCANRECIPE_READ
    VSS_HOSTSCANTARGET_INSPECT
    VSS_HOSTSCANTARGET_READ
    OCI Service Connector Hub
    oci-serviceconnectorhub-serviceconnectors
    inspect serviceconnectors
    read serviceconnectors
    SERVICE_CONNECTOR_INSPECT
    SERVICE_CONNECTOR_READ
    OCI Service Mesh
    oci-service-mesh-access-policy
    oci-service-mesh-meshes
    oci-service-mesh-virtual-deployment
    oci-service-mesh-virtualservice-routetable
    oci-service-mesh-virtualservice
    oci-service-mesh-ingressgateway-routetable
    oci-service-mesh-ingressgateway
    Unsupported Format
    MESH_ACCESS​_POLICY_LIST
    MESH_ACCESS​_POLICY_READ
    SERVICE_MESH_LIST
    SERVICE_MESH_READ
    MESH_VIRTUAL​_DEPLOYMENT_LIST
    MESH_VIRTUAL​_DEPLOYMENT_READ
    MESH_VIRTUAL_DEPLOYMENT​_PROXY_CONFIG_READ
    MESH_PROXY_DETAILS_READ
    MESH_VIRTUAL_SERVICE_ROUTE​_TABLE_LIST
    MESH_VIRTUAL_SERVICE_ROUTE​_TABLE_READ
    MESH_VIRTUAL_SERVICE​_LIST
    MESH_VIRTUAL_SERVICE​_READ
    MESH_INGRESS_GATEWAY_ROUTE​_TABLE_LIST
    MESH_INGRESS_GATEWAY_ROUTE​_TABLE_READ
    MESH_INGRESS_GATEWAY​_LIST
    MESH_INGRESS_GATEWAY​_READ
    OCI Speech
    oci-speech-transcription-job
    Unsupported Format
    AI_SERVICE_SPEECH_TRANSCRIPTION_JOB_INSPECT
    AI_SERVICE_SPEECH_TRANSCRIPTION_JOB_READ
    OCI Streaming
    oci-streaming-streampools
    oci-streaming-streams
    inspect stream-pools
    read stream-pools
    inspect streams
    read streams
    STREAM_INSPECT
    STREAM_POOL_INSPECT
    STREAM_POOL_READ
    STREAM_READ
    OCI Vaults
    oci-vault-keyvault
    inspect vaults
    read vaults
    VAULT_INSPECT
    VAULT_READ
    OCI Vision
    oci-vision-model
    oci-vision-project
    Unsupported Format
    AI_SERVICE_VISION_MODEL_INSPECT
    AI_SERVICE_VISION_MODEL_READ
    AI_SERVICE_VISION_PROJECT_INSPECT
    AI_SERVICE_VISION_PROJECT_READ
    OCI Web Application Firewall
    oci-waf-webappfirewallpolicy
    oci-waf-networkaddresslist
    oci-waf-waaspolicy
    oci-waf-waasaddresslist
    inspect waf-policy
    read waf-policy
    inspect waf-network-address-list
    read waf-network-address-list
    inspect waas-policy
    read waas-policy
    inspect waas-address-list
    read waas-address-list
    WAF_POLICY_INSPECT
    WAF_POLICY_READ
    WAF_NETWORK_ADDRESS_LIST_INSPECT
    WAF_NETWORK_ADDRESS_LIST_READ
    WAAS_POLICY_INSPECT
    WAAS_POLICY_READ
    WAAS_ADDRESS_LIST_INSPECT
    WAAS_ADDRESS_LIST_READ

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2023 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo