Get Cloud Discovery Scan Results
x-prisma-cloud-target-env: {"permission":"monitorCloud","saas":true,"self-hosted":true}
Returns a list of all cloud discovery scan results in a paginated response.
The entities object and the associated parameters in the response schema is now part of a new API endpoint /api/v1/cloud/discovery/entities.
cURL Request
Refer to the following cURL example request:
$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X GET \
"https://<CONSOLE>/api/v<VERSION>/cloud/discovery"
Query Parameters
Offset from the start of the list from which to retrieve documents.
Number of documents to return.
Search term.
Key on which to sort.
Sort order.
Scopes the query by collection.
Scopes the query by cloud provider.
Scopes the query by account ID.
Scopes the query by resource ID.
Scopes the query by cloud region.
List of fields to retrieve.
CredentialID is the account filter.
- 200
- default
Schema
- Array [
- Array [
- ]
- ]
AccountID is the cloud account ID.
Collections are the matched result collections.
CredentialID is the id reference of the credential used.
Defended is the number of defended entities (registries, functions, clusters).
entities object[]
Entities holds detailed scan results.
ActiveServicesCount is the number of active services in ecs cluster.
The Amazon Resource Name (ARN) assigned to the entity.
ContainerGroup is the azure aci container group the container belongs to.
CreatedAt is the time when the entity was created.
Defended indicates if the entity is defended.
Endpoints are the cluster endpoints.
Image is the image of an aci container.
LastModified is the modification time of the function.
Name is the name of the entity.
NodesCount is the number of nodes in the cluster (aks, gke).
ResourceGroup is the the azure resource group containing the entity.
RunningTasksCount is the number of running tasks in ecs cluster.
Runtime is runtime environment for the function, i.e. nodejs.
Status is the current status of entity.
Version is the version of the entity.
Err holds any error found during a scan.
Project is the GCP project that was scanned.
Possible values: [aws,azure,gcp,alibaba,oci,others]
CloudProvider represents the cloud provider
Region is the region that was scanned, for example: GCP - "us-east-1", Azure - "westus".
Registry is the Azure registry that was scanned, for example: testcloudscanregistry.azurecr.io.
Possible values: [aws-ecr,aws-lambda,aws-ec2,aws-eks,aws-ecs,aws-s3,aws-config,aws-cloud-trail,aws-kms,aws-cloud-watch,aws-sns,aws-security-hub,aws-secrets-manager,aws-parameter-store,azure-acr,azure-functions,azure-aks,azure-aci,azure-vm,gcp-gcr,gcp-gcf,gcp-gke,gcp-vm,gcp-artifact,oci-instance]
ScanResultType represents a cloud scan result type
Total is total number of entities found in cloud scan.
[
{
"accountID": "string",
"collections": [
"string"
],
"credentialId": "string",
"defended": 0,
"entities": [
{
"activeServicesCount": 0,
"arn": "string",
"containerGroup": "string",
"createdAt": "2023-09-25T14:58:37.006Z",
"defended": true,
"endpoints": [
"string"
],
"image": "string",
"lastModified": "2023-09-25T14:58:37.006Z",
"name": "string",
"nodesCount": 0,
"resourceGroup": "string",
"runningTasksCount": 0,
"runtime": "string",
"status": "string",
"version": "string"
}
],
"err": "string",
"project": "string",
"provider": [
"aws",
"azure",
"gcp",
"alibaba",
"oci",
"others"
],
"region": "string",
"registry": "string",
"serviceType": [
"aws-ecr",
"aws-lambda",
"aws-ec2",
"aws-eks",
"aws-ecs",
"aws-s3",
"aws-config",
"aws-cloud-trail",
"aws-kms",
"aws-cloud-watch",
"aws-sns",
"aws-security-hub",
"aws-secrets-manager",
"aws-parameter-store",
"azure-acr",
"azure-functions",
"azure-aks",
"azure-aci",
"azure-vm",
"gcp-gcr",
"gcp-gcf",
"gcp-gke",
"gcp-vm",
"gcp-artifact",
"oci-instance"
],
"total": 0
}
]