Skip to main content

Get Discovered Cloud Entities



x-prisma-cloud-target-env: {"permission":"monitorCloud","saas":true,"self-hosted":true}
x-public: true

Returns a list of discovered cloud entities.

Use this API endpoint along with the GET, api/vVERSION/cloud/discovery to get full information about the discovered cloud scan result.

cURL Request

Refer to the following cURL example request:

$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X GET \


Query Parameters

    offset integer

    Offsets the result to a specific report count. Offset starts from 0.

    limit integer

    Number of reports to retrieve in a page. For PCCE, the maximum limit is 250. For PCEE, the maximum limit is 50. The default value is 50.

    search string

    Retrieves the result for a search term.

    sort string

    Sorts the result using a key. Refer to the columns in the relevant Prisma Cloud Compute user interface to use them as sort keys.

    reverse boolean

    Sorts the result in reverse order.

    collections string[]

    Filters the result based on collection names that you have defined in Prisma Cloud Compute.

    provider string[]

    Scopes the query by cloud provider.

    accountIDs string[]

    Filters the result based on cloud account IDs.

    resourceIDs string[]

    Scopes the query by resource ID.

    region string[]

    Scopes the query by cloud region.

    fields string[]

    Retrieves the fields that you need in a report. Use the list of fields you want to retrieve. By default, the result shows all fields of data.

    credentialID string[]

    CredentialID is the account filter.

    serviceType string[]

    ServiceType is the service type filter.

    registry string[]

    Registry is the registry filter.

    zone string[]

    Zone is the zone filter.

    defended boolean

    Defended is the defended filter.


  • Array [
  • accountID string

    AccountID is the cloud provider account ID.

    activeServicesCount int64

    ActiveServicesCount is the number of active services in ecs cluster.

    arn string

    The Amazon Resource Name (ARN) assigned to the entity.

    collections string[]

    Collections are the matched result collections.

    containerGroup string

    ContainerGroup is the azure aci container group the container belongs to.

    createdAt date-time

    CreatedAt is the time when the entity was created.

    defended boolean

    Defended indicates if the entity is defended.

    endpoints string[]

    Endpoints are the cluster endpoints.

    image string

    Image is the image of an aci container.

    lastModified date-time

    LastModified is the modification time of the function.

    name string

    Name is the name of the entity.

    nodesCount integer

    NodesCount is the number of nodes in the cluster (aks, gke).

    provider common.CloudProvider

    Possible values: [aws,azure,gcp,alibaba,oci,others]

    CloudProvider represents the cloud provider

    region string

    Region is the region that was scanned, for example: GCP - "us-east-1", Azure - "westus".

    registry string

    Registry is the Azure registry that was scanned, for example:

    resourceGroup string

    ResourceGroup is the the azure resource group containing the entity.

    runningTasksCount int64

    RunningTasksCount is the number of running tasks in ecs cluster.

    runtime string

    Runtime is runtime environment for the function, i.e. nodejs.

    serviceType shared.ScanResultType

    Possible values: [aws-ecr,aws-lambda,aws-ec2,aws-eks,aws-ecs,aws-s3,aws-config,aws-cloud-trail,aws-kms,aws-cloud-watch,aws-sns,aws-security-hub,aws-secrets-manager,aws-parameter-store,azure-acr,azure-functions,azure-aks,azure-aci,azure-vm,gcp-gcr,gcp-gcf,gcp-gke,gcp-vm,gcp-artifact,oci-instance]

    ScanResultType represents a cloud scan result type

    status string

    Status is the current status of entity.

    timestamp date-time

    Timestamp is the time in which the instance info was fetched.

    version string

    Version is the version of the entity.

    zone string

    Zone is the GCP zone that was scanned.

  • ]