Welcome to the Compute APIs
About
The Prisma Cloud Workload Protection REST API lets you automate workflows and integrate with external systems. Use the API to:
- Set up, configure, reconfigure, and deploy Prisma Cloud Compute components to secure your hosts, containers, and serverless functions against vulnerabilities, malware, and compliance violations.
- Extract the security data that Prisma Cloud Compute has collected about your environment and send it to your monitoring, alerting, and reporting systems.
Previous API Versions of Prisma Cloud Compute Edition
All minor or maintainance versions (xx) of 32.xx release have n-2 support for backward compatibility. If you're looking for previous minor or maintenance release versions of 30.xx, visit the following link:
How to find your version
To find the the version of Prisma Cloud Workload Protection that you're running:
Log into your Prisma Cloud Compute console.
Click the bell icon in the top right of the page.
The drop-down shows the currently running version:
cURL Examples
All the cURL examples in these documents specify a <CONSOLE>
variable, which represents the address for Console.
The Console address will depend on how Console was installed.
The Prisma Cloud Compute API is exposed on port 8083
(HTTPS).
This port is specified at install time in twistlock.cfg
.
(Default) Kubernetes installations: Console service is exposed by a LoadBalancer.
The value for
<CONSOLE>
is the LoadBalancer followed by port8083
:$ https://<LOAD_BALANCER>:8083
Onebox installations: Console installed on a stand-alone host.
The value for
<CONSOLE>
is the IP address or DNS name of the host followed by port8083
:$ https://<IP_ADDRESS>:8083
The cURL example for each endpoint is called with a username (-u <USER>
) only.
The cURL command can be modified to use any of the following:
- Authentication Token: Use the
-H
option to pass the authentication token from the Authenticate endpoint into the request header.
For example, replace <ACCESS_TOKEN>
with the token from the Authenticate endpoint.
$ curl -k \
-H 'Authorization: Bearer <ACCESS_TOKEN>' \
-X POST \
https://<CONSOLE>/api/vVERSION/<ENDPOINT_PATH>
- Username and Password: Use the
-u
and-p
options to include the username and password, eliminating the need to enter a password in a secondary step.
For example, replace <USER>
with the username string and <PASSWORD>
with the password string.
$ curl -k \
-u <USER> \
-p <PASSWORD> \
-X POST \
https://<CONSOLE>/api/vVERSION/<ENDPOINT_PATH>
- Username Only: This will require the user's password to be entered as a secondary step.
For example, replace <USER>
with the username string.
$ curl -k \
-u <USER> \
-X POST \
https://<CONSOLE>/api/vVERSION/<ENDPOINT_PATH>
Note: This is a more secure method than including the -p
option since your terminal history won't contain the password.
Paginated Responses
Paginated API requests are capped to a max of 250 returned objects because very large responses could DoS Console. The default value is 50 objects per page.
If the response contains more than 250 objects, cycle through the collection with the offset
query parameter to retrieve more objects.
For example:
$ https://<CONSOLE>/api/v<VERSION>/images?limit=250&offset=X
API Rate Limits
Rate limiting is applied to some endpoints. The documentation for each such endpoint has details of the rate limits enforced on it. For example, Get Container Scan Results.
View parameter descriptions
The parameter descriptions are available for each endpoint. The body or query (wherever applicable) parameters are listed after the endpoint description.
The response parameters are hidden under the label Response
200.
Click >
to view hidden parameters.