Get Discovered Cloud Entities
GET/api/v32.04/cloud/discovery/entities
x-prisma-cloud-target-env: {"permission":"monitorCloud","saas":true,"self-hosted":true}
x-public: true
Returns a list of discovered cloud entities.
Use this API endpoint along with the GET, api/vVERSION/cloud/discovery to get full information about the discovered cloud scan result.
cURL Request
Refer to the following cURL example request:
$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X GET \
"https://<CONSOLE>/api/v<VERSION>/cloud/discovery/entities"
Request
Query Parameters
Offsets the result to a specific report count. Offset starts from 0.
Limit is the amount to fix.
Sorts the result using a key.
Sorts the result in reverse order.
CredentialID is the account filter.
ServiceType is the service type filter.
Registry is the registry filter.
Zone is the zone filter.
Defended is the defended filter.
Responses
- 200
- default
- application/json
- Schema
- Example (from schema)
Schema
- Array [
- ]
AccountID is the cloud provider account ID.
ActiveServicesCount is the number of active services in ecs cluster.
The Amazon Resource Name (ARN) assigned to the entity.
Collections are the matched result collections.
ContainerGroup is the azure aci container group the container belongs to.
CreatedAt is the time when the entity was created.
Defended indicates if the entity is defended.
Endpoints are the cluster endpoints.
Image is the image of an aci container.
LastModified is the modification time of the function.
Name is the name of the entity.
NodesCount is the number of nodes in the cluster (aks, gke).
Possible values: [aws,azure,gcp,alibaba,oci,others]
CloudProvider specifies the cloud provider name
Region is the region that was scanned, for example: GCP - "us-east-1", Azure - "westus".
Registry is the Azure registry that was scanned, for example: testcloudscanregistry.azurecr.io.
ResourceGroup is the the azure resource group containing the entity.
RunningTasksCount is the number of running tasks in ecs cluster.
Runtime is runtime environment for the function, i.e. nodejs.
Possible values: [aws-ecr,aws-lambda,aws-ec2,aws-eks,aws-ecs,aws-s3,aws-config,aws-cloud-trail,aws-kms,aws-cloud-watch,aws-sns,aws-security-hub,aws-secrets-manager,aws-parameter-store,azure-acr,azure-functions,azure-aks,azure-aci,azure-vm,gcp-gcr,gcp-gcf,gcp-gke,gcp-vm,gcp-artifact,oci-instance]
ScanResultType represents a cloud scan result type
Status is the current status of entity.
Timestamp is the time in which the instance info was fetched.
Version is the version of the entity.
Zone is the GCP zone that was scanned.
[
{
"accountID": "string",
"activeServicesCount": 0,
"arn": "string",
"collections": [
"string"
],
"containerGroup": "string",
"createdAt": "2024-04-25T18:28:20.181Z",
"defended": true,
"endpoints": [
"string"
],
"image": "string",
"lastModified": "2024-04-25T18:28:20.181Z",
"name": "string",
"nodesCount": 0,
"provider": [
"aws",
"azure",
"gcp",
"alibaba",
"oci",
"others"
],
"region": "string",
"registry": "string",
"resourceGroup": "string",
"runningTasksCount": 0,
"runtime": "string",
"serviceType": [
"aws-ecr",
"aws-lambda",
"aws-ec2",
"aws-eks",
"aws-ecs",
"aws-s3",
"aws-config",
"aws-cloud-trail",
"aws-kms",
"aws-cloud-watch",
"aws-sns",
"aws-security-hub",
"aws-secrets-manager",
"aws-parameter-store",
"azure-acr",
"azure-functions",
"azure-aks",
"azure-aci",
"azure-vm",
"gcp-gcr",
"gcp-gcf",
"gcp-gke",
"gcp-vm",
"gcp-artifact",
"oci-instance"
],
"status": "string",
"timestamp": "2024-04-25T18:28:20.181Z",
"version": "string",
"zone": "string"
}
]