Skip to main content

Get Discovered Cloud Entities



x-prisma-cloud-target-env: {"permission":"monitorCloud","saas":true,"self-hosted":true}
x-public: true

Returns a list of discovered cloud entities.

Use this API endpoint along with the GET, api/vVERSION/cloud/discovery to get full information about the discovered cloud scan result.

cURL Request

Refer to the following cURL example request:

$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X GET \


Query Parameters

    offset integer

    Offsets the result to a specific report count. Offset starts from 0.

    limit integer

    Limit is the amount to fix.

    sort string

    Sorts the result using a key.

    reverse boolean

    Sorts the result in reverse order.

    credentialID string[]

    CredentialID is the account filter.

    serviceType string[]

    ServiceType is the service type filter.

    registry string[]

    Registry is the registry filter.

    zone string[]

    Zone is the zone filter.

    defended boolean

    Defended is the defended filter.


  • Array [
  • accountID string

    AccountID is the cloud provider account ID.

    activeServicesCount int64

    ActiveServicesCount is the number of active services in ecs cluster.

    arn string

    The Amazon Resource Name (ARN) assigned to the entity.

    collections string (string)[]

    Collections are the matched result collections.

    containerGroup string

    ContainerGroup is the azure aci container group the container belongs to.

    createdAt date-time

    CreatedAt is the time when the entity was created.

    defended boolean

    Defended indicates if the entity is defended.

    endpoints string (string)[]

    Endpoints are the cluster endpoints.

    image string

    Image is the image of an aci container.

    lastModified date-time

    LastModified is the modification time of the function.

    name string

    Name is the name of the entity.

    nodesCount integer

    NodesCount is the number of nodes in the cluster (aks, gke).

    provider common.CloudProvider (string)

    Possible values: [aws,azure,gcp,alibaba,oci,others]

    CloudProvider specifies the cloud provider name

    region string

    Region is the region that was scanned, for example: GCP - "us-east-1", Azure - "westus".

    registry string

    Registry is the Azure registry that was scanned, for example:

    resourceGroup string

    ResourceGroup is the the azure resource group containing the entity.

    runningTasksCount int64

    RunningTasksCount is the number of running tasks in ecs cluster.

    runtime string

    Runtime is runtime environment for the function, i.e. nodejs.

    serviceType shared.ScanResultType (string)

    Possible values: [aws-ecr,aws-lambda,aws-ec2,aws-eks,aws-ecs,aws-s3,aws-config,aws-cloud-trail,aws-kms,aws-cloud-watch,aws-sns,aws-security-hub,aws-secrets-manager,aws-parameter-store,azure-acr,azure-functions,azure-aks,azure-aci,azure-vm,gcp-gcr,gcp-gcf,gcp-gke,gcp-vm,gcp-artifact,oci-instance]

    ScanResultType represents a cloud scan result type

    status string

    Status is the current status of entity.

    timestamp date-time

    Timestamp is the time in which the instance info was fetched.

    version string

    Version is the version of the entity.

    zone string

    Zone is the GCP zone that was scanned.

  • ]