Skip to main content

Get WAAS Container Policy

GET 
/api/v34.00/policies/firewall/app/container
x-prisma-cloud-target-env: {"permission":"policyWAAS"}

Retrieves the WAAS policy for containers. A policy consists of ordered rules.

This endpoint maps to Defend > WAAS > Container in the Console UI.

cURL Request

Refer to the following example cURL command:

$ curl -k \
  -u <USER> \
  -H 'Content-Type: application/json' \
  'https://<CONSOLE>/api/v<VERSION>/policies/firewall/app/container'

A successful response returns a list of rules in the policy.

Responses

Policy representation details

Schema
    _idstring

    Unique internal ID.

    maxPortinteger

    Specifies the upper limit (maxima) for a port number to use in an application firewall.

    minPortinteger

    Specifies the lower limit (minima) for a port number to use in an application firewall.

    rules object[]

    Specifies the rules in a policy.

  • Array [
    • allowMalformedHttpHeaderNamesboolean

    Indicates whether to allow non-compliant characters in the HTTP request header.

    applicationsSpec object[]

    Lists the OpenAPI specifications in a rule.

  • Array [
    • apiSpec object

    APISpec is an API specification

    descriptionstring

    Description of the app.

    effectwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    endpoints object[]

    The app's endpoints.

  • Array [
    • basePathstring

    Base path for the endpoint.

    exposedPortinteger

    Exposed port that the proxy is listening on.

    grpcboolean

    Indicates if the proxy supports gRPC (true) or not (false).

    hoststring

    URL address (name or IP) of the endpoint's API specification (e.g., petstore.swagger.io). The address can be prefixed with a wildcard (e.g., *.swagger.io).

    http2boolean

    Indicates if the proxy supports HTTP/2 (true) or not (false).

    internalPortinteger

    Internal port that the application is listening on.

    tlsboolean

    Indicates if the connection is secured (true) or not (false).

  • ]
    • fallbackEffectwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    paths object[]

    Paths of the API's endpoints.

  • Array [
    • methods object[]

    Supported operations for the path (e.g., PUT, GET, etc.).

  • Array [
    • methodstring

    Type of HTTP request (e.g., PUT, GET, etc.).

    parameters object[]

    Parameters that are part of the HTTP request.

  • Array [
    • allowEmptyValueboolean

    Indicates if an empty value is allowed (true) or not (false).

    arrayboolean

    Indicates if multiple values of the specified type are allowed (true) or not (false).

    explodeboolean

    Indicates if arrays should generate separate parameters for each array item or object property.

    locationwaas.ParamLocation (string)

    ParamLocation is the location of a parameter

    Possible values: [path,query,cookie,header,body,json,xml,formData,multipart]

    maxdouble

    Maximum allowable value for a numeric parameter.

    mindouble

    Minimum allowable value for a numeric parameter.

    namestring

    Name of the parameter.

    requiredboolean

    Indicates if the parameter is required (true) or not (false).

    stylewaas.ParamStyle (string)

    ParamStyle is a param format style, defined by OpenAPI specification It describes how the parameter value will be serialized depending on the type of the parameter value. Ref: https://swagger.io/docs/specification/serialization/ https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.0.md#style-examples

    Possible values: [simple,spaceDelimited,tabDelimited,pipeDelimited,form,matrix,label]

    typewaas.ParamType (string)

    ParamType is the type of a parameter, defined by OpenAPI specification Ref: https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types

    Possible values: [integer,number,string,boolean,array,object]

  • ]
  • ]
    • pathstring

    Relative path to an endpoint such as "/pet/{petId}".

  • ]
    • queryParamFallbackEffectwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    appIDstring

    Unique ID for the app.

    attackTools object

    ProtectionConfig represents a WAAS protection config

    effectwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    exceptionFields object[]

    Exceptions.

  • Array [
    • keystring

    Field in HTTP request.

    keyPatternboolean

    Match and scrub by keys, relevant when location is not defined.

    locationwaas.ExceptionLocation (string)

    ExceptionLocation indicates exception http field location

    Possible values: [path,query,queryValues,cookie,UserAgentHeader,header,body,rawBody,XMLPath,JSONPath]

    responseboolean

    Indicates that sensitive data should be checked in response, only relevant for pattern based sensitive data rule.

    valuePatternboolean

    Match and scrub by values, relevant when location is not defined.

  • ]
    • autoApplyPatchesSpec object

    AutoApplyPatchesSpec is the configuration for automation apply patches protection

    effectwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    banDurationMinutesinteger

    Ban duration, in minutes.

    body object

    BodyConfig represents app configuration related to HTTP Body

    inspectionLimitExceededEffectwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    inspectionSizeBytesinteger

    InspectionSizeBytes represents the max amount of data to inspect in request body.

    skipboolean

    Skip indicates that body inspection should be skipped.

    botProtectionSpec object

    BotProtectionSpec is the bot protections spec

    interstitialPageboolean

    Indicates if an interstitial page is served (true) or not (false).

    jsInjectionSpec object

    JSInjectionSpec is the js injection protection spec

    enabledboolean

    Indicates if JavaScript injection is enabled (true) or not (false).

    timeoutEffectwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    knownBotProtectionsSpec object

    KnownBotProtectionsSpec is the known bot protections spec

    archivingwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    businessAnalyticswaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    careerSearchwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    contentFeedClientswaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    educationalwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    financialwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    mediaSearchwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    newswaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    searchEngineCrawlerswaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    reCAPTCHASpec object

    ReCAPTCHASpec is the reCAPTCHA spec

    allSessionsboolean

    Indicates if the reCAPTCHA page is served at the start of every new session (true) or not (false).

    customPageSpec object

    CustomReCAPTCHAPageSpec is the custom reCAPTCHA page spec

    bodystring

    Custom HTML for the reCAPTCHA page.

    enabledboolean

    Indicates if the custom reCAPTCHA page is enabled.

    enabledboolean

    Indicates if reCAPTCHA integration is enabled (true) or not (false).

    secretKey object

    Secret Stores the plain and encrypted version of a value. The plain version is not stored in a database

    encryptedstring

    Specifies an encrypted value of the secret.

    plainstring

    Specifies the plain text value of the secret.

    siteKeystring

    ReCAPTCHA site key to use when invoking the reCAPTCHA service.

    successExpirationHoursinteger

    Duration for which the indication of reCAPTCHA success is kept. Maximum value is 30 days * 24 = 720 hours.

    typewaas.ReCAPTCHAType (string)

    ReCAPTCHAType is the reCAPTCHA configured type

    Possible values: [checkbox,invisible]

    sessionValidationwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    unknownBotProtectionSpec object

    UnknownBotProtectionSpec is the unknown bot protection spec

    apiLibrarieswaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    botImpersonationwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    browserImpersonationwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    genericwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    httpLibrarieswaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    requestAnomalies object

    RequestAnomalies is the request anomalies spec

    effectwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    thresholdwaas.RequestAnomalyThreshold (integer)

    RequestAnomalyThreshold is the score threshold for which request anomaly violation is triggered

    Possible values: [3,6,9]

    webAutomationToolswaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    webScraperswaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    userDefinedBots object[]

    Effects to perform when user-defined bots are detected.

  • Array [
    • effectwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    headerNamestring

    Header name which defines the bot.

    headerValuesstring (string)[]

    Header values corresponding to the header name. Can contain wildcards.

    namestring

    Name of the bot.

    subnetsstring (string)[]

    Subnets where the bot originates. Specify using network lists.

  • ]
    • certificate object

    Secret Stores the plain and encrypted version of a value. The plain version is not stored in a database

    encryptedstring

    Specifies an encrypted value of the secret.

    plainstring

    Specifies the plain text value of the secret.

    clickjackingEnabledboolean

    Indicates whether clickjacking protection is enabled (true) or not (false).

    cmdi object

    ProtectionConfig represents a WAAS protection config

    effectwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    exceptionFields object[]

    Exceptions.

  • Array [
    • keystring

    Field in HTTP request.

    keyPatternboolean

    Match and scrub by keys, relevant when location is not defined.

    locationwaas.ExceptionLocation (string)

    ExceptionLocation indicates exception http field location

    Possible values: [path,query,queryValues,cookie,UserAgentHeader,header,body,rawBody,XMLPath,JSONPath]

    responseboolean

    Indicates that sensitive data should be checked in response, only relevant for pattern based sensitive data rule.

    valuePatternboolean

    Match and scrub by values, relevant when location is not defined.

  • ]
    • codeInjection object

    ProtectionConfig represents a WAAS protection config

    effectwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    exceptionFields object[]

    Exceptions.

  • Array [
    • keystring

    Field in HTTP request.

    keyPatternboolean

    Match and scrub by keys, relevant when location is not defined.

    locationwaas.ExceptionLocation (string)

    ExceptionLocation indicates exception http field location

    Possible values: [path,query,queryValues,cookie,UserAgentHeader,header,body,rawBody,XMLPath,JSONPath]

    responseboolean

    Indicates that sensitive data should be checked in response, only relevant for pattern based sensitive data rule.

    valuePatternboolean

    Match and scrub by values, relevant when location is not defined.

  • ]
    • csrfEnabledboolean

    Indicates whether Cross-Site Request Forgery (CSRF) protection is enabled (true) or not (false).

    customBlockResponse object

    CustomBlockResponseConfig is a custom block message config for a policy

    bodystring

    Custom HTML for the block response.

    codeinteger

    Custom HTTP response code for the block response.

    enabledboolean

    Indicates if the custom block response is enabled (true) or not (false).

    customRules object[]

    List of custom runtime rules.

  • Array [
    • _idinteger

    Custom rule ID.

    actioncustomrules.Action (string)

    Action is the action to perform if the custom rule applies

    Possible values: [audit,incident]

    effectcustomrules.Effect (string)

    Effect is the effect that will be used for custom rule

    Possible values: [block,prevent,alert,allow,ban,disable]

  • ]
    • disableEventIDHeaderboolean

    Indicates if event ID header should be attached to the response or not.

    dosConfig object

    DoSConfig is a dos policy specification

    alert object

    DoSRates specifies dos requests rates (thresholds)

    averageinteger

    Average request rate (requests / second).

    burstinteger

    Burst request rate (requests / second).

    ban object

    DoSRates specifies dos requests rates (thresholds)

    averageinteger

    Average request rate (requests / second).

    burstinteger

    Burst request rate (requests / second).

    enabledboolean

    Enabled indicates if dos protection is enabled.

    excludedNetworkListsstring (string)[]

    Network IPs to exclude from DoS tracking.

    matchConditions object[]

    Conditions on which to match to track a request. The conditions are "OR"'d together during the check.

  • Array [
    • fileTypesstring (string)[]

    File types for request matching.

    methodsstring (string)[]

    HTTP methods for request matching.

    responseCodeRanges object[]

    Response codes for the request's response matching.

  • Array [
    • endinteger

    End of the range. Can be omitted if using a single status code.

    startinteger

    Start of the range. Can also be used for a single, non-range value.

  • ]
  • ]
    • trackSessionboolean

    Indicates if the custom session ID generated during bot protection flow is tracked (true) or not (false).

    headerSpecs object[]

    Configuration for inspecting HTTP headers.

  • Array [
    • allowboolean

    Indicates if the flow is to be allowed (true) or blocked (false).

    effectwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    namestring

    Header name.

    requiredboolean

    Indicates if the header must be present (true) or not (false).

    valuesstring (string)[]

    Wildcard expressions that represent the header value.

  • ]
    • intelGathering object

    IntelGatheringConfig is the configuration for intelligence gathering protections

    infoLeakageEffectwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    removeFingerprintsEnabledboolean

    Indicates if server fingerprints should be removed (true) or not (false).

    lfi object

    ProtectionConfig represents a WAAS protection config

    effectwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    exceptionFields object[]

    Exceptions.

  • Array [
    • keystring

    Field in HTTP request.

    keyPatternboolean

    Match and scrub by keys, relevant when location is not defined.

    locationwaas.ExceptionLocation (string)

    ExceptionLocation indicates exception http field location

    Possible values: [path,query,queryValues,cookie,UserAgentHeader,header,body,rawBody,XMLPath,JSONPath]

    responseboolean

    Indicates that sensitive data should be checked in response, only relevant for pattern based sensitive data rule.

    valuePatternboolean

    Match and scrub by values, relevant when location is not defined.

  • ]
    • malformedReq object

    ProtectionConfig represents a WAAS protection config

    effectwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    exceptionFields object[]

    Exceptions.

  • Array [
    • keystring

    Field in HTTP request.

    keyPatternboolean

    Match and scrub by keys, relevant when location is not defined.

    locationwaas.ExceptionLocation (string)

    ExceptionLocation indicates exception http field location

    Possible values: [path,query,queryValues,cookie,UserAgentHeader,header,body,rawBody,XMLPath,JSONPath]

    responseboolean

    Indicates that sensitive data should be checked in response, only relevant for pattern based sensitive data rule.

    valuePatternboolean

    Match and scrub by values, relevant when location is not defined.

  • ]
    • maliciousUpload object

    MaliciousUploadConfig is the configuration for file upload protection

    allowedExtensionsstring (string)[]

    Allowed file extensions.

    allowedFileTypeswaas.FileType (string)[]

    Allowed file types.

    Possible values: [pdf,officeLegacy,officeOoxml,odf,jpeg,png,gif,bmp,ico,avi,mp4,aac,mp3,wav,zip,gzip,rar,7zip]

    effectwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    networkControls object

    NetworkControls contains the network controls config (e.g., access controls for IPs and countries)

    advancedProtectionEffectwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    countries object

    AccessControls contains the access controls config (e.g., denied/allowed sources)

    alertstring (string)[]

    Alert are the denied sources for which we alert.

    allowstring (string)[]

    Allow are the allowed sources for which we don't alert or prevent.

    allowModeboolean

    AllowMode indicates allowlist (true) or denylist (false) mode.

    enabledboolean

    Enabled indicates if access controls protection is enabled.

    fallbackEffectwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    preventstring (string)[]

    Prevent are the denied sources.

    exceptionSubnetsstring (string)[]

    Network lists for which requests completely bypass WAAS checks and protections.

    networkControlsExceptionSubnets object

    FeatureExceptions represents subnets that should bypass WAAS features

    subnetsstring (string)[]

    Subnets are network lists for which requests bypass WAAS features.

    subnets object

    AccessControls contains the access controls config (e.g., denied/allowed sources)

    alertstring (string)[]

    Alert are the denied sources for which we alert.

    allowstring (string)[]

    Allow are the allowed sources for which we don't alert or prevent.

    allowModeboolean

    AllowMode indicates allowlist (true) or denylist (false) mode.

    enabledboolean

    Enabled indicates if access controls protection is enabled.

    fallbackEffectwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    preventstring (string)[]

    Prevent are the denied sources.

    remoteHostForwarding object

    RemoteHostForwardingConfig defines a remote host to forward requests to

    enabledboolean

    Indicates if remote host forwarding is enabled (true) or not (false).

    targetstring

    Remote host to forward requests to.

    responseHeaderSpecs object[]

    Configuration for modifying HTTP response headers.

  • Array [
    • namestring

    Header name (will be canonicalized when possible).

    overrideboolean

    Indicates whether to override existing values (true) or add to them (false).

    valuesstring (string)[]

    New header values.

  • ]
    • sessionCookieBanboolean

    Indicates if bans in this app are made by session cookie ID (true) or false (not).

    sessionCookieEnabledboolean

    Indicates if session cookies are enabled (true) or not (false).

    sessionCookieSameSitewaas.SameSite (string)

    SameSite allows a server to define a cookie attribute making it impossible for the browser to send this cookie along with cross-site requests. The main goal is to mitigate the risk of cross-origin information leakage, and provide some protection against cross-site request forgery attacks.

    See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite for details

    Possible values: [Lax,Strict,None]

    sessionCookieSecureboolean

    Indicates the Secure attribute of the session cookie.

    shellshock object

    ProtectionConfig represents a WAAS protection config

    effectwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    exceptionFields object[]

    Exceptions.

  • Array [
    • keystring

    Field in HTTP request.

    keyPatternboolean

    Match and scrub by keys, relevant when location is not defined.

    locationwaas.ExceptionLocation (string)

    ExceptionLocation indicates exception http field location

    Possible values: [path,query,queryValues,cookie,UserAgentHeader,header,body,rawBody,XMLPath,JSONPath]

    responseboolean

    Indicates that sensitive data should be checked in response, only relevant for pattern based sensitive data rule.

    valuePatternboolean

    Match and scrub by values, relevant when location is not defined.

  • ]
    • sqli object

    ProtectionConfig represents a WAAS protection config

    effectwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    exceptionFields object[]

    Exceptions.

  • Array [
    • keystring

    Field in HTTP request.

    keyPatternboolean

    Match and scrub by keys, relevant when location is not defined.

    locationwaas.ExceptionLocation (string)

    ExceptionLocation indicates exception http field location

    Possible values: [path,query,queryValues,cookie,UserAgentHeader,header,body,rawBody,XMLPath,JSONPath]

    responseboolean

    Indicates that sensitive data should be checked in response, only relevant for pattern based sensitive data rule.

    valuePatternboolean

    Match and scrub by values, relevant when location is not defined.

  • ]
    • tlsConfig object

    TLSConfig holds the user TLS configuration and the certificate data

    HSTSConfig object

    HSTSConfig is the HTTP Strict Transport Security configuration in order to enforce HSTS header see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security

    enabledboolean

    Enabled indicates if HSTS enforcement is enabled.

    includeSubdomainsboolean

    IncludeSubdomains indicates if this rule applies to all of the site's subdomains as well.

    maxAgeSecondsinteger

    maxAgeSeconds is the time (in seconds) that the browser should remember that a site is only be accessed using HTTPS.

    preloadboolean

    Preload indicates if it should support preload.

    metadata object

    CertificateMeta is the certificate metadata

    issuerNamestring

    IssuerName is the certificate issuer common name.

    notAfterdate-time

    NotAfter is the time the certificate is not valid (expiry time).

    subjectNamestring

    SubjectName is the certificate subject common name.

    minTLSVersionwaas.MinTLSVersion (string)

    MinTLSVersion is the list of acceptable TLS versions

    Possible values: [1.0,1.1,1.2,1.3]

    xss object

    ProtectionConfig represents a WAAS protection config

    effectwaas.Effect (string)

    Effect is the effect that will be used in the rule

    Possible values: [ban,prevent,alert,allow,disable,reCAPTCHA]

    exceptionFields object[]

    Exceptions.

  • Array [
    • keystring

    Field in HTTP request.

    keyPatternboolean

    Match and scrub by keys, relevant when location is not defined.

    locationwaas.ExceptionLocation (string)

    ExceptionLocation indicates exception http field location

    Possible values: [path,query,queryValues,cookie,UserAgentHeader,header,body,rawBody,XMLPath,JSONPath]

    responseboolean

    Indicates that sensitive data should be checked in response, only relevant for pattern based sensitive data rule.

    valuePatternboolean

    Match and scrub by values, relevant when location is not defined.

  • ]
  • ]
    • autoProtectPortsboolean

    Indicates whether to automatically detect and protect the HTTP ports.

    collections object[]

    Scopes the rule based on a list of collections.

  • Array [
    • accountIDsstring (string)[]

    List of account IDs.

    appIDsstring (string)[]

    List of application IDs.

    clustersstring (string)[]

    List of Kubernetes cluster names.

    colorcommon.Color (string)

    Color is a hexadecimal representation of color code value

    containersstring (string)[]

    List of containers.

    descriptionstring

    Free-form text.

    functionsstring (string)[]

    List of functions.

    hostsstring (string)[]

    List of hosts.

    imagesstring (string)[]

    List of images.

    labelsstring (string)[]

    List of labels.

    modifieddate-time

    Datetime when the collection was last modified.

    namestring

    Collection name. Must be unique.

    namespacesstring (string)[]

    List of Kubernetes namespaces.

    ownerstring

    User who created or last modified the collection.

    prismaboolean

    Indicates whether this collection originates from Prisma Cloud.

    systemboolean

    Indicates whether this collection was created by the system (i.e., a non user) (true) or a real user (false).

  • ]
    • disabledboolean

    Indicates whether the rule is currently disabled. Values: true (disabled) or false (enabled).

    modifieddate-time

    Specifies the date and time when the rule was last modified.

    namestring

    Name of the rule.

    notesstring

    Describes any noteworthy points for a rule. You can include any text.

    outOfBandScopewaas.OutOfBandRuleScope (string)

    OutOfBandRuleScope represents the Out-of-Band Rule Scope

    Possible values: [container,host,]

    ownerstring

    User who created or last modified the rule.

    previousNamestring

    Previous name of the rule. Required for rule renaming.

    readTimeoutSecondsinteger

    Specifies the timeout of the request reads in seconds. Default: 5 seconds.

    skipAPILearningboolean

    Indicates whether to skip the API discovery. Values: true (skipped) or false (Do not skip).

    trafficMirroring object

    TrafficMirroringConfig specifies the traffic mirroring configuration is fine in that case

    enabledboolean

    TODO #41884 - remove traffic mirroring enabled flag when no longer needed for BC Enabled indicates if traffic mirroring is enabled.

    samplingboolean

    Sampling indicates if this is a sampling VPC.

    vpcConfig object

    VPCConfig is the VPC configuration (there is a 1-to-1 relation with the rule, only one configuration per rule)

    autoScalingEnabledboolean

    AutoScalingEnabled indicates that the deployment is made with auto VPC observer instances scaling.

    autoScalingMaxInstancesinteger

    AutoScalingMaxInstances is the maximum deployed instances when auto scaling is enabled.

    configIDstring

    ConfigID is a unique ID for the configuration.

    consoleHostnamestring

    ConsoleHostname represents the hostname of the console to connect to.

    credentialIDstring

    CredentialID is the service provider authentication data.

    instanceNamesstring (string)[]

    InstanceNames are the names of the instances to mirror (can be wildcard).

    instanceTypestring

    InstanceType is the instance type to use for the defender instance.

    lbARNstring

    LBARN is the ARN of the observed load balancer.

    lbNamestring

    LBName is the name of the observed load balancer.

    lbTypestring

    LBType is the type of the observed load balancer (currentlly only ALB is supported).

    portsint (integer)[]

    Ports are the ports to mirror.

    regionstring

    Region is the AWS region the mirrored VMs are located in.

    subnetIDstring

    SubnetID is the ID of the subnet the defender will be deployed in.

    tagsstring (string)[]

    Tags are the tags to filter for instances to mirror in Key:Value format or "*".

    vpcIDstring

    VPCID is the ID of the VPC to look for instances to mirror and to deploy the defender in.

    windowsboolean

    Indicates whether the operating system of the app is Microsoft Windows. The default is Linux.

  • ]
curl -L 'https://pan.dev/api/v34.00/policies/firewall/app/container' \
-H 'Accept: application/json'