Generate a Protected JSON Fargate Task Definition
POST/api/v33.01/defenders/fargate.json
x-prisma-cloud-target-env: {"permission":"manageDefenders"}
Returns a protected Fargate task definition given an unprotected task definition.
cURL Request
Refer to the following example cURL command:
<HOSTNAME>
is a single list item from the /api/v<VERSION>/defenders/names
endpoint.
Unprotected task definition in unprotected.json
$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X POST \
--data-binary "@unprotected.json"
--output protected.json \
"https://<CONSOLE>/api/v<VERSION>/defenders/fargate.json?consoleaddr=<HOSTNAME>&defenderType=appEmbedded"
Refer to the following example cURL command that accepts the task definition in JSON format for a CloudFormation template:
<HOSTNAME>
is a single list item from the /api/v<VERSION>/defenders/names
endpoint.
Unprotected task definition in unprotected.json
$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X POST \
--data-binary "@unprotected.json"
--output protected.json \
"https://<CONSOLE>/api/v<VERSION>/defenders/fargate.json?cloudFormation=true&consoleaddr=<console_address>&filestemMonitoring=false&interpreter=&project=Central+Console"
cURL Response
New Protected task will be in protected.json
Request
Query Parameters
ConsoleAddr is the remote console address.
Possible values: [none,docker,dockerWindows,containerdWindows,swarm,daemonset,serverLinux,serverWindows,cri,fargate,appEmbedded,tas,tasWindows,serverless,ecs,podman
]
DefenderType is the type of the defender to create the install bundle for.
Interpreter is a custom interpreter set by the user to run the fargate defender entrypoint script.
CloudFormation indicates if the given fargate task definition is in Cloud Formation format.
FilesystemMonitoring is the filesystem monitoring flag.
ExtractEntrypoint indicates if entrypoint will be extracted automatically.
RegistryType is the registry type for fetching image details needed to create fargate task definition (e.g., dockerhub).
RegistryCredentialID of the credentials in the credentials store to use for authenticating with the registry.
DefenderImage is the full path to the Defender image, if not specified Prisma's private registry is used.
DefenderImagePullSecret is the name of the secret required to pull the Defender image from private registry.
- application/json
Body
Responses
- 200
- default
FargateTask represents the generic fargate task AWS template
- application/json
- Schema
- Example (from schema)
Schema
{}