Skip to main content

Add TAS Settings

POST 

/api/v32.04/settings/tas

x-prisma-cloud-target-env: {"permission":"policyContainers","saas":true,"self-hosted":true}
x-public: true

Sets the Tanzu Application Service (TAS) settings.

cURL Request

Refer to the following example cURL command that configures the TAS settings:

$ curl 'https://<CONSOLE>/api/v<VERSION>/settings/tas'
-k \
-X POST \
-u <USER> \
-H 'Content-Type: application/json' \
-d \
'[
{
"cap": 5,
"cloudControllerAddress": "https://example.com",
"hostname": "vm-host",
"pattern": "droplet-name"
}
]'

Request

Body

array
  • Array [
  • cap integer

    Cap indicates only the last k images should be fetched.

    cloudControllerAddress string

    CloudControllerAddress is the address of the local cloud controller in TAS env.

    hostname string

    Hostname is the hostname of the defender that is used as the blobstore scanner.

    pattern string

    Name is the droplet name.

    remote boolean

    Remote indicates whether the blobstore is remote or local.

    remoteConfig object

    TASRemoteBlobstoreConfig contains remote blobstore details

    blobstoreAddress string

    BlobstoreAddress is the address of the remote cloud controller.

    cACert string

    CACert Ops manager CA root certificate in case the user chooses not to skip TLS validation.

    credential object

    Credential specifies the authentication data of an external provider

    _id string

    Specifies the unique ID for credential.

    accountGUID string

    Specifies the unique ID for an IBM Cloud account.

    accountID string

    Specifies the account identifier. Example: a username, access key, account GUID, and so on.

    accountName string

    Specifies the name of the cloud account.

    apiToken object

    Secret Stores the plain and encrypted version of a value. The plain version is not stored in a database

    encrypted string

    Specifies an encrypted value of the secret.

    plain string

    Specifies the plain text value of the secret.

    azureSPInfo object

    AzureSPInfo contains the Azure credentials needed for certificate based authentications

    clientId string

    ClientID is the client identifier.

    miType cred.AzureMIType (string)

    Possible values: [user-assigned,system-assigned]

    subscriptionId string

    SubscriptionID is a GUID that uniquely identifies the subscription to use Azure services.

    tenantId string

    TenantID is the ID of the AAD directory in which the application was created.

    caCert string

    Specifies the CA certificate for a certificate-based authentication.

    cloudProviderAccountID string

    Specifies the cloud provider account ID.

    created date-time

    Specifies the time when the credential was created (or, when the account ID was changed for AWS).

    description string

    Specifies the description for a credential.

    external boolean

    Indicates whether the credential was onboarded from the Prisma platform.

    global boolean

    Indicates whether the credential scope is global. Available values are: true: Global false: Not Global Note: For GCP, the credential scope is the organization.

    lastModified date-time

    Specifies the time when the credential was last modified.

    ociCred object

    OCICred are additional parameters required for OCI credentials

    fingerprint string

    Fingerprint is the public key signature.

    tenancyId string

    TenancyID is the OCID of the tenancy.

    owner string

    Specifies the user who created or modified the credential.

    prismaLastModified int64

    Specifies the time when the account was last modified by Prisma Cloud Compute.

    roleArn string

    Specifies the Amazon Resource Name (ARN) of the role to be assumed.

    secret object

    Secret Stores the plain and encrypted version of a value. The plain version is not stored in a database

    encrypted string

    Specifies an encrypted value of the secret.

    plain string

    Specifies the plain text value of the secret.

    skipVerify boolean

    Indicates whether to skip the certificate verification in TLS communication.

    stsEndpoints string (string)[]

    Specifies a list of specific endpoints for use in STS sessions in various regions.

    tokens object
    awsAccessKeyId string

    Specifies a temporary access key.

    awsSecretAccessKey object

    Secret Stores the plain and encrypted version of a value. The plain version is not stored in a database

    encrypted string

    Specifies an encrypted value of the secret.

    plain string

    Specifies the plain text value of the secret.

    duration int64

    Specifies a duration for the token.

    expirationTime date-time

    Specifies an expiration time for the token.

    token object

    Secret Stores the plain and encrypted version of a value. The plain version is not stored in a database

    encrypted string

    Specifies an encrypted value of the secret.

    plain string

    Specifies the plain text value of the secret.

    type cred.Type (string)

    Possible values: [aws,azure,gcp,ibmCloud,oci,apiToken,basic,dtr,kubeconfig,certificate,gitlabToken]

    Type specifies the credential type

    url string

    Specifies the base server URL.

    useAWSRole boolean

    Indicates whether to authenticate using the IAM Role attached to the instance. Available values are: true: Authenticate with the attached credentials false: Don’t authenticate with the attached credentials.

    useSTSRegionalEndpoint boolean

    Indicates whether to use the regional STS endpoint for an STS session. Available values are: true: Use the regional STS false: Don’t use the regional STS.

    credentialID string

    CredentialID is the id in the credentials store to use for authenticating with the remote blobstore.

    foundation string

    Foundation is the name of TAS foundation.

  • ]

Responses

OK

Loading...