Add Cloud Account (AWS)

Onboard a new aws cloud account onto the Prisma Cloud platform.

Prerequisite: Generate the externalId and AWS CFT template by calling either Generate and Download the CFT Template Endpoint or Generate the AWS CFT Template Link Endpoint

Query Parameters

skipStatusChecks boolean

true = Skip account status checks to improve response time

application/json

Request Body required

Cloud Account

accountId string required

AWS Account ID

accountType string required

Possible values: [organization, account]

Cloud Account Type

defaultAccountGroupId string

Applicable only for accountType: organization.

This is the Default Account Group ID for the AWS organization and its member accounts.

enabled boolean

Cloud Account Status. Whether or not the account is enabled

features object[]
Features to be enabled and/ or disabled. To get a list of all the supported features, call Fetch Supported Features endpoint
Array [
name string
Feature name obtained from Fetch Supported Features endpoint
state string
Possible values: [enabled, disabled]
Feature state. Whether to be enabled or disabled
]
groupIds string[]

Account Group Ids for this account

hierarchySelection object[]
Applicable only for accountType: organization.
Include/Exclude a list of AWS Organization Units (OU), AWS accounts, and AWS Organizations to onboard under this organization.
Array [
displayName string
To get the display name of resource, Refer List Children of Parent.
aws: List Children of Parent (AWS)
gcp: List Children of Parent (GCP). Display name is the organization name if nodeType is ORG
azure: List Children of Parent (Azure)
nodeType string
Possible values: [ORG, FOLDER, PROJECT, SUBSCRIPTION, MANAGEMENT_GROUP, TENANT, ACCOUNT, OU]
Member account node type. Supported values based on cloud type:
aws: ORG, OU, or ACCOUNT
gcp: ORG, FOLDER, or PROJECT
azure: SUBSCRIPTION, MANAGEMENT_GROUP, or TENANT
resourceId string
To get the list of resource IDs and its details, Refer List Children of Parent.
aws: List Children of Parent (AWS)
gcp: List Children of Parent (GCP)
azure: List Children of Parent (Azure)
selectionType string
Possible values: [ALL, INCLUDE, EXCLUDE]
Organization Member accounts Selection type.
ALL: Include the resource and all its children
INCLUDE: Include the specified resource
EXCLUDE: Exclude the specified resource
]
name string required

Name to be used for the account on the Prisma Cloud platform (must be unique)

roleArn string required

AWS Role ARN

Responses

• 200
• 400
• 404
• 412
• 500

---

successful operation

duplicate_cloud_account_name / duplicate_cloud_account / duplicate_cloud_account_needs_upgrade / cannot_select_zero_account_groups / invalid_account_group_ids / invalid_account_type

invalid_account_id_format

external_id_empty_or_not_generated. To generate CFT and externalId call Generate and Download the AWS CFT Template endpoint or Generate the AWS CFT Template Link Endpoint

internal_error

Loading...