Create Remediation Request

POST 
/uve/api/v1/remediation/vuln-create-remediation

You create one of the following remediation action request for an asset or a set of assets:

• Create a task or JIRA ticket

• Create a merge request

• Suppress the vulnerability

  Remediation action request can be created at the following levels:

• Asset level- Perform remediation action on an asset by asset ID

• Group level- Perform remediation action for all the assets of a particular asset type for a specified CVE ID

• Global level- Perform remediation action on all assets of a specified CVE ID.

Note: You need 'vulnerabilityRemediation' feature with 'Create' permission to access this endpoint. Verify if your permission group includes this feature using the Get Permission Group by ID endpoint. You can also check this in the Prisma Cloud console by ensuring that Alerts > Remediate Vulnerabilities is enabled.

Request

Header Parameters

template-id string

JIRA ID. Required only for createTask remediation action.

assignee string

JIRA assignee. Required only for createTask remediation action.

application/json

Body

cveId stringrequired

CVE ID of the vulnerability.

prismaId stringrequired

Prisma ID of the customer.

remediationAction stringrequired

Possible values: [createTask, createPr, suppress]

Remediation action: create a JIRA/task, create a PR, or suppress the vulnerability.

assetType string

Possible values: [iac, package, deployedImage, serverlessFunction, host, registryImage, vmImage]

Asset type. Required only for group level remediation.

assetId object[]
Asset IDs. Required only for asset level remediation.
Array [
assetType string
Possible values: [iac, package, deployedImage, serverlessFunction, host, registryImage, vmImage]
Type of asset.
assetId string
UAI ID of the asset.
]

Responses

200

ACCEPTED

application/json

Schema

Schema

message string

Response message

details string

Error details if applicable

timeStamp integer

Timestamp of resppnse

request_id string

UUID identifier to indentify the request

Example (from schema)

{
  "message": "ACCEPTED",
  "details": "",
  "timeStamp": 1701778720128,
  "request_id": "b17d66dd-2f8c-46f0-be1a-b3e21ba7990c"
}

206

PARTIALLY ACCEPTED

application/json

Schema

Schema

message string

Response message

details string

Error details if applicable

timeStamp integer

Timestamp of resppnse

request_id string

UUID identifier to indentify the request

Example (from schema)

{
  "message": "PARTIALLY_ACCEPTED",
  "details": "Assets are suppressed or Jira Ticket already exists",
  "timeStamp": 1701778720128,
  "request_id": "b17d66dd-2f8c-46f0-be1a-b3e21ba7990c"
}

400

BAD REQUEST

application/json

Schema

Schema

message string

Response message

details string

Error details if applicable

timeStamp integer

Timestamp of resppnse

request_id string

UUID identifier to indentify the request

Example (from schema)

{
  "message": "BAD_REQUEST",
  "details": "Invalid payload",
  "timeStamp": 1701778720128,
  "request_id": "b17d66dd-2f8c-46f0-be1a-b3e21ba7990c"
}

Loading...