Get Cloud Account Status (Azure)

Lists the status of a Azure Cloud account. You can use this API to verify the status of the security capabilities which you will be onboarding on Prisma Cloud.

application/json

Request Body

clientId string required

Application (Client) ID

cloudAccount object required

accountId string required

Organization resource ID if accountType is organization.

Project ID if accountType is account or masterServiceAccount.

accountType string required

Possible values: [account, masterServiceAccount, organization]

Cloud Account Type.

account: GCP Project

organization: GCP Organization

masterServiceAccount: Onboards all GCP projects that are accessible by the service account.

enabled boolean

Enable or disable this account on Prisma Cloud.

Default value: false

groupIds string[]

List of Account Groups that must be mapped to this account. To get the account group ids,call List Account Groups API

name string required

Account name for the GCP account that will be onboarded on Prisma Cloud. (must be unique)

projectId string

ID of the project.

Get the project ID from the credentials json file that is generated from the GCP Terraform template.

defaultAccountGroupId string

Required only for accountType: tenant.

This is the Default Account Group ID for the Azure Tenant and its Management Groups/Subscriptions.

environmentType string required

Possible values: [azure, azure_gov, azure_china]

• azure - Commercial deployment type. Applicable for Prisma Commercial and Government stacks

• azure_gov - Government deployment type. Applicable for Prisma Commercial and Government stacks..

• azure_china - Applicable for Prisma China Stack.

features object[]
Features to be enabled and/ or disabled. To get a list of all the supported features, call Fetch Supported Features endpoint
Array [
name string
Feature name obtained from Fetch Supported Features endpoint
state string
Possible values: [enabled, disabled]
Feature state. Whether to be enabled or disabled
]
hierarchySelection object[]
Required only for accountType: tenant.
Include or Exclude a list of Azure Management Groups and Azure Subscriptions to onboard under this Tenant.
Array [
displayName string
To get the display name of resource, Refer List Children of Parent.
aws: List Children of Parent (AWS)
gcp: List Children of Parent (GCP). Display name is the organization name if nodeType is ORG
azure: List Children of Parent (Azure)
nodeType string
Possible values: [ORG, FOLDER, PROJECT, SUBSCRIPTION, MANAGEMENT_GROUP, TENANT, ACCOUNT, OU]
Member account node type. Supported values based on cloud type:
aws: ORG, OU, or ACCOUNT
gcp: ORG, FOLDER, or PROJECT
azure: SUBSCRIPTION, MANAGEMENT_GROUP, or TENANT
resourceId string
To get the list of resource IDs and its details, Refer List Children of Parent.
aws: List Children of Parent (AWS)
gcp: List Children of Parent (GCP)
azure: List Children of Parent (Azure)
selectionType string
Possible values: [ALL, INCLUDE, EXCLUDE]
Organization Member accounts Selection type.
ALL: Include the resource and all its children
INCLUDE: Include the specified resource
EXCLUDE: Exclude the specified resource
]
key string required

Application key/client secret

monitorFlowLogs boolean

If set to true, it ingests Network Security Group Flow Logs to Prisma Cloud

rootSyncEnabled boolean

Applicable only for accountType: tenant

In order to onboard the tenant and its associated management groups and subscriptions, rootSyncEnabled must be set to true

servicePrincipalId string

Service Principal ID

tenantId string required

Directory (Tenant) ID

Responses

• 200
• 400
• 500

---

successful operation

application/json; charset=UTF-8

Schema

Example (from schema)

---

Schema

• Array [
id string
name string
status string
statusMessage object
message string
staticMessage boolean
• ]

[
  {
    "id": "string",
    "name": "string",
    "status": "string",
    "statusMessage": {
      "message": "string",
      "staticMessage": true
    }
  }
]

bad_request

internal_error

Loading...