Get Cloud Account Status (Azure)
POST/cas/v1/cloud_account/status/azure
Lists the status of a Azure Cloud account. You can use this API to verify the status of the security capabilities which you will be onboarding on Prisma Cloud.
Request
- application/json
Body
-
MANUAL - Create account groups manually in Prisma Cloud.
-
AUTOMAP - Automatically creates the account groups in Prisma Cloud replicating the hierarchy in Azure Cloud.
-
azure - Commercial deployment type. Applicable for Prisma Commercial and Government stacks
-
azure_gov - Government deployment type. Applicable for Prisma Commercial and Government stacks..
-
azure_china - Applicable for Prisma China Stack.
- Array [
- ]
- Array [
- ]
Possible values: [MANUAL, AUTOMAP]
Applicable only for role: System Admin and account type: tenant when rootSyncEnabled is set to true.
Application (Client) ID
cloudAccount objectrequired
Organization resource ID if accountType is organization.
Project ID if accountType is account or masterServiceAccount.
Possible values: [account, masterServiceAccount, organization]
Cloud Account Type.
account: GCP Project
organization: GCP Organization
masterServiceAccount: Onboards all GCP projects that are accessible by the service account.
Enable or disable this account on Prisma Cloud.
Default value: false
List of Account Groups that must be mapped to this account. To get the account group ids,call List Account Groups API
Account name for the GCP account that will be onboarded on Prisma Cloud. (must be unique)
ID of the project.
Get the project ID from the credentials json file that is generated from the GCP Terraform template.
Required only for accountType: tenant.
This is the Default Account Group ID for the Azure Tenant and its Management Groups/Subscriptions.
Possible values: [azure, azure_gov, azure_china]
features object[]
Features to be enabled and/ or disabled. To get a list of all the supported features, call Fetch Supported Features endpoint
Possible values: [enabled, disabled]
Enable or disable the feature for all the member accounts linked to this organization. You can enable or disable the defaultMemberState only if the feature state is enabled for the organization. Applicable only for Serverless Function Scanning and Agentless Workload Scanning features.
Feature name obtained from Fetch Supported Features endpoint
Possible values: [enabled, disabled]
Feature state. Whether to be enabled or disabled
hierarchySelection object[]
Required only for accountType: tenant.
Include or Exclude a list of Azure Management Groups and Azure Subscriptions to onboard under this Tenant.
To get the display name of resource, Refer List Children of Parent.
aws: List Children of Parent (AWS)
gcp: List Children of Parent (GCP). Display name is the organization name if nodeType is ORG
Possible values: [ORG, FOLDER, PROJECT, SUBSCRIPTION, MANAGEMENT_GROUP, TENANT, ACCOUNT, OU]
Member account node type. Supported values based on cloud type:
aws: ORG, OU, or ACCOUNT
gcp: ORG, FOLDER, or PROJECT
azure: SUBSCRIPTION, MANAGEMENT_GROUP, or TENANT
To get the list of resource IDs and its details, Refer List Children of Parent.
aws: List Children of Parent (AWS)
Possible values: [ALL, INCLUDE, EXCLUDE]
Organization Member accounts Selection type.
ALL: Include the resource and all its children
INCLUDE: Include the specified resource
EXCLUDE: Exclude the specified resource
Application key/client secret
If set to true, it ingests Network Security Group Flow Logs to Prisma Cloud
Applicable only for accountType: tenant
In order to onboard the tenant and its associated management groups and subscriptions, rootSyncEnabled must be set to true
Service Principal ID
Directory (Tenant) ID
Responses
- 200
- 400
successful operation
- application/json; charset=UTF-8
- Schema
- Example (from schema)
Schema
- Array [
- ]
statusMessage object
[
{
"id": "string",
"name": "string",
"status": "string",
"statusMessage": {
"message": "string",
"staticMessage": true
}
}
]
bad_request