Get Certificate Bundle for Defender
GET/api/v33.01/defenders/install-bundle
x-prisma-cloud-target-env: {"permission":"manageDefenders"}
Returns the certificate bundle that Defender needs to securely connect to Console.
cURL Request
Refer to the following example cURL command:
$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X GET \
"https://<CONSOLE>/api/v<VERSION>/defenders/install-bundle?consoleaddr=<CONSOLEADDR>"
<CONSOLEADDR> is the hostname of the Console.
Request
Query Parameters
ConsoleAddr is the remote console address.
Possible values: [none,docker,dockerWindows,containerdWindows,swarm,daemonset,serverLinux,serverWindows,cri,fargate,appEmbedded,tas,tasWindows,serverless,ecs,podman
]
DefenderType is the type of the defender to create the install bundle for.
Interpreter is a custom interpreter set by the user to run the fargate defender entrypoint script.
CloudFormation indicates if the given fargate task definition is in Cloud Formation format.
FilesystemMonitoring is the filesystem monitoring flag.
ExtractEntrypoint indicates if entrypoint will be extracted automatically.
RegistryType is the registry type for fetching image details needed to create fargate task definition (e.g., dockerhub).
RegistryCredentialID of the credentials in the credentials store to use for authenticating with the registry.
DefenderImage is the full path to the Defender image, if not specified Prisma's private registry is used.
DefenderImagePullSecret is the name of the secret required to pull the Defender image from private registry.
Responses
- 200
- default
DefenderInstallBundle represents the install bundle for the defender
- application/json
- Schema
- Example (from schema)
Schema
InstallBundle is the base64 bundle of certificates used to communicate with the console.
WSAddress is the websocket address (console ) the TAS defender connects to.
{
"installBundle": "string",
"wsAddress": "string"
}