Skip to main content

Get VM Image Scan Settings

GET 

/api/v33.01/settings/vm

x-prisma-cloud-target-env: {"permission":"policyHosts"}

Retrieves the list of VM image scan scopes.

This endpoint maps to the VM images scope table data in the Defend > Vulnerabilities > Hosts > VM images Console UI.

cURL Request

Refer to the following example cURL command that retrieves all the scopes used for pattern matching on VM functions:

$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X GET \
'https://<CONSOLE>/api/v<VERSION>/settings/vm'

Responses

Schema
  • Array [
  • cap integer

    Specifies the maximum number of images to fetch and scan, ordered by most recently modified.

    consoleAddr string

    Network-accessible address that Defender can use to publish scan results to Console.

    credentialID string

    ID of the credentials in the credentials store to use for authenticating with the cloud provider.

    enableSecureBoot boolean

    EnableSecureBoot indicates secure boot should be enabled for the instance launched for scanning (currently only supported with GCP).

    excludedImages string (string)[]

    Images to exclude from scanning.

    gcpProjectID string

    GCP project ID to use for listing VM images instead of the default associated with the GCP credential (optional).

    imageType common.ImageType (string)

    ImageType is the type of a VM image. For example, in the case of Azure this is one of marketplace/managed/gallery.

    images string (string)[]

    The names of images to scan.

    instanceType string

    InstanceType is the instance type to use for the instance launched for scanning. For example, the default instance type for AWS is "m4.large".

    labels string (string)[]

    The labels to use to target images to scan.

    region string

    Cloud provider region.

    scanners integer

    Number of Defenders that can be utilized for each scan job.

    subnetID string

    SubnetID is the network subnet ID to use for the instance launched for scanning. Default value is empty string, which represents the default subnet in the VPC.

    vpcID string

    VPCID is the network VPC ID to use for the instance launched for scanning. Default value is empty string, which represents the default VPC in the region.

    zone string

    Cloud provider zone (part of a region). On GCP, designates in which zone to deploy the VM scan instance.

  • ]
Loading...