diff --git a/openapi-specs/cspm/AssetMicroService.json b/openapi-specs/cspm/AssetMicroService.json index 3788ed0b5..a875a6fff 100644 --- a/openapi-specs/cspm/AssetMicroService.json +++ b/openapi-specs/cspm/AssetMicroService.json @@ -1,12 +1,11 @@ { "openapi": "3.0.1", "info": { - "title": "Prisma Cloud Unified Asset Inventory", - "description": "All assets known to Prisma Cloud with a comprehensive Asset Service", + "title": "APIs to query unified asset", + "description": "APIs to query data from Unified Asset Inventory (UAI)", "contact": { - "name": "Slack Us", - "url": "https://panw-rnd.slack.com/archives/C01DQJBJ7LJ", - "email": "pcs-scrum-platform-da-aaaacvlzsrzhfngxbqrn5mqpre@paloaltonetworks.org.slack.com" + "name": "Platform-Ironman", + "url": "" }, "version": "V1" }, @@ -57,14 +56,19 @@ "url": "https://api.fr.prismacloud.io" } ], + "security": [ + { + "bearerAuth": [] + } + ], "tags": [ { "name": "Asset Lookup", - "description": "All assets known to Prisma Cloud with a comprehensive Asset Service" + "description": "Asset Loopup APIs to query data from Unified Asset Inventory (UAI)" }, { "name": "Id Translations", - "description": "All assets known to Prisma Cloud with a comprehensive Asset Service" + "description": "Id Translation APIs to query data from Unified Asset Inventory (UAI)" } ], "paths": { @@ -157,11 +161,7 @@ "type": "object", "properties": { "ids": { - "maximum": 200, - "minimum": 1, "type": "array", - "format": "IdLookup", - "example": "[d49d2177f00f7ce4ab24bb86655efad4]", "items": { "maximum": 200, "minimum": 1, @@ -174,22 +174,13 @@ "description": "Request object for id translation" }, "Problem": { - "required": [ - "createdTs", - "parameters" - ], "type": "object", "properties": { - "type": { - "type": "string", - "format": "uri" - }, "title": { "type": "string" }, "status": { - "type": "integer", - "format": "int32" + "$ref": "#/components/schemas/StatusType" }, "detail": { "type": "string" @@ -198,9 +189,9 @@ "type": "string", "format": "uri" }, - "createdTs": { - "type": "integer", - "format": "int64" + "type": { + "type": "string", + "format": "uri" }, "parameters": { "type": "object", @@ -230,12 +221,12 @@ "StatusType": { "type": "object", "properties": { - "reasonPhrase": { - "type": "string" - }, "statusCode": { "type": "integer", "format": "int32" + }, + "reasonPhrase": { + "type": "string" } } }, @@ -321,12 +312,6 @@ "items": { "type": "object" } - }, - "ipAddresses": { - "type": "array", - "items": { - "type": "string" - } } } }, @@ -337,11 +322,7 @@ "type": "object", "properties": { "ids": { - "maximum": 200, - "minimum": 1, "type": "array", - "format": "String", - "example": "[rrn:xxx:xx:xx-xx-x:xxx:xxx:x-xxxx]", "items": { "maximum": 200, "minimum": 1, @@ -355,10 +336,7 @@ }, "AssetRequest": { "required": [ - "alertIds", "assetId", - "attackPathIds", - "prismaCloudFindingsOnly", "type" ], "type": "object", @@ -397,7 +375,9 @@ "vulnerabilities_group_by_type", "asset_cwp_vulns", "app_contexts", - "attributes" + "attributes", + "data_security", + "data_security_summary" ] }, "findingType": { @@ -673,37 +653,10 @@ "$ref": "#/components/schemas/AssetWrapper" }, "errors": { - "required": [ - "locations", - "message", - "path", - "pathAsString" - ], - "type": "object", - "properties": { - "message": { - "type": "string" - }, - "path": { - "type": "array", - "items": { - "type": "object" - } - }, - "locations": { - "type": "array", - "items": { - "type": "object" - } - }, - "extensions": { - "$ref": "#/components/schemas/GraphQLErrorExtensions" - }, - "pathAsString": { - "type": "string" - } - }, - "description": "Error Object." + "type": "array", + "items": { + "$ref": "#/components/schemas/GraphQLError" + } } }, "description": "Asset object" @@ -939,6 +892,39 @@ } } }, + "GraphQLError": { + "required": [ + "locations", + "message", + "path", + "pathAsString" + ], + "type": "object", + "properties": { + "message": { + "type": "string" + }, + "path": { + "type": "array", + "items": { + "type": "object" + } + }, + "locations": { + "type": "array", + "items": { + "type": "object" + } + }, + "extensions": { + "$ref": "#/components/schemas/GraphQLErrorExtensions" + }, + "pathAsString": { + "type": "string" + } + }, + "description": "Error Object." + }, "GraphQLErrorDebugInfo": { "required": [ "subquery", @@ -1138,12 +1124,6 @@ "hasExtFindingRiskFactors": { "type": "boolean" }, - "assetClassId": { - "type": "string" - }, - "assetClass": { - "type": "string" - }, "alertsCount": { "type": "array", "items": { @@ -1163,6 +1143,9 @@ "assetCategory": { "type": "string" }, + "dataSecurityServiceProviderId": { + "type": "string" + }, "problem": { "type": "array", "items": { @@ -1448,6 +1431,12 @@ }, "trueInternetExposure": { "type": "string" + }, + "dataSecurity": { + "type": "object", + "additionalProperties": { + "type": "object" + } } }, "description": "Asset Domain Service Object type." diff --git a/openapi-specs/cspm/CloudAccountOnboardingMicroServices.json b/openapi-specs/cspm/CloudAccountOnboardingMicroServices.json index 12cebfb94..d6f2405db 100644 --- a/openapi-specs/cspm/CloudAccountOnboardingMicroServices.json +++ b/openapi-specs/cspm/CloudAccountOnboardingMicroServices.json @@ -9,10 +9,18 @@ } }, "tags": [ + { + "name": "AWS Logging Accounts", + "description": "To ingest the VPC flow logs from Amazon S3 buckets to Prisma Cloud, you need an AWS logging account. If you need flow logs ingestion, after onboarding your AWS account, you must onboard the logging account which has the S3 bucket storing VPC flow logs for the monitored account. The APIs in this category can be used to configure and manage these logging accounts." + }, { "name": "Cloud Accounts (AWS)", "description": "To monitor the resources on your AWS cloud infrastructure, you must first add your AWS accounts to Prisma Cloud. When you add your cloud account to Prisma Cloud, the API integration between AWS and Prisma Cloud is established and you can begin monitoring the resources and identify potential security risks.\n\nThe Cloud Account (AWS) APIs enable you to add and manage AWS accounts on Prisma Cloud. For end to end workflow to onboarding an AWS account using APIs, see [Automate AWS Cloud Account Onboarding](/prisma-cloud/docs/cspm/aws-cloud-account-onboarding/).\n For common operations related to cloud accounts, see [Cloud Accounts (All)](/prisma-cloud/api/cspm/cloud-accounts-all/).\n" }, + { + "name": "AWS Logging Accounts", + "description": "To ingest the VPC flow logs from Amazon S3 buckets to Prisma Cloud, you need an AWS logging account. If you need flow logs ingestion, after onboarding your AWS account, you must onboard the logging account which has the S3 bucket storing VPC flow logs for the monitored account. The APIs in this category can be used to configure and manage these logging accounts." + }, { "name": "Cloud Accounts (All)", "description": "You can use the APIs in this category to perform operations that are nonspecific to cloud account types, such as listing all the cloud accounts, listing supported features, and deleting an account.\n\nFor operations that are specific to the cloud type or cloud provider, see:\n* [Cloud Accounts (AWS)](/prisma-cloud/api/cspm/cloud-accounts-aws/)\n* [Cloud Accounts (Azure)](/prisma-cloud/api/cspm/cloud-accounts-azure/) \n* [Cloud Accounts (GCP)](/prisma-cloud/api/cspm/cloud-accounts-gcp/)\n* [Cloud Accounts (OCI and Alibaba)](/prisma-cloud/api/cspm/cloud-accounts-oci-and-alibaba/)\n" @@ -96,7 +104,7 @@ } ], "requestBody": { - "$ref": "#/components/requestBodies/AwsCloudAccountRequestModel" + "$ref": "#/components/requestBodies/AwsCloudAccountRequestModel2" }, "responses": { "200": { @@ -211,7 +219,7 @@ } ], "requestBody": { - "$ref": "#/components/requestBodies/AwsCloudAccountRequestModel" + "$ref": "#/components/requestBodies/AwsCloudAccountRequestModel2" }, "responses": { "200": { @@ -428,14 +436,18 @@ "summary": "Get Cloud Account Status (AWS)", "description": "Lists status messages of the specified AWS cloud account.", "operationId": "get-aws-cloud-account-status", - "requestBody": { - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/AwsCloudAccountRequestModel" - } + "parameters": [ + { + "name": "automatedFlow", + "in": "query", + "required": false, + "schema": { + "type": "boolean" } } + ], + "requestBody": { + "$ref": "#/components/requestBodies/AwsCloudAccountRequestModel" }, "responses": { "200": { @@ -660,6 +672,14 @@ "schema": { "type": "boolean" } + }, + { + "name": "includePendingAccounts", + "in": "query", + "required": false, + "schema": { + "type": "boolean" + } } ], "responses": { @@ -1027,7 +1047,8 @@ { "x-redlock-auth": [] } - ] + ], + "x-public": "true" } }, "/cloud/name": { @@ -1212,7 +1233,7 @@ "Cloud Accounts (OCI and Alibaba)" ], "summary": "Get Cloud Account Status (OCI and Alibaba)", - "description": "Lists status messages of the specified cloud account. \r\n\r\nThis request performs a cloud account on-boarding trial run. You can use this request to validate your parameters before \n you use [Add Cloud Account](/prisma-cloud/api/cspm/add-cloud-account).\n", + "description": "Lists status messages of the specified cloud account. \\r\\n\\r\\nThis request performs a cloud account on-boarding trial run. You can use this request to validate your parameters before \\n you use [Add Cloud Account](/prisma-cloud/api/cspm/add-cloud-account).\\n", "operationId": "get-cloud-account-status", "parameters": [ { @@ -2100,155 +2121,927 @@ ], "x-public": "true" } - } - }, - "servers": [ - { - "url": "https://api.prismacloud.io" - }, - { - "url": "https://api2.prismacloud.io" - }, - { - "url": "https://api3.prismacloud.io" - }, - { - "url": "https://api4.prismacloud.io" - }, - { - "url": "https://api.anz.prismacloud.io" - }, - { - "url": "https://api.eu.prismacloud.io" - }, - { - "url": "https://api2.eu.prismacloud.io" - }, - { - "url": "https://api.gov.prismacloud.io" - }, - { - "url": "https://api.prismacloud.cn" - }, - { - "url": "https://api.ca.prismacloud.io" - }, - { - "url": "https://api.sg.prismacloud.io" - }, - { - "url": "https://api.uk.prismacloud.io" - }, - { - "url": "https://api.ind.prismacloud.io" - }, - { - "url": "https://api.jp.prismacloud.io" }, - { - "url": "https://api.fr.prismacloud.io" - } - ], - "components": { - "requestBodies": { - "LoggingAccountCFTRequest": { - "content": { - "application/json": { + "/v1/cloudAccounts/awsLoggingAccounts": { + "get": { + "tags": [ + "AWS Logging Accounts" + ], + "summary": "Get all AWS Logging Accounts", + "description": "Get the list of all the AWS Logging accounts and its details.", + "operationId": "getLoggingArchiveAccounts", + "parameters": [ + { + "name": "awsPartition", + "in": "query", + "description": "AWS Partition Name (optional)", + "required": false, "schema": { - "$ref": "#/components/schemas/LoggingAccountCFTRequest" + "type": "string" } } - }, - "description": "Logging Account CFT", - "required": true - }, - "GcpCloudAccountRequestModel": { - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/GcpCloudAccountRequestModel" + ], + "responses": { + "200": { + "description": "Successfully retrieved list of accounts", + "content": { + "application/json; charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/LoggingArchiveAccountModel" + } + } } + }, + "204": { + "description": "No logging archive accounts exists for customer" + }, + "401": { + "description": "Unauthorized Access" } }, - "description": "Cloud Account", - "required": true + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-public": "true" }, - "AzureCloudAccountRequestModel": { - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/AzureCloudAccountRequestModel" + "post": { + "tags": [ + "AWS Logging Accounts" + ], + "summary": "Add AWS Logging Account", + "description": "Add new AWS logging account.", + "operationId": "saveLoggingAccount", + "requestBody": { + "$ref": "#/components/requestBodies/LoggingArchiveAccountModel" + }, + "responses": { + "200": { + "description": "successful operation", + "content": { + "application/json; charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/LoggingArchiveAccountModel" + } + } } + }, + "201": { + "description": "Successfully created account" + }, + "400": { + "description": "Bad Request. Data validation failed." + }, + "401": { + "description": "Unauthorized Access" } }, - "description": "Cloud Account", - "required": true - }, - "BucketModel": { - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/BucketModel" - } + "security": [ + { + "x-redlock-auth": [] } - } - }, - "AwsCloudAccountRequestModel": { - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/AwsCloudAccountRequestModel" - } + ], + "x-public": "true" + } + }, + "/v1/cloudAccounts/awsLoggingAccounts/cft": { + "post": { + "tags": [ + "AWS Logging Accounts" + ], + "summary": "Generate a New CFT Template", + "description": "Dynamically generate a CFT for the AWS Logging Account.", + "operationId": "generate-log-account-cft", + "requestBody": { + "$ref": "#/components/requestBodies/LoggingAccountCFTRequest" + }, + "responses": { + "200": { + "description": "success" + }, + "400": { + "description": "bad_request" } }, - "description": "Cloud Account", - "required": true - }, - "LoggingArchiveAccountModel": { - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/LoggingArchiveAccountModel" - } + "security": [ + { + "x-redlock-auth": [] } - } - }, - "get-ancestors-for-given-members-ous-legacyBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "additionalProperties": { - "type": "object" + ], + "x-public": "true" + } + }, + "/v1/cloudAccounts/awsLoggingAccounts/permissionsStatus": { + "post": { + "tags": [ + "AWS Logging Accounts" + ], + "summary": "Get Logging Account Status", + "description": "Get the status of the AWS logging account based on filter criteria such as, ID, name, RoleRN, and bucket.", + "operationId": "checkLoggingAccountStatus", + "requestBody": { + "$ref": "#/components/requestBodies/LoggingArchiveAccountModel" + }, + "responses": { + "200": { + "description": "Successfully completed status check for logging account", + "content": { + "application/json; charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/CloudAccountStatus" + } } } + }, + "401": { + "description": "Unauthorized Access" } }, - "description": "Cloud Account JSON", - "required": true - }, - "GcpResourceControllerRequestModel": { - "content": { - "application/json": { + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-public": "true" + } + }, + "/v1/cloudAccounts/awsLoggingAccounts/{accountId}": { + "get": { + "tags": [ + "AWS Logging Accounts" + ], + "summary": "Get Logging Account By ID", + "description": "Get details of a logging account by ID.", + "operationId": "getLoggingArchiveAccount", + "parameters": [ + { + "name": "accountId", + "in": "path", + "required": true, "schema": { - "$ref": "#/components/schemas/GcpResourceControllerRequestModel" + "type": "string" } } - }, - "description": "The content of the credentials object is the Service Account Key for your Google Cloud service account", - "required": true - }, - "get-cloud-account-statusBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "additionalProperties": { - "type": "object" + ], + "responses": { + "200": { + "description": "Successfully retrieved account", + "content": { + "application/json; charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/LoggingArchiveAccountModel" + } } } - } - } + }, + "400": { + "description": "Bad Request. Data validation failed." + }, + "401": { + "description": "Unauthorized Access" + }, + "404": { + "description": "Account not found" + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-public": "true" + } + }, + "/v1/cloudAccounts/awsLoggingAccounts/{accountId}/buckets/{bucketName}": { + "delete": { + "tags": [ + "AWS Logging Accounts" + ], + "summary": "Delete an S3 bucket", + "description": "Delete an S3 bucket in a logging account.", + "operationId": "deleteBucket", + "parameters": [ + { + "name": "accountId", + "in": "path", + "description": "AWS Logging Account ID", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "bucketName", + "in": "path", + "description": "AWS S3 Bucket Name", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "successful operation", + "content": { + "application/json; charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/BucketModel" + } + } + } + }, + "204": { + "description": "Successfully deleted bucket" + }, + "400": { + "description": "Bad Request. Data validation failed." + }, + "401": { + "description": "Unauthorized Access" + }, + "404": { + "description": "Account or bucket not found." + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-public": "true" + } + }, + "/v1/cloudAccounts/awsLoggingAccounts/{accountId}/cft": { + "get": { + "tags": [ + "AWS Logging Accounts" + ], + "summary": "Regenerate CFT for an Existing Account", + "description": "Dynamically generate a CFT for an existing Log Account.", + "operationId": "generate-log-account-cft-existing", + "parameters": [ + { + "name": "accountId", + "in": "path", + "description": "Account ID", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "success" + }, + "400": { + "description": "bad_request" + }, + "404": { + "description": "Account or bucket not found." + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-public": "true" + }, + "post": { + "tags": [ + "AWS Logging Accounts" + ], + "summary": "Regenerate CFT for New RoleName", + "description": "Regenerate a new CFT for an existing logging account if roleName changes.", + "operationId": "generate-log-account-cft-role", + "parameters": [ + { + "name": "accountId", + "in": "path", + "description": "Account ID", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "$ref": "#/components/requestBodies/LoggingAccountCFTRequest" + }, + "responses": { + "200": { + "description": "success" + }, + "400": { + "description": "bad_request" + }, + "404": { + "description": "Account or bucket not found." + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-public": "true" + } + }, + "/v1/cloudAccounts/awsLoggingAccounts/{accountId}/role/{roleName}/externalId": { + "get": { + "tags": [ + "AWS Logging Accounts" + ], + "summary": "Get External ID of an Account", + "description": "Get external ID of an AWS Logging Accountby account ID and rolename.", + "operationId": "Get External ID ", + "parameters": [ + { + "name": "accountId", + "in": "path", + "description": "AWS AccountId", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "roleName", + "in": "path", + "description": "AWS Role Name", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "success", + "content": { + "application/json; charset=UTF-8": { + "schema": { + "type": "string" + } + } + } + }, + "400": { + "description": "bad_request" + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-public": "true" + } + }, + "/v1/cloudAccounts/awsLoggingAccounts/{loggingAccountId}": { + "put": { + "tags": [ + "AWS Logging Accounts" + ], + "summary": "Update Logging Account", + "description": "Update details of the logging account.", + "operationId": "updateLoggingAccount", + "parameters": [ + { + "name": "loggingAccountId", + "in": "path", + "description": "AWS Logging Account ID", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "$ref": "#/components/requestBodies/LoggingArchiveAccountModel" + }, + "responses": { + "204": { + "description": "No content" + }, + "400": { + "description": "Bad Request. Data validation failed." + }, + "401": { + "description": "Unauthorized Access" + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-public": "true" + }, + "delete": { + "tags": [ + "AWS Logging Accounts" + ], + "summary": "Delete a Logging Account by ID", + "description": "Delete an AWS logging account based on account ID.", + "operationId": "deleteLoggingAccount", + "parameters": [ + { + "name": "loggingAccountId", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "204": { + "description": "No content" + }, + "400": { + "description": "Bad Request. Data validation failed." + }, + "401": { + "description": "Unauthorized Access" + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-public": "true" + } + }, + "/v1/cloudAccounts/awsLoggingAccounts/{loggingAccountId}/buckets": { + "get": { + "tags": [ + "AWS Logging Accounts" + ], + "summary": "List S3 Bucket Names", + "description": "Get a list of all the S3 bucket names associated to a logging account.", + "operationId": "getBuckets", + "parameters": [ + { + "name": "loggingAccountId", + "in": "path", + "description": "AWS Logging Account ID", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "Successfully retrieved buckets", + "content": { + "application/json; charset=UTF-8": { + "schema": { + "type": "array", + "items": { + "type": "object" + } + } + } + } + }, + "400": { + "description": "Bad Request. Data validation failed." + }, + "401": { + "description": "Unauthorized Access" + }, + "404": { + "description": "Account not found" + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-public": "true" + }, + "post": { + "tags": [ + "AWS Logging Accounts" + ], + "summary": "Add an S3 bucket", + "description": "Add an S3 bucket to the existing logging account.", + "operationId": "saveBucket", + "parameters": [ + { + "name": "loggingAccountId", + "in": "path", + "description": "AWS Logging Account ID", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "$ref": "#/components/requestBodies/BucketModel" + }, + "responses": { + "200": { + "description": "Successfully saved bucket", + "content": { + "application/json; charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/BucketModel" + } + } + } + }, + "400": { + "description": "Bad Request. Data validation failed." + }, + "401": { + "description": "Unauthorized Access" + }, + "404": { + "description": "Account not found." + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-public": "true" + } + }, + "/v1/cloudAccounts/awsLoggingAccounts/{loggingAccountId}/buckets/{bucketName}": { + "get": { + "tags": [ + "AWS Logging Accounts" + ], + "summary": "Get all S3 Buckets", + "description": "Get the list of all S3 bucket and its details associated with a logging account.", + "operationId": "getBucketDetails", + "parameters": [ + { + "name": "loggingAccountId", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "bucketName", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "Successfully retrieved bucket", + "content": { + "application/json; charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/BucketModel" + } + } + } + }, + "401": { + "description": "Unauthorized Access" + }, + "404": { + "description": "Resource not found" + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-public": "true" + }, + "put": { + "tags": [ + "AWS Logging Accounts" + ], + "summary": "Update S3 Bucket Details", + "description": "Update details of an S3 bucket associated to a specific logging account.", + "operationId": "updateBucket", + "parameters": [ + { + "name": "loggingAccountId", + "in": "path", + "description": "AWS Logging Account ID", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "bucketName", + "in": "path", + "description": "AWS S3 Bucket Name", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "$ref": "#/components/requestBodies/BucketModel" + }, + "responses": { + "200": { + "description": "Successfully updated bucket", + "content": { + "application/json; charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/BucketModel" + } + } + } + }, + "400": { + "description": "Bad Request. Data validation failed." + }, + "401": { + "description": "Unauthorized Access" + }, + "404": { + "description": "Account or bucket not found." + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-public": "true" + } + }, + "/v1/cloudAccounts/awsLoggingAccounts/{loggingAccountId}/permissionsStatus": { + "get": { + "tags": [ + "AWS Logging Accounts" + ], + "summary": "Get Logging Account Status - GET", + "description": "Get status of a logging account based on ID.", + "operationId": "getLoggingAccountStatus", + "parameters": [ + { + "name": "loggingAccountId", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "List of logging account statuses", + "content": { + "application/json; charset=UTF-8": { + "schema": { + "type": "array", + "items": { + "type": "object" + } + } + } + } + }, + "400": { + "description": "Invalid parameter" + }, + "401": { + "description": "Unauthorized Access" + }, + "404": { + "description": "Account not found" + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-public": "true" + }, + "post": { + "tags": [ + "AWS Logging Accounts" + ], + "summary": "Get Logging Account Status - POST", + "description": "Get detailed status of a logging account based on ID, name, roleRN or bucket name. ", + "operationId": "checkLoggingAccountStatusForProvidedAccount", + "parameters": [ + { + "name": "loggingAccountId", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "$ref": "#/components/requestBodies/LoggingArchiveAccountModel" + }, + "responses": { + "200": { + "description": "Successfully completed status check for existing logging account", + "content": { + "application/json; charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/CloudAccountStatus" + } + } + } + }, + "400": { + "description": "Invalid parameter" + }, + "401": { + "description": "Unauthorized Access" + }, + "404": { + "description": "Logging Account doesn't exist" + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-public": "true" + } + } + }, + "servers": [ + { + "url": "https://api.prismacloud.io" + }, + { + "url": "https://api2.prismacloud.io" + }, + { + "url": "https://api3.prismacloud.io" + }, + { + "url": "https://api4.prismacloud.io" + }, + { + "url": "https://api.anz.prismacloud.io" + }, + { + "url": "https://api.eu.prismacloud.io" + }, + { + "url": "https://api2.eu.prismacloud.io" + }, + { + "url": "https://api.gov.prismacloud.io" + }, + { + "url": "https://api.prismacloud.cn" + }, + { + "url": "https://api.ca.prismacloud.io" + }, + { + "url": "https://api.sg.prismacloud.io" + }, + { + "url": "https://api.uk.prismacloud.io" + }, + { + "url": "https://api.ind.prismacloud.io" + }, + { + "url": "https://api.jp.prismacloud.io" + }, + { + "url": "https://api.fr.prismacloud.io" + } + ], + "components": { + "requestBodies": { + "LoggingAccountCFTRequest": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/LoggingAccountCFTRequest" + } + } + }, + "description": "Logging Account CFT", + "required": true + }, + "GcpCloudAccountRequestModel": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/GcpCloudAccountRequestModel" + } + } + }, + "description": "Cloud Account", + "required": true + }, + "AwsCloudAccountRequestModel": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/AwsCloudAccountRequestModel" + } + } + } + }, + "AzureCloudAccountRequestModel": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/AzureCloudAccountRequestModel" + } + } + }, + "description": "Cloud Account", + "required": true + }, + "BucketModel": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/BucketModel" + } + } + } + }, + "AwsCloudAccountRequestModel2": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/AwsCloudAccountRequestModel" + } + } + }, + "description": "Cloud Account", + "required": true + }, + "LoggingArchiveAccountModel": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/LoggingArchiveAccountModel" + } + } + } + }, + "get-ancestors-for-given-members-ous-legacyBody": { + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": { + "type": "object" + } + } + } + }, + "description": "Cloud Account JSON", + "required": true + }, + "GcpResourceControllerRequestModel": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/GcpResourceControllerRequestModel" + } + } + }, + "description": "The content of the credentials object is the Service Account Key for your Google Cloud service account", + "required": true + }, + "get-cloud-account-statusBody": { + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": { + "type": "object" + } + } + } + } }, "add-cloud-accountBody": { "content": { @@ -2498,7 +3291,7 @@ "type": "array", "description": "*Applicable only for accountType: **organization**.*\n\n Include/Exclude a list of AWS Organization Units (OU), AWS accounts, and AWS Organizations to onboard under this organization.", "items": { - "$ref": "#/components/schemas/HierarchySelection" + "$ref": "#/components/schemas/AwsHierarchySelectionModel" } }, "customMemberRoleNameEnabled": { @@ -2594,6 +3387,35 @@ } ] }, + "AwsHierarchySelectionModel": { + "type": "object", + "properties": { + "resourceId": { + "type": "string", + "example": "root", + "description": "To get the list of resource IDs and its details, Refer [List Children of Parent (AWS)](/prisma-cloud/api/cspm/get-list-of-children-under-parent-aws/) " + }, + "displayName": { + "type": "string", + "example": "Root", + "description": "To get the display name of resource, Refer [List Children of Parent (AWS)](/prisma-cloud/api/cspm/get-list-of-children-under-parent-aws/)" + }, + "nodeType": { + "type": "string", + "description": "Member account node type. Supported values are ORG, OU or ACCOUNT" + }, + "selectionType": { + "type": "string", + "description": "Organization Member accounts Selection type. \n\n**ALL**: Include the resource and all its children \n\n**INCLUDE**: Include the specified resource\n\n**EXCLUDE**: Exclude the specified resource", + "enum": [ + "ALL", + "INCLUDE", + "EXCLUDE" + ] + } + }, + "description": "Model for HierarchySelection for Aws" + }, "AwsListChildrenApiResponseModel": { "type": "object", "properties": { @@ -2885,7 +3707,7 @@ "type": "array", "description": "*Required only for accountType: **tenant**.*\n\n Include or Exclude a list of Azure Management Groups and Azure Subscriptions to onboard under this Tenant.", "items": { - "$ref": "#/components/schemas/HierarchySelection" + "$ref": "#/components/schemas/AzureHierarchySelectionModel" } }, "rootSyncEnabled": { @@ -2970,6 +3792,35 @@ }, "description": "Model for AzureNode in the Tenant Hierarchy" }, + "AzureHierarchySelectionModel": { + "type": "object", + "properties": { + "resourceId": { + "type": "string", + "example": "root", + "description": "To get the list of resource IDs and its details, Refer [List Children of Parent (Azure)](/prisma-cloud/api/cspm/list-children-under-parent/) " + }, + "displayName": { + "type": "string", + "example": "Root", + "description": "To get the display name of resource, Refer [List Children of Parent (Azure)](/prisma-cloud/api/cspm/list-children-under-parent/)" + }, + "nodeType": { + "type": "string", + "description": "Member account node type. Supported values are SUBSCRIPTION, MANAGEMENT_GROUP, or TENANT" + }, + "selectionType": { + "type": "string", + "description": "Organization Member accounts Selection type. \n\n**ALL**: Include the resource and all its children \n\n**INCLUDE**: Include the specified resource\n\n**EXCLUDE**: Exclude the specified resource", + "enum": [ + "ALL", + "INCLUDE", + "EXCLUDE" + ] + } + }, + "description": "Model for HierarchySelection for Azure" + }, "AzureListChildrenRequestModel": { "type": "object", "required": [ @@ -3261,15 +4112,6 @@ "autoConsent": { "type": "string" }, - "associatedAccountGroupsCount": { - "type": "integer", - "format": "int32", - "description": "Associated Account Groups Count with this cloud account" - }, - "storageUUID": { - "type": "string", - "description": "Storage UUID" - }, "cloudAccountOwner": { "type": "string", "description": "Cloud account owner" @@ -3280,8 +4122,9 @@ "description": "Cloud account owner count", "readOnly": true }, - "parentAccountId": { - "type": "string" + "storageUUID": { + "type": "string", + "description": "Storage UUID" }, "features": { "type": "array", @@ -3299,6 +4142,14 @@ "type": "boolean", "description": "Enabled" }, + "associatedAccountGroupsCount": { + "type": "integer", + "format": "int32", + "description": "Associated Account Groups Count with this cloud account" + }, + "parentAccountId": { + "type": "string" + }, "accountId": { "type": "string", "description": "Account ID" @@ -3559,6 +4410,27 @@ }, "description": "The content of the credentials object is the Service Account Key for your Google Cloud service account" }, + "CustomTimeRangeConfigModel": { + "allOf": [ + { + "$ref": "#/components/schemas/TimeRangeConfigModel" + }, + { + "type": "object", + "required": [ + "value" + ], + "properties": { + "value": { + "type": "integer", + "format": "int64", + "description": "Time range object" + } + }, + "description": "Model for CustomTimeRangeConfig" + } + ] + }, "Feature": { "type": "object", "properties": { @@ -3848,7 +4720,7 @@ "type": "array", "description": "Applicable only if `accountType` is **organization**. \n\nInclude/Exclude a list of GCP folders, GCP projects under the organization.", "items": { - "$ref": "#/components/schemas/HierarchySelection" + "$ref": "#/components/schemas/GcpHierarchySelectionModel" } }, "organizationName": { @@ -3931,6 +4803,35 @@ } ] }, + "GcpHierarchySelectionModel": { + "type": "object", + "properties": { + "resourceId": { + "type": "string", + "example": "root", + "description": "To get the list of resource IDs and its details, Refer [List Children of Parent (GCP)](/prisma-cloud/api/cspm/get-list-of-children-under-parent/) " + }, + "displayName": { + "type": "string", + "example": "Root", + "description": "To get the display name of resource, Refer [List Children of Parent (GCP)](/prisma-cloud/api/cspm/get-list-of-children-under-parent/). Display name is the organization name if `nodeType` is **ORG**" + }, + "nodeType": { + "type": "string", + "description": "Member account node type. Supported values are ORG, FOLDER, or PROJECT" + }, + "selectionType": { + "type": "string", + "description": "Organization Member accounts Selection type. \n\n**ALL**: Include the resource and all its children \n\n**INCLUDE**: Include the specified resource\n\n**EXCLUDE**: Exclude the specified resource", + "enum": [ + "ALL", + "INCLUDE", + "EXCLUDE" + ] + } + }, + "description": "Model for HierarchySelection for GCP" + }, "GcpNodeModel": { "type": "object", "properties": { diff --git a/openapi-specs/cspm/UVEDashboardMicroService.json b/openapi-specs/cspm/UVEDashboardMicroService.json index cc4f760ec..838eae1f0 100644 --- a/openapi-specs/cspm/UVEDashboardMicroService.json +++ b/openapi-specs/cspm/UVEDashboardMicroService.json @@ -1,73 +1,48 @@ { "openapi": "3.0.0", "info": { - "title": "Vulnerability Dashboard API", - "version": "1.0.0" + "description": "UVE Dashboard Widgets", + "version": "1.0", + "title": "UVE Doc" }, "tags": [ { "name": "Vulnerabilities Dashboard", - "description": "Vulnerabilities Dashboard(UVE) gives you a holistic graphical view of all the vulnerabilities across your Code to Cloud environment. The APIs in this section helps you to get the details that are displayed in the Vulnerabilities Dashboard widget based on various filters. You can asses the vulnerabilities and create request to remediate or mitigate the vulnerability. For more information about the Vulnerabilities Dashboard, see [Vulnerabilities Dashboard](https://docs.prismacloud.io/en/enterprise-edition/content-collections/dashboards/dashboards-vulnerabilities). \n>**Note:** You need specific access permission to use the endpoints in this category. For details on the required permissions, see the respective endpoint description. " + "description": "UVE Dashboard Widgets" } ], "paths": { - "/uve/api/v1/dashboard/vulnerabilities/overview": { - "get": { - "deprecated": true, - "summary": "Get Vulnerability Overview", - "description": "Returns a summary of the total vulnerabilities in your environment which is further divided into Vulnerabilities by Asset and Vulnerabilities that have already been remediated.\n:::info\n **Replacement  Endpoint: [Get Vulnerability Overview V3](/prisma-cloud/api/cspm/vulnerability-dashboard-overview-v-3/)**\n:::\n\n \n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "/trace/api/v1/asset": { + "post": { "tags": [ "Vulnerabilities Dashboard" ], - "operationId": "vulnerability-dashboard-overview", - "parameters": [ - { - "name": "asset_type", - "in": "query", - "required": true, - "description": "Type of Asset", - "schema": { - "type": "string", - "enum": [ - "iac", - "package", - "deployedImage", - "serverlessFunction", - "host", - "registryImage", - "vmImage" - ] - } - }, - { - "name": "life_cycle", - "in": "query", - "description": "Life Cycle stage", - "required": true, - "schema": { - "type": "string", - "enum": [ - "code", - "build", - "deploy", - "run" - ] + "summary": "Get C2C Trace Asset Graph", + "description": "Returns the relation between the assets from code to cloud stages\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "c2c-trace-api", + "parameters": [], + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/CBDRAssetTraceRequest" + } } } - ], + }, "responses": { "200": { - "description": "Successful response", + "description": "Success", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/OverviewWidget" + "$ref": "#/components/schemas/AssetTraceGraphView" } } } }, "400": { - "description": "Bad Request", + "description": "Bad request", "content": { "application/json": { "schema": { @@ -87,7 +62,7 @@ } }, "403": { - "description": "Forbidden", + "description": "User doesn't have required role", "content": { "application/json": { "schema": { @@ -97,7 +72,7 @@ } }, "429": { - "description": "Too Many Requests", + "description": "Rate Limit Exceeded", "content": { "application/json": { "schema": { @@ -107,37 +82,107 @@ } } }, - "x-public": "true", - "x-ga": "24.1.1", "security": [ { "x-redlock-auth": [] } - ] + ], + "x-public": "true" } }, - "/uve/api/v2/dashboard/vulnerabilities/overview": { + "/uve/api/v1/cve-overview": { "get": { - "deprecated": true, - "summary": "Get Vulnerability Overview V2", - "description": "Returns a summary of the total runtime vulnerabilities in your environment which is further divided into runtime Vulnerabilities by Asset and Vulnerabilities that have already been remediated.\n:::info\n **Replacement  Endpoint: [Get Vulnerability Overview V3](/prisma-cloud/api/cspm/vulnerability-dashboard-overview-v-3/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", "tags": [ "Vulnerabilities Dashboard" ], - "operationId": "vulnerability-dashboard-overview-v2", + "summary": "Get Cve Overview V2", + "description": "Get the detailed information for a given cve. This endpoint returns additional information, such as EPSS details, CVSS details, exploit details, and environment factors, compared to the [Get CVE Overview](https://pan.dev/prisma-cloud/api/cspm/cve-overview/) endpoint. \n:::info\n **Replacement Endpoint: [Get CVE Overview - POST](/prisma-cloud/api/cspm/cve-overview-v-3/)**\n:::\n\n", + "operationId": "cve-overview-v-2", + "parameters": [ + { + "name": "cve_id", + "in": "query", + "description": "CVE ID", + "required": true, + "example": "CVE-2021-44288", + "schema": { + "type": "string" + } + }, + { + "name": "asset_type", + "in": "query", + "description": "Asset Type", + "required": false, + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "package", + "iac", + "deployedImage", + "vmImage", + "registryImage", + "host", + "serverlessFunction" + ] + } + } + }, + { + "name": "life_cycle", + "in": "query", + "description": "Life Cycle", + "required": false, + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "code", + "build", + "deploy", + "run" + ] + } + } + }, + { + "name": "severities", + "in": "query", + "description": "Severity", + "required": false, + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "critical", + "medium", + "high", + "low" + ] + } + } + } + ], "responses": { "200": { - "description": "Successful response", + "description": "Success", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/OverviewWidgetV2" + "$ref": "#/components/schemas/CveOverviewV2" } } } }, "400": { - "description": "Bad Request", + "description": "Bad request", "content": { "application/json": { "schema": { @@ -157,7 +202,7 @@ } }, "403": { - "description": "Forbidden", + "description": "User doesn't have required role", "content": { "application/json": { "schema": { @@ -167,7 +212,7 @@ } }, "429": { - "description": "Too Many Requests", + "description": "Rate Limit Exceeded", "content": { "application/json": { "schema": { @@ -177,86 +222,108 @@ } } }, - "x-public": "true", - "x-ga": "24.2.1", "security": [ { "x-redlock-auth": [] } - ] + ], + "deprecated": true, + "x-public": "true" } }, - "/uve/api/v3/dashboard/vulnerabilities/overview": { + "/uve/api/v1/dashboard/vulnerabilities/cve-overview": { "get": { - "summary": "Get Vulnerability Overview V3", - "description": "Returns a summary of the total unique vulnerabilities, the count of vulnerabilities, and the count of remediated vulnerabilities, including a breakdown by severity for each category. The percentage reflects the change between the current data and the data from seven days prior. \n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", "tags": [ "Vulnerabilities Dashboard" ], - "operationId": "vulnerability-dashboard-overview-v3", + "summary": "Get Cve Overview", + "description": "Get the overview of the CVE with its CVSS score, the impacted stages, severity, risk factors, the package name, and the distributions affected by this CVE. \n:::info\n **Replacement Endpoint: [Get CVE Overview - POST](/prisma-cloud/api/cspm/cve-overview-v-3/)**\n:::\n\n", + "operationId": "cve-overview", "parameters": [ + { + "name": "cve_id", + "in": "query", + "description": "CVE ID", + "required": true, + "example": "CVE-2021-44288", + "schema": { + "type": "string" + } + }, { "name": "asset_type", "in": "query", + "description": "Asset Type", "required": false, - "description": "Type of Asset", + "explode": true, "schema": { - "type": "string", - "enum": [ - "iac", - "package", - "deployedImage", - "serverlessFunction", - "host", - "registryImage", - "vmImage" - ] + "type": "array", + "items": { + "type": "string", + "enum": [ + "package", + "iac", + "deployedImage", + "vmImage", + "registryImage", + "host", + "serverlessFunction" + ] + } } }, { "name": "life_cycle", "in": "query", - "description": "Life Cycle stage", + "description": "Life Cycle", "required": false, + "explode": true, "schema": { - "type": "string", - "enum": [ - "code", - "build", - "deploy", - "run" - ] + "type": "array", + "items": { + "type": "string", + "enum": [ + "code", + "build", + "deploy", + "run" + ] + } } }, { "name": "severities", "in": "query", + "description": "Severity", "required": false, + "explode": true, "schema": { - "type": "string", - "enum": [ - "low", - "medium", - "high", - "critical" - ] - }, - "description": "Severity" + "type": "array", + "items": { + "type": "string", + "enum": [ + "critical", + "medium", + "high", + "low" + ] + } + } } ], "responses": { "200": { - "description": "Successful response", + "description": "Success", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/OverviewWidgetV3" + "$ref": "#/components/schemas/CveOverview" } } } }, "400": { - "description": "Bad Request", + "description": "Bad request", "content": { "application/json": { "schema": { @@ -276,7 +343,7 @@ } }, "403": { - "description": "Forbidden", + "description": "User doesn't have required role", "content": { "application/json": { "schema": { @@ -286,7 +353,7 @@ } }, "429": { - "description": "Too Many Requests", + "description": "Rate Limit Exceeded", "content": { "application/json": { "schema": { @@ -296,71 +363,98 @@ } } }, - "x-public": "true", "security": [ { "x-redlock-auth": [] } - ] + ], + "deprecated": true, + "x-public": "true" } }, - "/uve/api/v1/dashboard/vulnerabilities/prioritised": { + "/uve/api/v1/dashboard/vulnerabilities/impact-stage": { "get": { - "deprecated": true, - "summary": "Get Prioritized Vulnerabilities", - "description": "Returns the top-priority vulnerabilities which are aggregated based on the most urgent, exploitable, patchable, and vulnerable packages in use. \n:::info\n **Replacement  Endpoint: [Get Prioritized Vulnerabilities V4](/prisma-cloud/api/cspm/prioritised-vulnerability-v-4/)**\n:::\n\n \n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", "tags": [ "Vulnerabilities Dashboard" ], - "operationId": "prioritised-vulnerability", + "summary": "Get Vulnerability Impact by Stage", + "description": "Returns a summary of vulnerability across app stages of your application lifecycle. \n:::info\n **Replacement Endpoint: [Get Vulnerability Impact by Stage - POST](/prisma-cloud/api/cspm/vulnerability-impact-by-stage-v-2/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "vulnerability-impact-by-stage", "parameters": [ { "name": "asset_type", - "description": "Type of Asset", "in": "query", - "required": true, + "description": "Asset Type", + "required": false, + "explode": true, "schema": { - "type": "string", - "enum": [ - "iac", - "package", - "deployedImage", - "serverlessFunction", - "host", - "registryImage", - "vmImage" - ] + "type": "array", + "items": { + "type": "string", + "enum": [ + "package", + "iac", + "deployedImage", + "vmImage", + "registryImage", + "host", + "serverlessFunction" + ] + } } }, { "name": "life_cycle", - "description": "Life Cycle stage", "in": "query", - "required": true, + "description": "Life Cycle", + "required": false, + "explode": true, "schema": { - "type": "string", - "enum": [ - "code", - "build", - "deploy", - "run" - ] + "type": "array", + "items": { + "type": "string", + "enum": [ + "code", + "build", + "deploy", + "run" + ] + } + } + }, + { + "name": "severities", + "in": "query", + "description": "Severity", + "required": false, + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "critical", + "medium", + "high", + "low" + ] + } } } ], "responses": { "200": { - "description": "Successful response", + "description": "Success", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/PrioritizedVulnerabilities" + "$ref": "#/components/schemas/ImpactByStageResponse" } } } }, "400": { - "description": "Bad Request", + "description": "Bad request", "content": { "application/json": { "schema": { @@ -380,7 +474,7 @@ } }, "403": { - "description": "Forbidden", + "description": "User doesn't have required role", "content": { "application/json": { "schema": { @@ -390,7 +484,7 @@ } }, "429": { - "description": "Too Many Requests", + "description": "Rate Limit Exceeded", "content": { "application/json": { "schema": { @@ -400,72 +494,89 @@ } } }, - "x-public": "true", - "x-ga": "24.1.1", "security": [ { "x-redlock-auth": [] } - ] + ], + "deprecated": true, + "x-public": "true" } }, - "/uve/api/v2/dashboard/vulnerabilities/prioritised": { + "/uve/api/v1/dashboard/vulnerabilities/overview": { "get": { - "deprecated": true, - "summary": "Get Prioritized Vulnerabilities V2", - "description": "Returns the top-priority unique vulnerabilities which are aggregated based on the most urgent, exploitable, patchable, and vulnerable packages in use along with the number of assets they occur in.\n:::info\n **Replacement  Endpoint: [Get Prioritized Vulnerabilities V4](/prisma-cloud/api/cspm/prioritised-vulnerability-v-4/)**\n:::\n\n \n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", "tags": [ "Vulnerabilities Dashboard" ], - "operationId": "prioritised-vulnerability-v2", + "summary": "Get Vulnerability Overview", + "description": "Returns a summary of the total vulnerabilities in your environment which is further divided into Vulnerabilities by Asset and Vulnerabilities that have already been remediated. \n:::info\n **Replacement Endpoint: [Get CVE Overview - POST](/prisma-cloud/api/cspm/vulnerability-dashboard-overview-v-4/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "vulnerability-dashboard-overview", "parameters": [ { "name": "asset_type", - "description": "Type of Asset", "in": "query", - "required": true, + "description": "Asset Type", + "required": false, + "explode": true, "schema": { - "type": "string", - "enum": [ - "iac", - "package", - "deployedImage", - "serverlessFunction", - "host", - "registryImage", - "vmImage" - ] + "type": "array", + "items": { + "type": "string", + "enum": [ + "package", + "iac", + "deployedImage", + "vmImage", + "registryImage", + "host", + "serverlessFunction" + ] + } } }, { "name": "life_cycle", - "description": "Life Cycle stage", "in": "query", - "required": true, + "description": "Life Cycle", + "required": false, + "explode": true, "schema": { - "type": "string", - "enum": [ - "code", - "build", - "deploy", - "run" - ] + "type": "array", + "items": { + "type": "string", + "enum": [ + "code", + "build", + "deploy", + "run" + ] + } + } + }, + { + "name": "risk_factors", + "in": "query", + "description": "Risk Factors", + "required": false, + "example": "Critical severity, Package in use", + "schema": { + "type": "ref" } } ], "responses": { "200": { - "description": "Successful response", + "description": "Success", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/PrioritizedVulnerabilitiesV2" + "$ref": "#/components/schemas/OverviewWidget" } } } }, "400": { - "description": "Bad Request", + "description": "Bad request", "content": { "application/json": { "schema": { @@ -485,7 +596,7 @@ } }, "403": { - "description": "Forbidden", + "description": "User doesn't have required role", "content": { "application/json": { "schema": { @@ -495,7 +606,7 @@ } }, "429": { - "description": "Too Many Requests", + "description": "Rate Limit Exceeded", "content": { "application/json": { "schema": { @@ -505,72 +616,80 @@ } } }, - "x-public": "true", - "x-ga": "24.1.2", "security": [ { "x-redlock-auth": [] } - ] + ], + "deprecated": true, + "x-public": "true" } }, - "/uve/api/v3/dashboard/vulnerabilities/prioritised": { + "/uve/api/v1/dashboard/vulnerabilities/prioritised": { "get": { - "deprecated": true, - "summary": "Get Prioritized Vulnerabilities V3", - "description": "Returns the top-priority unique vulnerabilities which are aggregated based on the most urgent, exploitable, patchable, and vulnerable packages in use along with the number of assets they occur in.\n This endpoint also returns vulnerabilities based on internet exposure, in addition to those from [Get Prioritized Vulnerabilities V2](https://pan.dev/prisma-cloud/api/cspm/prioritised-vulnerability-v-2/). \n:::info\n **Replacement  Endpoint: [Get Prioritized Vulnerabilities V4](/prisma-cloud/api/cspm/prioritised-vulnerability-v-4/)**\n:::\n\n \n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled. ", "tags": [ "Vulnerabilities Dashboard" ], - "operationId": "prioritised-vulnerability-v3", + "summary": "Get Prioritized Vulnerabilities V1", + "description": "Returns the count of top-priority vulnerabilities which are aggregated based on the most urgent, exploitable, patchable, and vulnerable packages in use. \n:::info\n **Replacement Endpoint: [Get Prioritized Vulnerabilities - POST](/prisma-cloud/api/cspm/prioritised-vulnerability-v-5/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "prioritised-vulnerability", "parameters": [ { "name": "asset_type", - "description": "Type of Asset", "in": "query", - "required": true, + "description": "Asset Type", + "required": false, + "example": "packages,serverless", + "explode": true, "schema": { - "type": "string", - "enum": [ - "iac", - "package", - "deployedImage", - "serverlessFunction", - "host", - "registryImage", - "vmImage" - ] + "type": "array", + "items": { + "type": "string" + } } }, { "name": "life_cycle", - "description": "Life Cycle stage", "in": "query", - "required": true, + "description": "Life Cycle", + "required": false, + "example": "code,build,deploy,run", + "explode": true, "schema": { - "type": "string", - "enum": [ - "code", - "build", - "deploy", - "run" - ] + "type": "array", + "items": { + "type": "string" + } + } + }, + { + "name": "risk_factors", + "in": "query", + "description": "Risk Factors", + "required": false, + "example": "Critical severity, Package in use", + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string" + } } } ], "responses": { "200": { - "description": "Successful response", + "description": "Success", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/PrioritizedVulnerabilitiesV3" + "$ref": "#/components/schemas/PrioritizedVulnerabilities" } } } }, "400": { - "description": "Bad Request", + "description": "Bad request", "content": { "application/json": { "schema": { @@ -590,7 +709,7 @@ } }, "403": { - "description": "Forbidden", + "description": "User doesn't have required role", "content": { "application/json": { "schema": { @@ -600,7 +719,7 @@ } }, "429": { - "description": "Too Many Requests", + "description": "Rate Limit Exceeded", "content": { "application/json": { "schema": { @@ -610,70 +729,64 @@ } } }, - "x-public": "true", "security": [ { "x-redlock-auth": [] } - ] + ], + "deprecated": true, + "x-public": "true" } }, - "/uve/api/v4/dashboard/vulnerabilities/prioritised": { + "/uve/api/v1/dashboard/vulnerabilities/prioritised-vuln": { "get": { - "summary": "Get Prioritized Vulnerabilities V4", - "description": "Returns the top-priority vulnerabilities which are aggregated based on the most urgent, exploitable, patchable, and vulnerable packages in use along with the number of assets they occur in. \n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled. ", "tags": [ "Vulnerabilities Dashboard" ], - "operationId": "prioritised-vulnerability-v4", + "summary": "Get Top Impacting Vulnerabilities", + "description": "Returns the CVEs of top critical vulnerabilities in your environment based on the risk score. Each CVE includes risk factors, severity, CVSS, risk factors, and assets impacted.\n:::info\n **Replacement Endpoint: [Get Top Impacting Vulnerabilities - POST](/prisma-cloud/api/cspm/top-prioritised-vulnerability-v-3/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "top-prioritised-vulnerability", "parameters": [ { - "name": "asset_type", - "description": "Type of Asset", + "name": "life_cycle", "in": "query", + "description": "Life Cycle", "required": true, + "example": "code,build,deploy,run", + "explode": true, "schema": { - "type": "string", - "enum": [ - "iac", - "package", - "deployedImage", - "serverlessFunction", - "host", - "registryImage", - "vmImage" - ] + "type": "array", + "items": { + "type": "string" + } } }, { - "name": "life_cycle", - "description": "Life Cycle stage", + "name": "topN", "in": "query", - "required": true, + "description": "TopN", + "required": false, + "example": 5, "schema": { - "type": "string", - "enum": [ - "code", - "build", - "deploy", - "run" - ] + "type": "integer", + "format": "int32", + "default": 5 } } ], "responses": { "200": { - "description": "Successful response", + "description": "Success", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/PrioritizedVulnerabilitiesV3" + "$ref": "#/components/schemas/TopPrioritizedVulnerabilities" } } } }, "400": { - "description": "Bad Request", + "description": "Bad request", "content": { "application/json": { "schema": { @@ -693,7 +806,7 @@ } }, "403": { - "description": "Forbidden", + "description": "User doesn't have required role", "content": { "application/json": { "schema": { @@ -703,7 +816,7 @@ } }, "429": { - "description": "Too Many Requests", + "description": "Rate Limit Exceeded", "content": { "application/json": { "schema": { @@ -713,85 +826,39 @@ } } }, - "x-public": "true", "security": [ { "x-redlock-auth": [] } - ] + ], + "deprecated": true, + "x-public": "true" } }, - "/uve/api/v1/dashboard/vulnerabilities/impact-stage": { - "get": { - "summary": "Get Vulnerability Impact by Stage", - "description": "Returns a summary of vulnerability across app stages of your application lifecycle.\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "/uve/api/v1/dashboard/vulnerabilities/vuln-assets": { + "post": { "tags": [ "Vulnerabilities Dashboard" ], - "operationId": "vulnerability-impact-by-stage", - "parameters": [ - { - "name": "asset_type", - "description": "Type of Asset", - "in": "query", - "required": true, - "schema": { - "type": "string", - "enum": [ - "iac", - "package", - "deployedImage", - "serverlessFunction", - "host", - "registryImage", - "vmImage" - ] - } - }, - { - "name": "life_cycle", - "description": "Life Cycle stage", - "in": "query", - "required": true, - "schema": { - "type": "string", - "enum": [ - "code", - "build", - "deploy", - "run" - ] - } - }, - { - "name": "severities", - "in": "query", - "required": true, - "schema": { - "type": "string", - "enum": [ - "low", - "medium", - "high", - "critical" - ] - }, - "description": "Severity" - } - ], + "summary": "Get Vulnerable Assets by CVE", + "description": "Get the list of all the assets affected by the CVE. \n:::info\n **Replacement Endpoint: [Get Vulnerable Assets by CVE V2](/prisma-cloud/api/cspm/list-vulnerable-assets-cve-v-2/)**\n:::\n\n", + "operationId": "list-vulnerable-assets-cve", + "requestBody": { + "$ref": "#/components/requestBodies/AssetsSearchRequest" + }, "responses": { "200": { - "description": "Successful response", + "description": "Success", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/ImpactByStageResponse" + "$ref": "#/components/schemas/VulnAssetsSidecarResponse" } } } }, "400": { - "description": "Bad Request", + "description": "Bad request", "content": { "application/json": { "schema": { @@ -811,7 +878,7 @@ } }, "403": { - "description": "Forbidden", + "description": "User doesn't have required role", "content": { "application/json": { "schema": { @@ -821,7 +888,7 @@ } }, "429": { - "description": "Too Many Requests", + "description": "Rate Limit Exceeded", "content": { "application/json": { "schema": { @@ -831,165 +898,98 @@ } } }, - "x-public": "true", - "x-ga": "24.1.1", "security": [ { "x-redlock-auth": [] } - ] + ], + "deprecated": true, + "x-public": "true" } }, - "/uve/api/v1/dashboard/vulnerabilities/prioritised-vuln": { + "/uve/api/v1/dashboard/vulnerabilities/vulnerableAsset": { "get": { - "deprecated": true, - "summary": "Get Top Impacting Vulnerabilities", - "description": "Returns the CVEs of top critical vulnerabilities in your environment based on the risk score. Each CVE includes risk factors, severity, CVSS, risk factors, and assets impacted.\n:::info\n **Replacement  Endpoint: [Get Top Impacting Vulnerabilities V2](/prisma-cloud/api/cspm/top-prioritised-vulnerability-v-2/)**\n:::\n\n \n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", "tags": [ "Vulnerabilities Dashboard" ], - "operationId": "top-prioritised-vulnerability", + "summary": "Get Vulnerable Assets", + "description": "Returns a summary of vulnerable assets and detailed vulnerability statistics, including the total number of vulnerabilities by severity, registry count, package count, repository count, and more, across different stages of your application lifecycle.\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "vulnerable-assets", "parameters": [ { - "name": "life_cycle", - "description": "Life Cycle stage", - "in": "query", - "required": true, - "schema": { - "type": "string", - "enum": [ - "code", - "build", - "deploy", - "run" - ] - } - }, - { - "name": "top", + "name": "asset_type", "in": "query", - "required": true, + "description": "Asset Type", + "required": false, + "explode": true, "schema": { - "type": "integer", - "enum": [ - 5, - 10 - ] - }, - "description": "Number of results to be returned" - } - ], - "responses": { - "200": { - "description": "Successful response", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/TopPrioritizedVulnerabilities" - } - } - } - }, - "400": { - "description": "Bad Request", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/ApiErrorResponse" - } - } - } - }, - "401": { - "description": "Unauthorized", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/ApiErrorResponse" - } - } - } - }, - "403": { - "description": "Forbidden", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/ApiErrorResponse" - } + "type": "array", + "items": { + "type": "string", + "enum": [ + "package", + "iac", + "deployedImage", + "vmImage", + "registryImage", + "host", + "serverlessFunction" + ] } } }, - "429": { - "description": "Too Many Requests", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/ApiErrorResponse" - } - } - } - } - }, - "x-public": "true", - "security": [ - { - "x-redlock-auth": [] - } - ] - } - }, - "/uve/api/v2/dashboard/vulnerabilities/prioritised-vuln": { - "get": { - "summary": "Get Top Impacting Vulnerabilities V2", - "description": "Returns the CVEs of top critical vulnerabilities in your environment based on the risk score. Each CVE includes risk factors, epssScore, severity, CVSS, risk factors, and assets impacted.\n This endpoint returns the epss score details in addition to those from [Get Top Impacting Vulnerabilities](https://pan.dev/prisma-cloud/api/cspm/top-prioritised-vulnerability/). \n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", - "tags": [ - "Vulnerabilities Dashboard" - ], - "operationId": "top-prioritised-vulnerability-v2", - "parameters": [ { "name": "life_cycle", - "description": "Life Cycle stage", "in": "query", - "required": true, + "description": "Life Cycle", + "required": false, + "explode": true, "schema": { - "type": "string", - "enum": [ - "code", - "build", - "deploy", - "run" - ] + "type": "array", + "items": { + "type": "string", + "enum": [ + "code", + "build", + "deploy", + "run" + ] + } } }, { - "name": "top", + "name": "severities", "in": "query", - "required": true, + "description": "Severity", + "required": false, + "explode": true, "schema": { - "type": "integer", - "enum": [ - 5, - 10 - ] - }, - "description": "Number of results to be returned" + "type": "array", + "items": { + "type": "string", + "enum": [ + "critical", + "medium", + "high", + "low" + ] + } + } } ], "responses": { "200": { - "description": "Successful response", + "description": "Success", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/TopPrioritizedVulnerabilitiesV2" + "$ref": "#/components/schemas/VulnerableAsset" } } } }, "400": { - "description": "Bad Request", + "description": "Bad request", "content": { "application/json": { "schema": { @@ -1009,7 +1009,7 @@ } }, "403": { - "description": "Forbidden", + "description": "User doesn't have required role", "content": { "application/json": { "schema": { @@ -1019,7 +1019,7 @@ } }, "429": { - "description": "Too Many Requests", + "description": "Rate Limit Exceeded", "content": { "application/json": { "schema": { @@ -1029,48 +1029,39 @@ } } }, - "x-public": "true", "security": [ { "x-redlock-auth": [] } - ] + ], + "deprecated": true, + "x-public": "true" } }, - "/uve/api/v1/dashboard/vulnerabilities/cve-overview": { - "get": { - "deprecated": true, - "summary": "Get CVE Overview", - "description": "Get the overview of the CVE with its CVSS score, the impacted stages, severity, risk factors, the package name, and the distributions affected by this CVE.\n:::info\n **Replacement  Endpoint: [Get CVE Overview V2](/prisma-cloud/api/cspm/cve-overview-v-2/)**\n:::\n\n", + "/uve/api/v1/vuln-assets": { + "post": { "tags": [ "Vulnerabilities Dashboard" ], - "operationId": "cve-overview", - "parameters": [ - { - "name": "cve_id", - "in": "query", - "required": true, - "schema": { - "type": "string", - "example": "CVE-2021-44288" - }, - "description": "CVE ID" - } - ], + "summary": "Get Vulnerable Assets by CVE V2", + "description": "Get the list of all the assets affected by the CVE. This API supports the account group and account Id filters in addition to the filters we have in the [Get Vulnerable Assets by CVE](https://pan.dev/prisma-cloud/api/cspm/list-vulnerable-assets-cve/) endpoint.", + "operationId": "list-vulnerable-assets-cve-v-2", + "requestBody": { + "$ref": "#/components/requestBodies/AssetsSearchRequest" + }, "responses": { "200": { - "description": "Successful response", + "description": "Success", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/CveOverview" + "$ref": "#/components/schemas/VulnAssetsSidecarResponse" } } } }, "400": { - "description": "Bad Request", + "description": "Bad request", "content": { "application/json": { "schema": { @@ -1090,7 +1081,7 @@ } }, "403": { - "description": "Forbidden", + "description": "User doesn't have required role", "content": { "application/json": { "schema": { @@ -1100,7 +1091,7 @@ } }, "429": { - "description": "Too Many Requests", + "description": "Rate Limit Exceeded", "content": { "application/json": { "schema": { @@ -1110,37 +1101,34 @@ } } }, - "x-public": "true", "security": [ { "x-redlock-auth": [] } - ] + ], + "x-public": "true" } }, - "/uve/api/v1/cve-overview": { - "get": { - "summary": "Get CVE Overview V2", - "description": "Get the detailed information for a given cve. This endpoint returns additional information, such as EPSS details, CVSS details, exploit details, and environment factors, compared to the [Get CVE Overview](https://pan.dev/prisma-cloud/api/cspm/cve-overview/) endpoint.", + "/uve/api/v2/cve-overview": { + "post": { "tags": [ "Vulnerabilities Dashboard" ], - "operationId": "cve-overview-v2", - "parameters": [ - { - "name": "cve_id", - "in": "query", - "required": true, - "schema": { - "type": "string", - "example": "CVE-2021-44288" - }, - "description": "CVE ID" + "summary": "Get CVE Overview - POST", + "description": "Get the detailed information for a given cve. This endpoint returns information, such as EPSS details, CVSS details, exploit details, and environment factors. This API supports the additional filters like accountGroup and accountIds when compared to the [Get CVE Overview V2](https://pan.dev/prisma-cloud/api/cspm/cve-overview-v-2/) endpoint", + "operationId": "cve-overview-v-3", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/WidgetRequestSidecar" + } + } } - ], + }, "responses": { "200": { - "description": "Successful response", + "description": "Success", "content": { "application/json": { "schema": { @@ -1150,7 +1138,7 @@ } }, "400": { - "description": "Bad Request", + "description": "Bad request", "content": { "application/json": { "schema": { @@ -1170,7 +1158,7 @@ } }, "403": { - "description": "Forbidden", + "description": "User doesn't have required role", "content": { "application/json": { "schema": { @@ -1180,7 +1168,7 @@ } }, "429": { - "description": "Too Many Requests", + "description": "Rate Limit Exceeded", "content": { "application/json": { "schema": { @@ -1190,48 +1178,48 @@ } } }, - "x-public": "true", "security": [ { "x-redlock-auth": [] } - ] + ], + "x-public": "true" } }, "/uve/api/v2/dashboard/vulnerabilities/burndown": { "get": { - "summary": "Get Vulnerabilities Burndown", - "description": "Get the data for burndown chart.\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", "tags": [ "Vulnerabilities Dashboard" ], + "summary": "Get Vulnerabilities Burndown", + "description": "Returns the total count of vulnerabilities and the count of remediated vulnerabilities over the past 30 days.\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", "operationId": "get-burndown", "parameters": [ { "name": "asset_type", - "description": "Type of Asset (comma separated values)", "in": "query", - "required": true, + "description": "Asset Type", + "required": false, "schema": { - "type": "string", + "type": "ref", "enum": [ - "iac", "package", + "iac", "deployedImage", - "serverlessFunction", - "host", + "vmImage", "registryImage", - "vmImage" + "host", + "serverlessFunction" ] } }, { "name": "life_cycle", - "description": "Life Cycle stage (comma separated values)", "in": "query", - "required": true, + "description": "Life Cycle", + "required": false, "schema": { - "type": "string", + "type": "ref", "enum": [ "code", "build", @@ -1241,34 +1229,34 @@ } }, { - "name": "severities", + "name": "severity", "in": "query", - "required": true, + "description": "Severity", + "required": false, "schema": { - "type": "string", + "type": "ref", "enum": [ - "low", + "critical", "medium", "high", - "critical" + "low" ] - }, - "description": "Severity (comma separated values)" + } } ], "responses": { "200": { - "description": "Successful response", + "description": "Success", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/BurndownResponse" + "$ref": "#/components/schemas/BurndownTrend" } } } }, "400": { - "description": "Bad Request", + "description": "Bad request", "content": { "application/json": { "schema": { @@ -1288,7 +1276,7 @@ } }, "403": { - "description": "Forbidden", + "description": "User doesn't have required role", "content": { "application/json": { "schema": { @@ -1298,7 +1286,7 @@ } }, "429": { - "description": "Too Many Requests", + "description": "Rate Limit Exceeded", "content": { "application/json": { "schema": { @@ -1308,46 +1296,38 @@ } } }, - "x-public": "true", - "x-ga": "24.2.1", "security": [ { "x-redlock-auth": [] } - ] + ], + "x-public": "true" } }, - "/uve/api/v1/dashboard/vulnerabilities/vuln-assets": { + "/uve/api/v2/dashboard/vulnerabilities/impact-stage": { "post": { - "summary": "Get Vulnerable Assets by CVE", - "description": "Get the list of all the assets affected by the CVE.", "tags": [ "Vulnerabilities Dashboard" ], - "operationId": "list-vulnerable-assets-cve", + "summary": "Get Vulnerability Impact by Stage - POST", + "description": "Returns a summary of vulnerability across app stages of your application lifecycle. This API supports the account group and account Id filters in addition to the filters we have in the [Get Vulnerability Impact by Stage](https://pan.dev/prisma-cloud/api/cspm/vulnerability-impact-by-stage/) endpoint.\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "vulnerability-impact-by-stage-v-2", "requestBody": { - "required": true, - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/AssetsSearchRequest" - } - } - } + "$ref": "#/components/requestBodies/WidgetRequest" }, "responses": { "200": { - "description": "Successful response", + "description": "Success", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/AssetSideCarResponse" + "$ref": "#/components/schemas/ImpactByStageResponse" } } } }, "400": { - "description": "Bad Request", + "description": "Bad request", "content": { "application/json": { "schema": { @@ -1367,7 +1347,7 @@ } }, "403": { - "description": "Forbidden", + "description": "User doesn't have required role", "content": { "application/json": { "schema": { @@ -1377,7 +1357,7 @@ } }, "429": { - "description": "Too Many Requests", + "description": "Rate Limit Exceeded", "content": { "application/json": { "schema": { @@ -1387,82 +1367,161 @@ } } }, - "x-public": "true", "security": [ { "x-redlock-auth": [] } - ] + ], + "x-public": "true" } }, - "/uve/api/v1/dashboard/vulnerabilities/vulnerableAsset": { + "/uve/api/v2/dashboard/vulnerabilities/overview": { "get": { - "summary": "Get Vulnerable Assets", - "description": "Returns a summary of vulnerable assets and detailed vulnerability statistics, including the total number of vulnerabilities by severity, registry count, package count, repository count, and more, across different stages of your application lifecycle. \n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", "tags": [ "Vulnerabilities Dashboard" ], - "operationId": "vulnerable-assets", - "parameters": [ - { - "name": "asset_type", - "description": "Type of Asset", + "summary": "Get Vulnerability Overview V2", + "description": "Returns a summary of the total runtime vulnerabilities in your environment which is further divided into runtime Vulnerabilities by Asset and Vulnerabilities that have already been remediated. \n:::info\n **Replacement Endpoint: [Get CVE Overview - POST](/prisma-cloud/api/cspm/vulnerability-dashboard-overview-v-4/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "vulnerability-dashboard-overview-v-2", + "responses": { + "200": { + "description": "Success", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/OverviewWidgetV2" + } + } + } + }, + "400": { + "description": "Bad request", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + }, + "401": { + "description": "Unauthorized", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + }, + "403": { + "description": "User doesn't have required role", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + }, + "429": { + "description": "Rate Limit Exceeded", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "deprecated": true, + "x-public": "true" + } + }, + "/uve/api/v2/dashboard/vulnerabilities/prioritised": { + "get": { + "tags": [ + "Vulnerabilities Dashboard" + ], + "summary": "Get Prioritized Vulnerabilities V2", + "description": "Returns the top-priority unique vulnerabilities which are aggregated based on the most urgent, exploitable, patchable, and vulnerable packages in use along with the number of assets they occur in. \n:::info\n **Replacement Endpoint: [Get Prioritized Vulnerabilities - POST](/prisma-cloud/api/cspm/prioritised-vulnerability-v-5/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "prioritised-vulnerability-v-2", + "parameters": [ + { + "name": "asset_type", "in": "query", + "description": "Asset Type", + "required": false, + "explode": true, "schema": { - "type": "string", - "enum": [ - "iac", - "package", - "deployedImage", - "serverlessFunction", - "host", - "registryImage", - "vmImage" - ] + "type": "array", + "items": { + "type": "string", + "enum": [ + "package", + "iac", + "deployedImage", + "vmImage", + "registryImage", + "host", + "serverlessFunction" + ] + } } }, { "name": "life_cycle", - "description": "Life Cycle stage", "in": "query", + "description": "Life Cycle", + "required": false, + "explode": true, "schema": { - "type": "string", - "enum": [ - "code", - "build", - "deploy", - "run" - ] + "type": "array", + "items": { + "type": "string", + "enum": [ + "code", + "build", + "deploy", + "run" + ] + } } }, { - "name": "severities", + "name": "risk_factors", "in": "query", + "description": "Risk Factors", + "required": false, + "example": "Critical severity, Package in use", + "explode": true, "schema": { - "type": "string", - "enum": [ - "low", - "medium", - "high", - "critical" - ] - }, - "description": "Severity" + "type": "array", + "items": { + "type": "string" + } + } } ], "responses": { "200": { - "description": "Successful response", + "description": "Success", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/VulnerableAssetsResponse" + "$ref": "#/components/schemas/PrioritizedVulnerabilitiesV2" } } } }, "400": { - "description": "Bad Request", + "description": "Bad request", "content": { "application/json": { "schema": { @@ -1482,7 +1541,7 @@ } }, "403": { - "description": "Forbidden", + "description": "User doesn't have required role", "content": { "application/json": { "schema": { @@ -1492,7 +1551,7 @@ } }, "429": { - "description": "Too Many Requests", + "description": "Rate Limit Exceeded", "content": { "application/json": { "schema": { @@ -1502,331 +1561,1099 @@ } } }, - "x-public": "true", "security": [ { "x-redlock-auth": [] } - ] + ], + "deprecated": true, + "x-public": "true" } - } - }, - "components": { - "schemas": { - "RiskFactorsParam": { - "type": "object", - "properties": { - "riskFactors": { - "type": "array", - "items": { - "type": "string" + }, + "/uve/api/v2/dashboard/vulnerabilities/prioritised-vuln": { + "get": { + "tags": [ + "Vulnerabilities Dashboard" + ], + "summary": "Get Top Impacting Vulnerabilities V2", + "description": "Returns the CVEs of top critical vulnerabilities in your environment based on the risk score. Each CVE includes risk factors, epssScore, severity, CVSS, risk factors, and assets impacted. This endpoint returns the epss score details in addition to those from [Get Top Impacting Vulnerabilities](https://pan.dev/prisma-cloud/api/cspm/prioritised-vulnerability-v-2/).\n:::info\n **Replacement Endpoint: [Get Top Impacting Vulnerabilities - POST](/prisma-cloud/api/cspm/top-prioritised-vulnerability-v-3/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "top-prioritised-vulnerability-v-2", + "parameters": [ + { + "name": "topN", + "in": "query", + "description": "TopN", + "required": true, + "example": 5, + "schema": { + "type": "integer", + "format": "int32" } - } - } - }, - "SeverityParam": { - "type": "object", - "properties": { - "severity": { - "type": "array", - "items": { - "type": "string" + }, + { + "name": "life_cycle", + "in": "query", + "description": "Life Cycle", + "required": true, + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "code", + "build", + "deploy", + "run" + ] + } } - } - } - }, - "OverviewWidget": { - "type": "object", - "properties": { - "values": { - "type": "array", - "items": { - "$ref": "#/components/schemas/Overview" + }, + { + "name": "asset_type", + "in": "query", + "description": "Asset Type", + "required": false, + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "package", + "iac", + "deployedImage", + "vmImage", + "registryImage", + "host", + "serverlessFunction" + ] + } } } - } - }, - "OverviewWidgetV2": { - "type": "object", - "properties": { - "overviewSummary": { - "$ref": "#/components/schemas/OverviewSummary" + ], + "responses": { + "200": { + "description": "Success", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/TopPrioritizedVulnerabilitiesV2" + } + } + } }, - "values": { - "type": "array", - "items": { - "$ref": "#/components/schemas/TrendCount" + "400": { + "description": "Bad request", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } } - } - } - }, - "OverviewWidgetV3": { - "type": "object", - "properties": { - "overviewSummary": { - "$ref": "#/components/schemas/OverviewSummaryV3" - } - } - }, - "TrendCount": { - "type": "object", - "properties": { - "lastUpdatedDateTime": { - "type": "integer", - "format": "int64" }, - "totalVulnerabilityCount": { - "type": "integer", - "format": "int64" + "401": { + "description": "Unauthorized", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } }, - "totalVulnerableAsset": { - "type": "integer", - "format": "int64" + "403": { + "description": "User doesn't have required role", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } }, - "totalRemediationCount": { - "type": "integer", - "format": "int64" + "429": { + "description": "Rate Limit Exceeded", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } } - } - }, - "OverviewSummaryV3": { - "type": "object", - "description": "Provides Summary of the uniqueCVES, vulnerabilities count and remediated vulnerabilities count", - "properties": { - "totalUniqueCves": { - "$ref": "#/components/schemas/VulnerabilityCountBySeverityV3" - }, - "totalVulnerabilities": { - "$ref": "#/components/schemas/VulnerabilityCountBySeverityV3" - }, - "totalRemediated": { - "$ref": "#/components/schemas/VulnerabilityCountBySeverityV3" + }, + "security": [ + { + "x-redlock-auth": [] } - } - }, - "VulnerabilityCountBySeverityV3": { - "type": "object", - "properties": { - "totalCount": { - "type": "integer", - "format": "int64" + ], + "deprecated": true, + "x-public": "true" + } + }, + "/uve/api/v2/dashboard/vulnerabilities/vulnerableAsset": { + "post": { + "tags": [ + "Vulnerabilities Dashboard" + ], + "summary": "Get Vulnerable Assets Stats - POST", + "description": "Returns overall stats like total vulnerabilities, total assets, vulnerability by severity across the life stage (code, build, deploy and run) per cloud provider. This API supports the account group and account Id filters in addition to the filters we have in the [Get Vulnerable Assets](https://pan.dev/prisma-cloud/api/cspm/vulnerable-assets/) endpoint.\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "vulnerable-assets-v-2", + "requestBody": { + "$ref": "#/components/requestBodies/WidgetRequest" + }, + "responses": { + "200": { + "description": "Success", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/VulnerableAsset" + } + } + } }, - "criticalCount": { - "type": "integer", - "format": "int64" + "400": { + "description": "Bad request", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + }, + "401": { + "description": "Unauthorized", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + }, + "403": { + "description": "User doesn't have required role", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + }, + "429": { + "description": "Rate Limit Exceeded", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-public": "true" + } + }, + "/uve/api/v3/dashboard/vulnerabilities/overview": { + "get": { + "tags": [ + "Vulnerabilities Dashboard" + ], + "summary": "Get Vulnerability Overview V3", + "description": "Returns a summary of the total unique vulnerabilities, the count of vulnerabilities, and the count of remediated vulnerabilities, including a breakdown by severity for each category. The percentage reflects the change between the current data and the data from seven days prior. \n:::info\n **Replacement Endpoint: [Get CVE Overview - POST](/prisma-cloud/api/cspm/vulnerability-dashboard-overview-v-4/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "vulnerability-dashboard-overview-v-3", + "parameters": [ + { + "name": "asset_type", + "in": "query", + "description": "Asset Type", + "required": false, + "example": "packages,serverless", + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string" + } + } + }, + { + "name": "life_cycle", + "in": "query", + "description": "Life Cycle", + "required": false, + "example": "code,build,deploy,run", + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string" + } + } + }, + { + "name": "severities", + "in": "query", + "description": "Severity", + "required": false, + "example": "critical,high", + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string" + } + } + } + ], + "responses": { + "200": { + "description": "Success", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/OverviewWidgetV3" + } + } + } + }, + "400": { + "description": "Bad request", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + }, + "401": { + "description": "Unauthorized", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + }, + "403": { + "description": "User doesn't have required role", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + }, + "429": { + "description": "Rate Limit Exceeded", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "deprecated": true, + "x-public": "true" + } + }, + "/uve/api/v3/dashboard/vulnerabilities/prioritised": { + "get": { + "tags": [ + "Vulnerabilities Dashboard" + ], + "summary": "Get Prioritized Vulnerabilities V3", + "description": "Returns the top-priority unique vulnerabilities which are aggregated based on the most urgent, exploitable, patchable, and vulnerable packages in use along with the number of assets they occur in. This endpoint also returns vulnerabilities based on internet exposure, in addition to those from [Get Prioritized Vulnerabilities V2](https://pan.dev/prisma-cloud/api/cspm/prioritised-vulnerability-v-2/). \n:::info\n **Replacement Endpoint: [Get Prioritized Vulnerabilities - POST](/prisma-cloud/api/cspm/prioritised-vulnerability-v-5/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "prioritised-vulnerability-v-3", + "parameters": [ + { + "name": "asset_type", + "in": "query", + "description": "Asset Type", + "required": false, + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "package", + "iac", + "deployedImage", + "vmImage", + "registryImage", + "host", + "serverlessFunction" + ] + } + } + }, + { + "name": "life_cycle", + "in": "query", + "description": "Life Cycle", + "required": false, + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "code", + "build", + "deploy", + "run" + ] + } + } + } + ], + "responses": { + "200": { + "description": "Success", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/PrioritizedVulnerabilitiesV3" + } + } + } + }, + "400": { + "description": "Bad request", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + }, + "401": { + "description": "Unauthorized", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + }, + "403": { + "description": "User doesn't have required role", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + }, + "429": { + "description": "Rate Limit Exceeded", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "deprecated": true, + "x-public": "true" + } + }, + "/uve/api/v3/dashboard/vulnerabilities/prioritised-vuln": { + "post": { + "tags": [ + "Vulnerabilities Dashboard" + ], + "summary": "Get Top Impacting Vulnerabilities - POST", + "description": "Returns the CVEs of top critical vulnerabilities in your environment based on the risk score. Each CVE includes risk factors, epssScore, severity, CVSS, EPSS, risk factors, and assets impacted. This API supports the account group and account Id filters in addition to the filters we have in the [Get Top Impacting Vulnerabilities V2](https://pan.dev/prisma-cloud/api/cspm/top-prioritised-vulnerability-v-2/) endpoint.\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "top-prioritised-vulnerability-v-3", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/WidgetRequestTopN" + } + } + } + }, + "responses": { + "200": { + "description": "Success", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/PrioritizedVulnerabilitiesV3" + } + } + } + }, + "400": { + "description": "Bad request", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + }, + "401": { + "description": "Unauthorized", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + }, + "403": { + "description": "User doesn't have required role", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + }, + "429": { + "description": "Rate Limit Exceeded", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-public": "true" + } + }, + "/uve/api/v4/dashboard/vulnerabilities/overview": { + "post": { + "tags": [ + "Vulnerabilities Dashboard" + ], + "summary": "Get Vulnerability Overview - POST", + "description": "Returns a summary of the total unique vulnerabilities, the count of vulnerabilities, and the count of remediated vulnerabilities, including a breakdown by severity for each category. The percentage reflects the change between the current data and the data from seven days prior. This API supports the account group and account Id filters in addition to the filters we have in the [Get Vulnerability Overview V3](https://pan.dev/prisma-cloud/api/cspm/vulnerability-dashboard-overview-v-3/) endpoint.\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "vulnerability-dashboard-overview-v-4", + "requestBody": { + "$ref": "#/components/requestBodies/WidgetRequest" + }, + "responses": { + "200": { + "description": "Success", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/OverviewWidgetV3" + } + } + } + }, + "400": { + "description": "Bad request", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + }, + "401": { + "description": "Unauthorized", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + }, + "403": { + "description": "User doesn't have required role", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + }, + "429": { + "description": "Rate Limit Exceeded", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-public": "true" + } + }, + "/uve/api/v4/dashboard/vulnerabilities/prioritised": { + "get": { + "tags": [ + "Vulnerabilities Dashboard" + ], + "summary": "Get Prioritized Vulnerabilities V4", + "description": "Returns the top-priority vulnerabilities which are aggregated based on the most urgent, exploitable, patchable, internet exposed and vulnerable packages in use along with the number of assets they occur in. \n:::info\n **Replacement Endpoint: [Get Prioritized Vulnerabilities - POST](/prisma-cloud/api/cspm/prioritised-vulnerability-v-5/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "prioritised-vulnerability-v-4", + "parameters": [ + { + "name": "asset_type", + "in": "query", + "description": "Asset Type", + "required": false, + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "package", + "iac", + "deployedImage", + "vmImage", + "registryImage", + "host", + "serverlessFunction" + ] + } + } + }, + { + "name": "life_cycle", + "in": "query", + "description": "Life Cycle", + "required": false, + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "code", + "build", + "deploy", + "run" + ] + } + } + } + ], + "responses": { + "200": { + "description": "Success", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/PrioritizedVulnerabilitiesV3" + } + } + } + }, + "400": { + "description": "Bad request", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + }, + "401": { + "description": "Unauthorized", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + }, + "403": { + "description": "User doesn't have required role", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + }, + "429": { + "description": "Rate Limit Exceeded", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "deprecated": true, + "x-public": "true" + } + }, + "/uve/api/v5/dashboard/vulnerabilities/prioritised": { + "post": { + "tags": [ + "Vulnerabilities Dashboard" + ], + "summary": "Get Prioritized Vulnerabilities - POST", + "description": "Returns the top-priority vulnerabilities which are aggregated based on the most urgent, exploitable, patchable, internet exposed and vulnerable packages in use along with the number of assets they occur in. This API supports the account group and account Id filters in addition to the filters we have in the [Get Prioritized Vulnerabilities V4](https://pan.dev/prisma-cloud/api/cspm/prioritised-vulnerability-v-4/) endpoint.\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "prioritised-vulnerability-v-5", + "requestBody": { + "$ref": "#/components/requestBodies/WidgetRequest" + }, + "responses": { + "200": { + "description": "Success", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/PrioritizedVulnerabilitiesV3" + } + } + } }, - "highCount": { - "type": "integer", - "format": "int64" + "400": { + "description": "Bad request", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } }, - "mediumCount": { - "type": "integer", - "format": "int64" + "401": { + "description": "Unauthorized", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } }, - "lowCount": { - "type": "integer", - "format": "int64" + "403": { + "description": "User doesn't have required role", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } }, - "percentageChange": { - "type": "integer", - "format": "int64" + "429": { + "description": "Rate Limit Exceeded", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + } + }, + "security": [ + { + "x-redlock-auth": [] + } + ], + "x-public": "true" + } + } + }, + "components": { + "requestBodies": { + "AssetsSearchRequest": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/AssetsSearchRequest" + } } } }, - "OverviewSummary": { + "WidgetRequest": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/WidgetRequest" + } + } + } + } + }, + "schemas": { + "Action": { "type": "object", - "description": "Provides Summary of the vulnerability, remediated and asset counts in Runtime", "properties": { - "totalVulnerableRuntimeAssets": { - "$ref": "#/components/schemas/VulnerableAssetByType" + "action": { + "type": "string" }, - "totalVulnerabilitiesinRuntime": { - "$ref": "#/components/schemas/VulnerabilityCountBySeverity" + "status": { + "type": "string" }, - "totalRemediatedinRuntime": { - "$ref": "#/components/schemas/VulnerabilityCountBySeverity" + "actionResult": { + "type": "string" + }, + "message": { + "type": "string" } } }, - "VulnerableAssetByType": { + "AdditionalLinks": { "type": "object", "properties": { - "totalCount": { - "type": "integer", - "format": "int64" + "vendorLinks": { + "type": "array", + "items": { + "type": "string" + } }, - "deployedImageCount": { - "type": "integer", - "format": "int64" + "nvdlinks": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "ApiErrorResponse": { + "type": "object", + "properties": { + "code": { + "type": "string" }, - "serverlessFunctionCount": { - "type": "integer", - "format": "int64" + "message": { + "type": "string" }, - "hostCount": { - "type": "integer", - "format": "int64" + "target": { + "type": "string" } } }, - "VulnerabilityCountBySeverity": { + "AssetData": { "type": "object", "properties": { - "totalCount": { - "type": "integer", - "format": "int64" + "cveId": { + "type": "string" }, - "criticalCount": { - "type": "integer", - "format": "int64" + "severity": { + "type": "array", + "items": { + "type": "string" + } }, - "highCount": { - "type": "integer", - "format": "int64" + "cbdrStage": { + "type": "array", + "items": { + "type": "string" + } }, - "mediumCount": { - "type": "integer", - "format": "int64" + "riskFactors": { + "type": "array", + "items": { + "type": "string" + } }, - "lowCount": { - "type": "integer", - "format": "int64" + "cvssScore": { + "type": "number", + "format": "double" + }, + "packageData": { + "$ref": "#/components/schemas/AssetInfo" + }, + "deployedImages": { + "$ref": "#/components/schemas/AssetInfo" + }, + "iac": { + "$ref": "#/components/schemas/AssetInfo" + }, + "host": { + "$ref": "#/components/schemas/AssetInfo" } } }, - "Overview": { + "AssetInfo": { "type": "object", "properties": { - "lastUpdatedDateTime": { + "count": { "type": "integer", - "format": "int64" + "format": "int32" }, - "totalVulnerabilityCount": { - "type": "integer" + "repositorycount": { + "type": "integer", + "format": "int32" }, - "totalVulnerableAsset": { - "type": "integer" + "fixImpact": { + "$ref": "#/components/schemas/FixImpact" }, - "totalRemediationCount": { - "type": "integer" + "remediationAvailable": { + "type": "array", + "items": { + "$ref": "#/components/schemas/Action" + } } } }, - "PrioritizedVulnerabilities": { + "AssetTraceGraphView": { "type": "object", "properties": { - "lastUpdatedDateTime": { + "nodes": { + "type": "object", + "additionalProperties": { + "$ref": "#/components/schemas/TraceNode" + } + }, + "edges": { + "type": "array", + "items": { + "$ref": "#/components/schemas/Edge" + } + } + } + }, + "AssetsImpacted": { + "type": "object", + "properties": { + "codeCount": { "type": "integer", "format": "int64" }, - "totalVulnerabilities": { - "type": "integer" - }, - "urgent": { - "type": "integer" - }, - "patchable": { - "type": "integer" + "buildCount": { + "type": "integer", + "format": "int64" }, - "exploitable": { - "type": "integer" + "deployCount": { + "type": "integer", + "format": "int64" }, - "packageInUse": { - "type": "integer" + "runtimeCount": { + "type": "integer", + "format": "int64" } } }, - "PrioritizedVulnerabilitiesV2": { + "AssetsSearchRequest": { "type": "object", "properties": { - "lastUpdatedDateTime": { + "query": { + "type": "string" + }, + "cve_id": { + "type": "string", + "description": "cveId" + }, + "risk_factors": { + "type": "array", + "description": "List of Risk Factors", + "items": { + "type": "string" + } + }, + "sort_by": { + "type": "string", + "description": "Assets Order" + }, + "asset_type": { + "type": "string", + "example": "package,serverlessFunction,iac,deployedImage,vmImage,registryImage,host", + "description": "List of Asset Types", + "enum": [ + "package", + "serverlessFunction", + "iac", + "deployedImage", + "vmImage", + "registryImage", + "host" + ] + }, + "page_offset": { "type": "integer", - "format": "int64" + "format": "int32", + "description": "Page offset" }, - "totalVulnerabilities": { - "type": "integer" + "page_size": { + "type": "integer", + "format": "int32", + "description": "Page Size" }, - "urgent": { - "$ref": "#/components/schemas/VulnerabilityInfo" + "filter_suppressed": { + "type": "boolean", + "description": "Filter Suppressed" }, - "patchable": { - "$ref": "#/components/schemas/VulnerabilityInfo" + "severity": { + "type": "array", + "example": "critical,high,low,medium,informational", + "description": "List of Severities", + "items": { + "type": "string" + } + }, + "life_cycle": { + "type": "array", + "example": "code,build,deploy,run", + "description": "List of Life Cycles", + "items": { + "type": "string" + } + }, + "account_groups": { + "type": "array", + "description": "List of Account Groups", + "items": { + "type": "string" + } + }, + "account_ids": { + "type": "array", + "description": "List of Account Ids", + "items": { + "type": "string" + } + }, + "account_names": { + "type": "array", + "description": "List of Account Names", + "items": { + "type": "string" + } }, - "exploitable": { - "$ref": "#/components/schemas/VulnerabilityInfo" + "clusters": { + "type": "array", + "description": "List of Account Ids", + "items": { + "type": "string" + } }, - "packageInUse": { - "$ref": "#/components/schemas/VulnerabilityInfo" + "cluster_namespaces": { + "type": "array", + "description": "List of Namespaces", + "items": { + "type": "string" + } } - } + }, + "description": "Request Model for Dashboard Widgets" }, - "PrioritizedVulnerabilitiesV3": { + "Build": { + "type": "object" + }, + "BurndownTrend": { "type": "object", "properties": { - "lastUpdatedDateTime": { + "dayNum": { "type": "integer", "format": "int64" }, - "totalVulnerabilities": { - "type": "integer" - }, - "urgent": { - "$ref": "#/components/schemas/VulnerabilityInfo" - }, - "patchable": { - "$ref": "#/components/schemas/VulnerabilityInfo" - }, - "exploitable": { - "$ref": "#/components/schemas/VulnerabilityInfo" - }, - "internetExposed": { - "$ref": "#/components/schemas/VulnerabilityInfo" + "totalCount": { + "type": "integer", + "format": "int64" }, - "packageInUse": { - "$ref": "#/components/schemas/VulnerabilityInfo" - } - } - }, - "VulnerabilityInfo": { - "type": "object", - "properties": { - "vulnerabilityCount": { + "remediatedCount": { "type": "integer", "format": "int64" }, - "assetCount": { + "epochTimestamp": { "type": "integer", "format": "int64" } } }, - "TopPrioritizedVulnerabilities": { + "CBDRAssetTraceRequest": { "type": "object", + "required": [ + "nextPageToken", + "source", + "traceStages" + ], "properties": { - "lastUpdatedDateTime": { - "type": "integer", - "format": "int64" + "nextPageToken": { + "type": "string", + "description": "Next Page Token" }, - "cve": { + "source": { + "$ref": "#/components/schemas/Source" + }, + "traceStages": { "type": "array", + "description": "List of trace stage data", "items": { - "$ref": "#/components/schemas/Cve" + "$ref": "#/components/schemas/TraceStage" } } } }, - "TopPrioritizedVulnerabilitiesV2": { + "Code": { "type": "object", "properties": { - "lastUpdatedDateTime": { + "packageCount": { "type": "integer", - "format": "int64" + "format": "int32" }, - "cve": { - "type": "array", - "items": { - "$ref": "#/components/schemas/Cve2" - } + "iac": { + "type": "integer", + "format": "int32" } } }, @@ -1851,6 +2678,7 @@ }, "riskFactors": { "type": "array", + "uniqueItems": true, "items": { "type": "string" } @@ -1871,22 +2699,23 @@ "format": "double" }, "epssScore": { - "type": "number", - "format": "integer" + "type": "integer", + "format": "int64" + }, + "epssScorePrevious": { + "type": "integer", + "format": "int64" }, "completeEpssScore": { "type": "number", "format": "double" }, - "epssScorePrevious": { - "type": "number", - "format": "integer" - }, "severity": { "type": "string" }, "riskFactors": { "type": "array", + "uniqueItems": true, "items": { "type": "string" } @@ -1895,37 +2724,8 @@ "$ref": "#/components/schemas/AssetsImpacted" }, "assetsAtRisk": { - "type": "number", - "format": "long" - } - } - }, - "AssetsImpacted": { - "type": "object", - "properties": { - "codeCount": { - "type": "integer" - }, - "buildCount": { - "type": "integer" - }, - "deployCount": { - "type": "integer" - }, - "runtimeCount": { - "type": "integer" - } - } - }, - "Trend": { - "type": "object", - "properties": { - "reportedDate": { "type": "integer", "format": "int64" - }, - "assetsWithCveCount": { - "type": "integer" } } }, @@ -1942,18 +2742,6 @@ "type": "number", "format": "double" }, - "epssScore": { - "type": "number", - "format": "integer" - }, - "completeEpssScore": { - "type": "number", - "format": "double" - }, - "epssScorePrevious": { - "type": "number", - "format": "integer" - }, "packageName": { "type": "string" }, @@ -1990,6 +2778,18 @@ "items": { "$ref": "#/components/schemas/ImpactedDistros" } + }, + "epssScore": { + "type": "integer", + "format": "int64" + }, + "epssScorePrevious": { + "type": "integer", + "format": "int64" + }, + "completeEpssScore": { + "type": "number", + "format": "double" } } }, @@ -2009,64 +2809,247 @@ "type": "string" } }, - "riskFactors": { - "type": "array", - "items": { - "type": "string" - } + "riskFactors": { + "type": "array", + "items": { + "type": "string" + } + }, + "severity": { + "type": "string" + }, + "impactedDistrosList": { + "type": "array", + "items": { + "$ref": "#/components/schemas/ImpactedDistros" + } + }, + "impactedAssetsCount": { + "type": "integer", + "format": "int32" + }, + "impactedAssetsRuntimeCount": { + "type": "integer", + "format": "int32" + }, + "description": { + "type": "string" + }, + "firstSeen": { + "type": "integer", + "format": "int64" + }, + "lastSeen": { + "type": "integer", + "format": "int64" + }, + "packageType": { + "type": "array", + "items": { + "type": "string" + } + }, + "impactedPackages": { + "type": "array", + "items": { + "type": "string" + } + }, + "cvssDetails": { + "$ref": "#/components/schemas/CvssDetails" + }, + "environmentFactors": { + "$ref": "#/components/schemas/EnvironmentFactors" + }, + "epssDetails": { + "$ref": "#/components/schemas/EpssDetails" + }, + "exploitDetails": { + "$ref": "#/components/schemas/ExploitDetails" + }, + "additionalLinks": { + "$ref": "#/components/schemas/AdditionalLinks" + } + } + }, + "CvssDetails": { + "type": "object", + "properties": { + "publishedDate": { + "type": "integer", + "format": "int64" + }, + "lastModifiedDate": { + "type": "integer", + "format": "int64" + }, + "attackVector": { + "type": "string" + }, + "privilegesRequired": { + "type": "string" + }, + "confidentiality": { + "type": "string" + }, + "attackComplexity": { + "type": "string" + }, + "userInteractionRequired": { + "type": "string" + }, + "integrity": { + "type": "string" + }, + "patchable": { + "type": "boolean" + }, + "exploitable": { + "type": "boolean" + } + } + }, + "Deploy": { + "type": "object", + "properties": { + "registryImage": { + "type": "integer", + "format": "int32" + } + } + }, + "DistroDetails": { + "type": "object", + "properties": { + "cvss": { + "type": "number", + "format": "double" + }, + "packageName": { + "type": "string" + }, + "release": { + "type": "string" + }, + "severity": { + "type": "string" + }, + "affectedVersion": { + "type": "string" + }, + "fixedTime": { + "type": "integer", + "format": "int64" + }, + "publishedDate": { + "type": "integer", + "format": "int64" + }, + "modifiedDate": { + "type": "integer", + "format": "int64" + } + } + }, + "Edge": { + "type": "object", + "properties": { + "id": { + "type": "string" + }, + "label": { + "type": "string" }, - "severity": { + "source": { "type": "string" }, - "impactedAssetsCount": { - "type": "integer" + "target": { + "type": "string" }, - "impactedAssetsRuntimeCount": { - "type": "integer" + "directed": { + "type": "boolean" }, - "description": { + "relation": { "type": "string" }, - "firstSeen": { + "metadata": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "relationshipTypeId": { "type": "integer", - "format": "int64" + "format": "int32" + } + } + }, + "EnvironmentFactors": { + "type": "object", + "properties": { + "internetExposed": { + "type": "boolean" }, - "lastSeen": { + "packageInUse": { + "type": "boolean" + } + } + }, + "EpssDetails": { + "type": "object", + "properties": { + "epss": { "type": "integer", "format": "int64" }, - "packageType": { - "type": "array", - "items": { - "type": "string" - } - }, - "impactedPackages": { - "type": "array", - "items": { - "type": "string" - } + "epss_previous": { + "type": "integer", + "format": "int64" }, - "cvssDetails": { - "$ref": "#/components/schemas/CvssDetails" + "probabilityScore": { + "type": "number", + "format": "double" + } + } + }, + "ExploitDetails": { + "type": "object", + "properties": { + "cisaLink": { + "type": "string" }, - "environmentFactors": { - "$ref": "#/components/schemas/EnvironmentFactors" + "cisaKind": { + "type": "string" + } + } + }, + "FixImpact": { + "type": "object", + "properties": { + "percentageVulns": { + "type": "number", + "format": "float" }, - "exploitDetails": { - "$ref": "#/components/schemas/ExploitDetails" + "across": { + "type": "integer", + "format": "int64" + } + } + }, + "ImpactByStageResponse": { + "type": "object", + "properties": { + "code": { + "$ref": "#/components/schemas/Code" }, - "epssDetails": { - "$ref": "#/components/schemas/EpssDetails" + "build": { + "$ref": "#/components/schemas/Build" }, - "additionalDetails": { - "$ref": "#/components/schemas/AdditionalDetails" + "run": { + "$ref": "#/components/schemas/Run" }, - "impactedDistrosList": { - "type": "array", - "items": { - "$ref": "#/components/schemas/ImpactedDistros" - } + "deploy": { + "$ref": "#/components/schemas/Deploy" } } }, @@ -2077,10 +3060,12 @@ "type": "string" }, "impactCount": { - "type": "integer" + "type": "integer", + "format": "int32" }, "highestCVSS": { - "type": "integer" + "type": "number", + "format": "double" }, "highestSeverity": { "type": "string" @@ -2101,709 +3086,503 @@ } } }, - "DistroDetails": { + "Overview": { "type": "object", "properties": { - "cvss": { - "type": "number", - "format": "double" + "lastUpdatedDateTime": { + "type": "integer", + "format": "int64" }, - "packageName": { - "type": "string" + "totalVulnerabilityCount": { + "type": "integer", + "format": "int64" }, - "release": { - "type": "string" + "totalVulnerableAsset": { + "type": "integer", + "format": "int64" }, - "severity": { - "type": "string" + "totalRemediationCount": { + "type": "integer", + "format": "int64" + } + } + }, + "OverviewAssetStats": { + "type": "object", + "properties": { + "totalCount": { + "type": "integer", + "format": "int64" }, - "affectedVersion": { - "type": "string" + "deployedImageCount": { + "type": "integer", + "format": "int64" }, - "fixedTime": { + "serverlessFunctionCount": { "type": "integer", "format": "int64" }, - "publishedDate": { + "hostCount": { + "type": "integer", + "format": "int64" + } + } + }, + "OverviewStats": { + "type": "object", + "properties": { + "totalCount": { "type": "integer", "format": "int64" }, - "modifiedDate": { + "criticalCount": { + "type": "integer", + "format": "int64" + }, + "highCount": { + "type": "integer", + "format": "int64" + }, + "mediumCount": { + "type": "integer", + "format": "int64" + }, + "lowCount": { "type": "integer", "format": "int64" } } }, - "AssetsSearchRequest": { + "OverviewStatsV3": { "type": "object", "properties": { - "query": { - "type": "string" + "totalCount": { + "type": "integer", + "format": "int64" }, - "cve_id": { - "type": "string" + "criticalCount": { + "type": "integer", + "format": "int64" }, - "risk_factors": { - "type": "array", - "items": { - "type": "string" - } + "highCount": { + "type": "integer", + "format": "int64" }, - "sort_by": { - "type": "string" + "mediumCount": { + "type": "integer", + "format": "int64" }, - "asset_type": { - "type": "string" + "lowCount": { + "type": "integer", + "format": "int64" }, - "page_offset": { - "type": "integer" + "percentageChange": { + "type": "integer", + "format": "int64" + } + } + }, + "OverviewSummary": { + "type": "object", + "properties": { + "totalVulnerableRuntimeAssets": { + "$ref": "#/components/schemas/OverviewAssetStats" }, - "page_size": { - "type": "integer" + "totalVulnerabilitiesinRuntime": { + "$ref": "#/components/schemas/OverviewStats" }, - "filter_suppressed": { - "type": "boolean" + "totalRemediatedinRuntime": { + "$ref": "#/components/schemas/OverviewStats" } } }, - "ApiErrorResponse": { + "OverviewSummaryV3": { "type": "object", "properties": { - "code": { - "type": "string", - "description": "Error code" + "totalUniqueCves": { + "$ref": "#/components/schemas/OverviewStatsV3" }, - "message": { - "type": "string", - "description": "Error message" + "totalVulnerabilities": { + "$ref": "#/components/schemas/OverviewStatsV3" }, - "target": { - "type": "string", - "description": "Error target" + "totalRemediated": { + "$ref": "#/components/schemas/OverviewStatsV3" + } + } + }, + "OverviewWidget": { + "type": "object", + "properties": { + "values": { + "type": "array", + "items": { + "$ref": "#/components/schemas/Overview" + } + } + } + }, + "OverviewWidgetV2": { + "type": "object", + "properties": { + "overviewSummary": { + "$ref": "#/components/schemas/OverviewSummary" + }, + "values": { + "type": "array", + "items": { + "$ref": "#/components/schemas/Overview" + } + } + } + }, + "OverviewWidgetV3": { + "type": "object", + "properties": { + "overviewSummary": { + "$ref": "#/components/schemas/OverviewSummaryV3" } } }, - "Action": { + "PrioritizedVulnerabilities": { "type": "object", "properties": { - "action": { - "type": "string" + "lastUpdatedDateTime": { + "type": "integer", + "format": "int64" }, - "status": { - "type": "string" + "totalVulnerabilities": { + "type": "integer", + "format": "int64" }, - "actionResult": { - "type": "string" + "urgent": { + "type": "integer", + "format": "int64" }, - "message": { - "type": "string" + "patchable": { + "type": "integer", + "format": "int64" + }, + "exploitable": { + "type": "integer", + "format": "int64" + }, + "packageInUse": { + "type": "integer", + "format": "int64" } } }, - "AssetDetails": { + "PrioritizedVulnerabilitiesV2": { "type": "object", "properties": { - "assetName": { - "type": "string" - }, - "resourceName": { - "type": "string" - }, - "packageName": { - "type": "string" - }, - "packageVersion": { - "type": "string" + "lastUpdatedDateTime": { + "type": "integer", + "format": "int64" }, - "fixVersion": { - "type": "string" + "totalVulnerabilities": { + "type": "integer", + "format": "int64" }, - "severity": { - "type": "string" + "urgent": { + "$ref": "#/components/schemas/VulnerabilityInfo" }, - "discoveredTime": { - "type": "string" + "patchable": { + "$ref": "#/components/schemas/VulnerabilityInfo" }, - "remediationAvailable": { - "type": "array", - "items": { - "$ref": "#/components/schemas/Action" - } + "exploitable": { + "$ref": "#/components/schemas/VulnerabilityInfo" }, - "age": { - "type": "integer" + "packageInUse": { + "$ref": "#/components/schemas/VulnerabilityInfo" } } }, - "AssetSideCarResponse": { + "PrioritizedVulnerabilitiesV3": { "type": "object", "properties": { - "value": { - "type": "object", - "properties": { - "assets": { - "type": "array", - "items": { - "$ref": "#/components/schemas/AssetDetails" - } - } - } + "lastUpdatedDateTime": { + "type": "integer", + "format": "int64" }, - "cve_id": { - "type": "string" + "totalVulnerabilities": { + "type": "integer", + "format": "int64" }, - "page_offset": { - "type": "integer" + "urgent": { + "$ref": "#/components/schemas/VulnerabilityInfo" }, - "page_size": { - "type": "integer" - } - } - }, - "BurndownResponse": { - "type": "array", - "items": { - "type": "object", - "properties": { - "dayNum": { - "type": "number", - "description": "Count down of the day backwards from present day" - }, - "totalCount": { - "type": "number", - "description": "Number of vulnerabilities in the given day" - }, - "remediatedCount": { - "type": "number", - "description": "Number of vulnerabilities remediated for the given day" - }, - "epochTimestamp": { - "type": "number", - "description": "Time upto which the entry was recorded" - } + "patchable": { + "$ref": "#/components/schemas/VulnerabilityInfo" + }, + "exploitable": { + "$ref": "#/components/schemas/VulnerabilityInfo" + }, + "internetExposed": { + "$ref": "#/components/schemas/VulnerabilityInfo" + }, + "packageInUse": { + "$ref": "#/components/schemas/VulnerabilityInfo" } } }, - "ImpactByStageResponse": { + "Run": { "type": "object", "properties": { - "value": { - "type": "object", - "properties": { - "code": { - "type": "object", - "properties": { - "package": { - "type": "integer" - }, - "iac": { - "type": "integer" - } - } - }, - "build": { - "type": "object" - }, - "run": { - "type": "object", - "properties": { - "serverlessFunction": { - "type": "integer" - }, - "host": { - "type": "integer" - }, - "deployedImage": { - "type": "integer" - } - } - }, - "deploy": { - "type": "object", - "properties": { - "registryImage": { - "type": "integer" - }, - "vmImage": { - "type": "integer" - } - } - } - } + "serverlessFunction": { + "type": "integer", + "format": "int32" + }, + "host": { + "type": "integer", + "format": "int32" + }, + "deployedImage": { + "type": "integer", + "format": "int32" } } }, - "TraceStage": { + "Source": { "type": "object", - "description": "A ordered collection of subsequent trace stages", + "required": [ + "stage", + "unifiedAssetId" + ], "properties": { - "name": { + "unifiedAssetId": { + "type": "string", + "description": "Unified Asset Identifier" + }, + "stage": { "type": "string", - "description": "A unique name of the trace stage", + "description": "The stage of the source asset", "enum": [ "CODE", "BUILD", "DEPLOY", "RUN" ] - }, - "apiIds": { - "type": "array", - "description": "A collection of api-ids for this stage. If none are provided, then we utilize what the collection of ides that are default to this stage", - "items": { - "type": "string" - } - }, - "cveId": { - "type": "string", - "description": "CVE Identifier" - }, - "repoId": { - "type": "string", - "description": "Repo Identifier" } - }, - "required": [ - "cveId", - "repoId" - ] + } }, - "AssetTraceRequest": { + "StatsByProvider": { "type": "object", - "description": "Asset Trace request", "properties": { - "source": { - "type": "object", - "description": "The source from which the trace originates", - "properties": { - "unifiedAssetIds": { - "type": "array", - "items": { - "type": "string" - }, - "description": "Set of unified asset identifiers" - }, - "stage": { - "type": "string", - "enum": [ - "CODE", - "BUILD", - "DEPLOY", - "RUN" - ], - "description": "The stage of the source Assets" - } - }, - "required": [ - "unifiedAssetIds" - ] + "provider": { + "type": "string" }, - "traceStages": { - "type": "array", - "items": { - "$ref": "#/components/schemas/TraceStage" - } + "repositories": { + "type": "integer", + "format": "int64" }, - "nextPageToken": { + "registries": { "type": "integer", - "description": "The optional next page token" - } - } - }, - "AssetTraceGraphResponse": { - "type": "object", - "properties": { - "graph": { - "$ref": "#/components/schemas/AssetTraceGraph" + "format": "int64" + }, + "packages": { + "type": "integer", + "format": "int64" + }, + "assets": { + "type": "integer", + "format": "int64" + }, + "users": { + "type": "integer", + "format": "int64" + }, + "cloudAccounts": { + "type": "integer", + "format": "int64" + }, + "vulnerabilities": { + "$ref": "#/components/schemas/VulnerabilitiesBySeverity" } } }, - "AssetTraceGraph": { + "TopPrioritizedVulnerabilities": { "type": "object", "properties": { - "nodes": { - "type": "object", - "additionalProperties": { - "anyOf": [ - { - "$ref": "#/components/schemas/PrimaryAssetStageNode" - }, - { - "$ref": "#/components/schemas/AssetStageNode" - } - ] - } + "lastUpdatedDateTime": { + "type": "integer", + "format": "int64" }, - "edges": { + "cve": { "type": "array", "items": { - "$ref": "#/components/schemas/Edge" - } - } - } - }, - "PrimaryAssetStageNode": { - "type": "object", - "description": "A dictionary of the trace node identifier and the associated node", - "additionalProperties": { - "type": "object", - "description": "", - "properties": { - "label": { - "type": "string", - "description": "Label representing the asset name" - }, - "type": { - "type": "string", - "default": "PrimaryAsset", - "description": "Type of Node" - }, - "metadata": { - "$ref": "#/components/schemas/AssetStageNodeMetadata" - } - } - } - }, - "AssetStageNode": { - "type": "object", - "description": "A dictionary of the trace node identifier and the associated node", - "additionalProperties": { - "type": "object", - "description": "", - "properties": { - "label": { - "type": "string", - "description": "Label representing the asset name" - }, - "type": { - "type": "string", - "default": "Asset", - "description": "Type of Node" - }, - "metadata": { - "$ref": "#/components/schemas/AssetStageNodeMetadata" - } - } - } - }, - "AssetStageNodeMetadata": { - "type": "object", - "description": "Metadata associated with the AssetNode", - "additionalProperties": { - "type": "object", - "properties": { - "stage": { - "type": "string", - "description": "Stage of the Asset", - "enum": [ - "CODE", - "BUILD", - "DEPLOY", - "RUN" - ] - }, - "unifiedAssetId": { - "type": "string", - "description": "Unified Asset Identifier" - }, - "assetName": { - "type": "string", - "description": "Asset Name" - }, - "count": { - "type": "integer", - "description": "Count of the nodes in a stage" - }, - "attributes": { - "additionalProperties": { - "type": "object", - "properties": { - "packageManagerFileName": { - "type": "string", - "description": "File location in the Repo" - }, - "dockerFileName": { - "description": "Docker file name", - "type": "string" - }, - "pipelineName": { - "type": "string", - "description": "Name of the pipeline" - }, - "pipelineType": { - "type": "string", - "description": "Pipeline Type" - }, - "jobInstanceName": { - "type": "string", - "description": "Job Instance Name" - }, - "filePath": { - "type": "string", - "description": "The path of the file in the repo" - }, - "fileName": { - "type": "string", - "description": "The name of the file" - }, - "repoName": { - "type": "string", - "description": "The name of the repo" - }, - "repoOwner": { - "type": "string", - "description": "The owner of the repo" - }, - "packageName": { - "type": "string", - "description": "The package name of the CVE" - }, - "version": { - "type": "string", - "description": "The package version of the CVE" - }, - "subType": { - "type": "string", - "description": "Asset Sub Type", - "enum": [ - "File", - "Package" - ] - } - } - } + "$ref": "#/components/schemas/Cve" } } } }, - "Edge": { + "TopPrioritizedVulnerabilitiesV2": { "type": "object", - "description": "The edges of the C2C Tracing graph", "properties": { - "label": { - "type": "string", - "description": "Edge label" - }, - "source": { - "type": "string", - "description": "Identifier of the source asset" - }, - "target": { - "type": "string", - "description": "Identifier of the target asset" - }, - "directed": { - "type": "boolean", - "description": "Boolean value representing whether the edge is directed" - }, - "relation": { - "type": "string", - "enum": [ - "Deployed From", - "Built By", - "Contains", - "Is Contained In", - "Triggered By", - "Deployed As", - "Built", - "Triggered" - ], - "description": "Relation between the source and target nodes" - }, - "relationshipTypeId": { + "lastUpdatedDateTime": { "type": "integer", - "description": "Relationship Type ID between the edges" + "format": "int64" }, - "metadata": { - "type": "object", - "additionalProperties": { - "type": "string" + "cve": { + "type": "array", + "items": { + "$ref": "#/components/schemas/Cve2" } } - }, - "required": [ - "source", - "target" - ] + } }, - "AssetNode": { + "TraceNode": { "type": "object", - "description": "", "properties": { - "label": { - "type": "string", - "description": "Label representing the asset name" - }, "type": { - "type": "string", - "enum": [ - "PrimaryAssetNode", - "AssetNode" - ], - "description": "Type of Node" + "type": "string" }, - "metadata": { - "type": "object", - "description": "Metadata associated with the AssetNode", - "additionalProperties": { - "type": "object", - "properties": {} - } + "label": { + "type": "string" } } }, - "Summary": { + "TraceStage": { "type": "object", + "required": [ + "cveId", + "name" + ], "properties": { - "description": { - "type": "string" - }, - "firstSeen": { - "type": "integer", - "format": "int64" + "name": { + "type": "string", + "description": "Stage Name" }, - "lastSeen": { - "type": "integer", - "format": "int64" + "cveId": { + "type": "string", + "description": "CveId" }, - "packageType": { - "type": "array", - "items": { - "type": "string" - } + "repoId": { + "type": "string", + "description": "RepoId" }, - "impactedPackages": { + "apiIds": { "type": "array", + "description": "ApiIds", "items": { - "type": "string" + "type": "integer", + "format": "int32" } } } }, - "CvssDetails": { + "Trend": { "type": "object", "properties": { - "publishedDate": { + "reportedDate": { "type": "integer", "format": "int64" }, - "lastModifiedDate": { + "assetsWithCveCount": { "type": "integer", "format": "int64" - }, - "attackVector": { - "type": "string" - }, - "exploitAvailability": { - "type": "string" - }, - "confidentiality": { + } + } + }, + "UaiSeverityMapping": { + "type": "object", + "properties": { + "prisma_id": { "type": "string" }, - "attackComplexity": { + "unified_asset_id": { "type": "string" }, - "userInteractionRequired": { - "type": "string" + "low": { + "type": "number", + "format": "double" }, - "integrity": { - "type": "string" + "medium": { + "type": "number", + "format": "double" }, - "exploitable": { - "type": "boolean" + "high": { + "type": "number", + "format": "double" }, - "patchable": { - "type": "boolean" + "critical": { + "type": "number", + "format": "double" } } }, - "EnvironmentFactors": { + "VulnAssetsSidecarResponse": { "type": "object", "properties": { - "internetExposed": { - "type": "boolean" - }, - "packageInUse": { - "type": "boolean" + "value": { + "$ref": "#/components/schemas/AssetData" } } }, - "ExploitDetails": { + "VulnerabilitiesBySeverity": { "type": "object", "properties": { - "cisaLink": { - "type": "string" + "criticalCount": { + "type": "integer", + "format": "int64" }, - "cisaKind": { - "type": "string" - } - } - }, - "EpssDetails": { - "type": "object", - "properties": { - "epss": { + "highCount": { "type": "integer", "format": "int64" }, - "epss_previous": { + "mediumCount": { "type": "integer", "format": "int64" }, - "probabilityScore": { + "lowCount": { "type": "integer", "format": "int64" } } }, - "AdditionalDetails": { + "VulnerabilityInfo": { "type": "object", "properties": { - "nvdLinks": { - "type": "array", - "items": { - "type": "string" - } + "vulnerability_count": { + "type": "integer", + "format": "int64" }, - "vendorLinks": { - "type": "array", - "items": { - "type": "string" - } + "asset_count": { + "type": "integer", + "format": "int64" + }, + "cve_count": { + "type": "integer", + "format": "int64" } } }, - "VulnerableAssetsResponse": { + "VulnerableAsset": { "type": "object", - "description": "Vulnerable Assets by Stage stats", "properties": { "value": { "type": "array", "items": { - "$ref": "#/components/schemas/VulnerableAssetByStage" + "$ref": "#/components/schemas/VulnerableAssetStat" } } } }, - "VulnerableAssetByStage": { + "VulnerableAssetStat": { "type": "object", - "description": "Vulnerable assets across all stages", "properties": { "stage": { - "type": "string", - "description": "Life Cycle Stage" + "type": "string" }, "totalVulnerabilities": { "type": "integer", - "description": "Total Vulnerabilities" + "format": "int64" }, "assetType": { - "type": "string", - "description": "Asset Type" + "type": "string" }, "totalAssets": { "type": "integer", - "description": "Total number of Assets" + "format": "int64" }, "stats": { "type": "array", @@ -2813,57 +3592,213 @@ } } }, - "StatsByProvider": { + "WidgetRequest": { "type": "object", - "description": "Stats grouped by provider", "properties": { - "provider": { + "assetTypes": { + "type": "array", + "example": "package,serverlessFunction,iac,deployedImage,vmImage,registryImage,host", + "description": "List of Asset Types", + "items": { + "type": "string" + } + }, + "lifeCycle": { + "type": "array", + "example": "code,build,deploy,run", + "description": "List of Asset Life Cycles", + "items": { + "type": "string" + } + }, + "severities": { + "type": "array", + "example": "critical,high,low,medium,informational", + "description": "List of Severities", + "items": { + "type": "string" + } + }, + "accountGroups": { + "type": "array", + "description": "List of Cloud Account Groups", + "items": { + "type": "string" + } + }, + "accountIds": { + "type": "array", + "description": "List of Cloud Account IDs", + "items": { + "type": "string" + } + }, + "clusters": { + "type": "array", + "description": "List of Clusters", + "items": { + "type": "string" + } + }, + "clusterNamespaces": { + "type": "array", + "description": "List of Namespaces", + "items": { + "type": "string" + } + }, + "accountNames": { + "type": "array", + "description": "List of Account Names", + "items": { + "type": "string" + } + } + }, + "description": "Request Model for Dashboard Widgets" + }, + "WidgetRequestSidecar": { + "type": "object", + "required": [ + "cveId" + ], + "properties": { + "assetTypes": { + "type": "array", + "example": "package,serverlessFunction,iac,deployedImage,vmImage,registryImage,host", + "description": "List of Asset Types", + "items": { + "type": "string" + } + }, + "lifeCycle": { + "type": "array", + "example": "code,build,deploy,run", + "description": "List of Asset Life Cycles", + "items": { + "type": "string" + } + }, + "severities": { + "type": "array", + "example": "critical,high,low,medium,informational", + "description": "List of Severities", + "items": { + "type": "string" + } + }, + "accountGroups": { + "type": "array", + "description": "List of Cloud Account Groups", + "items": { + "type": "string" + } + }, + "accountIds": { + "type": "array", + "description": "List of Cloud Account IDs", + "items": { + "type": "string" + } + }, + "clusters": { + "type": "array", + "description": "List of Clusters", + "items": { + "type": "string" + } + }, + "clusterNamespaces": { + "type": "array", + "description": "List of Namespaces", + "items": { + "type": "string" + } + }, + "accountNames": { + "type": "array", + "description": "List of Account Names", + "items": { + "type": "string" + } + }, + "cveId": { "type": "string", - "description": "Providers" + "description": "CVE ID" + } + }, + "description": "Request Model for Dashboard Widgets" + }, + "WidgetRequestTopN": { + "type": "object", + "properties": { + "assetTypes": { + "type": "array", + "example": "package,serverlessFunction,iac,deployedImage,vmImage,registryImage,host", + "description": "List of Asset Types", + "items": { + "type": "string" + } }, - "repositories": { - "type": "integer", - "description": "Respository count" + "lifeCycle": { + "type": "array", + "example": "code,build,deploy,run", + "description": "List of Asset Life Cycles", + "items": { + "type": "string" + } }, - "registries": { - "type": "integer", - "description": "Registry count" + "severities": { + "type": "array", + "example": "critical,high,low,medium,informational", + "description": "List of Severities", + "items": { + "type": "string" + } }, - "packages": { - "type": "integer", - "description": "Packages count" + "accountGroups": { + "type": "array", + "description": "List of Cloud Account Groups", + "items": { + "type": "string" + } }, - "assets": { - "type": "integer", - "description": "Total Assets" + "accountIds": { + "type": "array", + "description": "List of Cloud Account IDs", + "items": { + "type": "string" + } }, - "users": { - "type": "integer", - "description": "Total Users" + "clusters": { + "type": "array", + "description": "List of Clusters", + "items": { + "type": "string" + } }, - "vulnerabilities": { - "type": "object", - "description": "Vulnerability Split by Severity", - "properties": { - "criticalCount": { - "type": "integer", - "description": "Total Critical severity Vulnerability count" - }, - "highCount": { - "type": "integer", - "description": "Total High severity Vulnerability count" - }, - "mediumCount": { - "type": "integer", - "description": "Total Medium severity Vulnerability count" - }, - "lowCount": { - "type": "integer", - "description": "Total low severity Vulnerability count" - } + "clusterNamespaces": { + "type": "array", + "description": "List of Namespaces", + "items": { + "type": "string" + } + }, + "accountNames": { + "type": "array", + "description": "List of Account Names", + "items": { + "type": "string" } + }, + "topNValue": { + "type": "integer", + "format": "int32", + "example": "5,10", + "description": "Integer value for TopN Widget" } - } + }, + "description": "Request Model for Dashboard Widgets" } }, "securitySchemes": { diff --git a/openapi-specs/cspm/consolidated_spec/all_endpoints.csv b/openapi-specs/cspm/consolidated_spec/all_endpoints.csv index d8e02342f..0083440f1 100644 --- a/openapi-specs/cspm/consolidated_spec/all_endpoints.csv +++ b/openapi-specs/cspm/consolidated_spec/all_endpoints.csv @@ -118,7 +118,7 @@ "get","/asm/api/v1/asset/vulnerability","Get Impacted Distros for a Vulnerability","vulnerability","Discovery and Exposure Management","CDEMMicroServices.json" "get","/asm/api/v1/asset/snoozed-regex","Get Snooze Regex Pattern","list-snoozed-pattern","Discovery and Exposure Management","CDEMMicroServices.json" "get","/asm/api/v1/asset/filters","Get Asset Filters","get-asset-filters","Discovery and Exposure Management","CDEMMicroServices.json" -"get","/account/{accountId}/config/status","List Account Status Details","list-cloud-account-status-details","Cloud Accounts (All)","CloudAccountOnboardingMicroServices.json" +"get","/account/{accountId}/config/status","Get Account Status","list-cloud-account-status-details","Cloud Accounts (All)","CloudAccountOnboardingMicroServices.json" "post","/cas/v1/aws_account","Add Cloud Account (AWS)","add-aws-cloud-account","Cloud Accounts (AWS)","CloudAccountOnboardingMicroServices.json" "post","/cas/v1/aws_account/{account_id}/ancestors","List Ancestors (AWS)","get-ancestors-for-given-members-ous","Cloud Accounts (AWS)","CloudAccountOnboardingMicroServices.json" "put","/cas/v1/aws_account/{id}","Update Cloud Account (AWS)","update-aws-cloud-account","Cloud Accounts (AWS)","CloudAccountOnboardingMicroServices.json" @@ -130,7 +130,7 @@ "post","/cas/v1/cloud_account/status/gcp","Get Cloud Account Status (GCP)","get-gcp-cloud-account-status","Cloud Accounts (GCP)","CloudAccountOnboardingMicroServices.json" "post","/cas/v1/gcp_account","Add Cloud Account (GCP)","add-gcp-cloud-account","Cloud Accounts (GCP)","CloudAccountOnboardingMicroServices.json" "put","/cas/v1/gcp_account/{id}","Update Cloud Account (GCP)","update-gcp-cloud-account","Cloud Accounts (GCP)","CloudAccountOnboardingMicroServices.json" -"get","/cloud","List Cloud Accounts","get-cloud-accounts","Cloud Accounts (All)","CloudAccountOnboardingMicroServices.json" +"get","/cloud","Get all Cloud Accounts","get-cloud-accounts","Cloud Accounts (All)","CloudAccountOnboardingMicroServices.json" "post","/cloud-accounts-manager/v1/cloudAccounts/awsAccounts/{account_id}/ancestors","List Ancestors (AWS) - Legacy","get-ancestors-for-given-members-ous-legacy","Cloud Accounts (AWS)","CloudAccountOnboardingMicroServices.json" "post","/cloud-accounts-manager/v1/cloudAccounts/awsAccounts/{parent_id}/children","List Children of Parent (AWS) - Legacy","get-list-of-children-under-parent-aws-legacy","Cloud Accounts (AWS)","CloudAccountOnboardingMicroServices.json" "post","/cloud-accounts-manager/v1/cloudAccounts/azureAccounts/{account_id}/ancestors","List Ancestors (Azure)","get-ancestors-for-given-subscriptions-and-management-groups","Cloud Accounts (Azure)","CloudAccountOnboardingMicroServices.json" @@ -149,10 +149,27 @@ "get","/cloud/{cloud_type}/{id}","Get Cloud Account Details","get-cloud-account","Cloud Accounts (All)","CloudAccountOnboardingMicroServices.json" "put","/cloud/{cloud_type}/{id}","Update Cloud Account (OCI and Alibaba)","update-cloud-account","Cloud Accounts (OCI and Alibaba)","CloudAccountOnboardingMicroServices.json" "delete","/cloud/{cloud_type}/{id}","Delete Cloud Account","delete-cloud-account","Cloud Accounts (All)","CloudAccountOnboardingMicroServices.json" -"patch","/cloud/{cloud_type}/{id}","Patch Cloud Account","patch-cloud-account","Cloud Accounts (All)","CloudAccountOnboardingMicroServices.json" -"get","/cloud/{cloud_type}/{id}/project","List Cloud Org Accounts","get-cloud-org-accounts","Cloud Accounts (All)","CloudAccountOnboardingMicroServices.json" +"patch","/cloud/{cloud_type}/{id}","Update Cloud Account Details","patch-cloud-account","Cloud Accounts (All)","CloudAccountOnboardingMicroServices.json" +"get","/cloud/{cloud_type}/{id}/project","Get Cloud Org Accounts","get-cloud-org-accounts","Cloud Accounts (All)","CloudAccountOnboardingMicroServices.json" "get","/cloud/{id}/owners","List Cloud Account Owners","get-cloud-account-owners","Cloud Accounts (All)","CloudAccountOnboardingMicroServices.json" "patch","/cloud/{id}/status/{enabled}","Update Cloud Account Status","update-cloud-account-status","Cloud Accounts (All)","CloudAccountOnboardingMicroServices.json" +"get","/v1/cloudAccounts/awsLoggingAccounts","Get all AWS Logging Accounts","getLoggingArchiveAccounts","AWS Logging Accounts","CloudAccountOnboardingMicroServices.json" +"post","/v1/cloudAccounts/awsLoggingAccounts","Add AWS Logging Account","saveLoggingAccount","AWS Logging Accounts","CloudAccountOnboardingMicroServices.json" +"post","/v1/cloudAccounts/awsLoggingAccounts/cft","Generate a New CFT Template","generate-log-account-cft","AWS Logging Accounts","CloudAccountOnboardingMicroServices.json" +"post","/v1/cloudAccounts/awsLoggingAccounts/permissionsStatus","Get Logging Account Status","checkLoggingAccountStatus","AWS Logging Accounts","CloudAccountOnboardingMicroServices.json" +"get","/v1/cloudAccounts/awsLoggingAccounts/{accountId}","Get Logging Account By ID","getLoggingArchiveAccount","AWS Logging Accounts","CloudAccountOnboardingMicroServices.json" +"delete","/v1/cloudAccounts/awsLoggingAccounts/{accountId}/buckets/{bucketName}","Delete an S3 bucket","deleteBucket","AWS Logging Accounts","CloudAccountOnboardingMicroServices.json" +"get","/v1/cloudAccounts/awsLoggingAccounts/{accountId}/cft","Regenerate CFT for an Existing Account","generate-log-account-cft-existing","AWS Logging Accounts","CloudAccountOnboardingMicroServices.json" +"post","/v1/cloudAccounts/awsLoggingAccounts/{accountId}/cft","Regenerate CFT for New RoleName","generate-log-account-cft-role","AWS Logging Accounts","CloudAccountOnboardingMicroServices.json" +"get","/v1/cloudAccounts/awsLoggingAccounts/{accountId}/role/{roleName}/externalId","Get External ID of an Account","Get External ID ","AWS Logging Accounts","CloudAccountOnboardingMicroServices.json" +"put","/v1/cloudAccounts/awsLoggingAccounts/{loggingAccountId}","Update Logging Account","updateLoggingAccount","AWS Logging Accounts","CloudAccountOnboardingMicroServices.json" +"delete","/v1/cloudAccounts/awsLoggingAccounts/{loggingAccountId}","Delete a Logging Account by ID","deleteLoggingAccount","AWS Logging Accounts","CloudAccountOnboardingMicroServices.json" +"get","/v1/cloudAccounts/awsLoggingAccounts/{loggingAccountId}/buckets","List S3 Bucket Names","getBuckets","AWS Logging Accounts","CloudAccountOnboardingMicroServices.json" +"post","/v1/cloudAccounts/awsLoggingAccounts/{loggingAccountId}/buckets","Add an S3 bucket","saveBucket","AWS Logging Accounts","CloudAccountOnboardingMicroServices.json" +"get","/v1/cloudAccounts/awsLoggingAccounts/{loggingAccountId}/buckets/{bucketName}","Get all S3 Buckets","getBucketDetails","AWS Logging Accounts","CloudAccountOnboardingMicroServices.json" +"put","/v1/cloudAccounts/awsLoggingAccounts/{loggingAccountId}/buckets/{bucketName}","Update S3 Bucket Details","updateBucket","AWS Logging Accounts","CloudAccountOnboardingMicroServices.json" +"get","/v1/cloudAccounts/awsLoggingAccounts/{loggingAccountId}/permissionsStatus","Get Logging Account Status - GET","getLoggingAccountStatus","AWS Logging Accounts","CloudAccountOnboardingMicroServices.json" +"post","/v1/cloudAccounts/awsLoggingAccounts/{loggingAccountId}/permissionsStatus","Get Logging Account Status - POST","checkLoggingAccountStatusForProvidedAccount","AWS Logging Accounts","CloudAccountOnboardingMicroServices.json" "post","/dlp/api/v1/config/awsorg/status","Check Data Security Preconditions (AWS Org)","get-status-for-org","Cloud Accounts (AWS)","Monolith" "post","/dlp/api/config/v2","Add Data Security Config (AWS Org)","onboard-aws-org-scan","Cloud Accounts (AWS)","Monolith" "put","/dlp/api/config/v2","Update Data Security Config (AWS Org)","update-aws-org-scan-config","Cloud Accounts (AWS)","Monolith" @@ -443,21 +460,29 @@ "get","/settings/enterprise","Enterprise Settings - GET","get-enterprise-settings","Settings","Monolith" "post","/settings/enterprise","Enterprise Settings - POST","update-enterprise-settings","Settings","Monolith" "get","/check","Health Check","health-check","System","Monolith" -"get","/uve/api/v1/dashboard/vulnerabilities/overview","Get Vulnerability Overview","vulnerability-dashboard-overview","Vulnerabilities Dashboard","UVEDashboardMicroService.json" -"get","/uve/api/v2/dashboard/vulnerabilities/overview","Get Vulnerability Overview V2","vulnerability-dashboard-overview-v2","Vulnerabilities Dashboard","UVEDashboardMicroService.json" -"get","/uve/api/v3/dashboard/vulnerabilities/overview","Get Vulnerability Overview V3","vulnerability-dashboard-overview-v3","Vulnerabilities Dashboard","UVEDashboardMicroService.json" -"get","/uve/api/v1/dashboard/vulnerabilities/prioritised","Get Prioritized Vulnerabilities","prioritised-vulnerability","Vulnerabilities Dashboard","UVEDashboardMicroService.json" -"get","/uve/api/v2/dashboard/vulnerabilities/prioritised","Get Prioritized Vulnerabilities V2","prioritised-vulnerability-v2","Vulnerabilities Dashboard","UVEDashboardMicroService.json" -"get","/uve/api/v3/dashboard/vulnerabilities/prioritised","Get Prioritized Vulnerabilities V3","prioritised-vulnerability-v3","Vulnerabilities Dashboard","UVEDashboardMicroService.json" -"get","/uve/api/v4/dashboard/vulnerabilities/prioritised","Get Prioritized Vulnerabilities V4","prioritised-vulnerability-v4","Vulnerabilities Dashboard","UVEDashboardMicroService.json" +"post","/trace/api/v1/asset","Get C2C Trace Asset Graph","c2c-trace-api","Vulnerabilities Dashboard","UVEDashboardMicroService.json" +"get","/uve/api/v1/cve-overview","Get Cve Overview V2","cve-overview-v-2","Vulnerabilities Dashboard","UVEDashboardMicroService.json" +"get","/uve/api/v1/dashboard/vulnerabilities/cve-overview","Get Cve Overview","cve-overview","Vulnerabilities Dashboard","UVEDashboardMicroService.json" "get","/uve/api/v1/dashboard/vulnerabilities/impact-stage","Get Vulnerability Impact by Stage","vulnerability-impact-by-stage","Vulnerabilities Dashboard","UVEDashboardMicroService.json" +"get","/uve/api/v1/dashboard/vulnerabilities/overview","Get Vulnerability Overview","vulnerability-dashboard-overview","Vulnerabilities Dashboard","UVEDashboardMicroService.json" +"get","/uve/api/v1/dashboard/vulnerabilities/prioritised","Get Prioritized Vulnerabilities V1","prioritised-vulnerability","Vulnerabilities Dashboard","UVEDashboardMicroService.json" "get","/uve/api/v1/dashboard/vulnerabilities/prioritised-vuln","Get Top Impacting Vulnerabilities","top-prioritised-vulnerability","Vulnerabilities Dashboard","UVEDashboardMicroService.json" -"get","/uve/api/v2/dashboard/vulnerabilities/prioritised-vuln","Get Top Impacting Vulnerabilities V2","top-prioritised-vulnerability-v2","Vulnerabilities Dashboard","UVEDashboardMicroService.json" -"get","/uve/api/v1/dashboard/vulnerabilities/cve-overview","Get CVE Overview","cve-overview","Vulnerabilities Dashboard","UVEDashboardMicroService.json" -"get","/uve/api/v1/cve-overview","Get CVE Overview V2","cve-overview-v2","Vulnerabilities Dashboard","UVEDashboardMicroService.json" -"get","/uve/api/v2/dashboard/vulnerabilities/burndown","Get Vulnerabilities Burndown","get-burndown","Vulnerabilities Dashboard","UVEDashboardMicroService.json" "post","/uve/api/v1/dashboard/vulnerabilities/vuln-assets","Get Vulnerable Assets by CVE","list-vulnerable-assets-cve","Vulnerabilities Dashboard","UVEDashboardMicroService.json" "get","/uve/api/v1/dashboard/vulnerabilities/vulnerableAsset","Get Vulnerable Assets","vulnerable-assets","Vulnerabilities Dashboard","UVEDashboardMicroService.json" +"post","/uve/api/v1/vuln-assets","Get Vulnerable Assets by CVE V2","list-vulnerable-assets-cve-v-2","Vulnerabilities Dashboard","UVEDashboardMicroService.json" +"post","/uve/api/v2/cve-overview","Get CVE Overview - POST","cve-overview-v-3","Vulnerabilities Dashboard","UVEDashboardMicroService.json" +"get","/uve/api/v2/dashboard/vulnerabilities/burndown","Get Vulnerabilities Burndown","get-burndown","Vulnerabilities Dashboard","UVEDashboardMicroService.json" +"post","/uve/api/v2/dashboard/vulnerabilities/impact-stage","Get Vulnerability Impact by Stage - POST","vulnerability-impact-by-stage-v-2","Vulnerabilities Dashboard","UVEDashboardMicroService.json" +"get","/uve/api/v2/dashboard/vulnerabilities/overview","Get Vulnerability Overview V2","vulnerability-dashboard-overview-v-2","Vulnerabilities Dashboard","UVEDashboardMicroService.json" +"get","/uve/api/v2/dashboard/vulnerabilities/prioritised","Get Prioritized Vulnerabilities V2","prioritised-vulnerability-v-2","Vulnerabilities Dashboard","UVEDashboardMicroService.json" +"get","/uve/api/v2/dashboard/vulnerabilities/prioritised-vuln","Get Top Impacting Vulnerabilities V2","top-prioritised-vulnerability-v-2","Vulnerabilities Dashboard","UVEDashboardMicroService.json" +"post","/uve/api/v2/dashboard/vulnerabilities/vulnerableAsset","Get Vulnerable Assets Stats - POST","vulnerable-assets-v-2","Vulnerabilities Dashboard","UVEDashboardMicroService.json" +"get","/uve/api/v3/dashboard/vulnerabilities/overview","Get Vulnerability Overview V3","vulnerability-dashboard-overview-v-3","Vulnerabilities Dashboard","UVEDashboardMicroService.json" +"get","/uve/api/v3/dashboard/vulnerabilities/prioritised","Get Prioritized Vulnerabilities V3","prioritised-vulnerability-v-3","Vulnerabilities Dashboard","UVEDashboardMicroService.json" +"post","/uve/api/v3/dashboard/vulnerabilities/prioritised-vuln","Get Top Impacting Vulnerabilities - POST","top-prioritised-vulnerability-v-3","Vulnerabilities Dashboard","UVEDashboardMicroService.json" +"post","/uve/api/v4/dashboard/vulnerabilities/overview","Get Vulnerability Overview - POST","vulnerability-dashboard-overview-v-4","Vulnerabilities Dashboard","UVEDashboardMicroService.json" +"get","/uve/api/v4/dashboard/vulnerabilities/prioritised","Get Prioritized Vulnerabilities V4","prioritised-vulnerability-v-4","Vulnerabilities Dashboard","UVEDashboardMicroService.json" +"post","/uve/api/v5/dashboard/vulnerabilities/prioritised","Get Prioritized Vulnerabilities - POST","prioritised-vulnerability-v-5","Vulnerabilities Dashboard","UVEDashboardMicroService.json" "post","/uve/api/v1/remediation/vuln-remediation-status","Get Remediation Status","fetch-Remediation-Status","Vulnerabilities Dashboard","Monolith" "post","/uve/api/v1/remediation/vuln-create-remediation","Create Remediation Request","create-Remediation-Request","Vulnerabilities Dashboard","Monolith" "post","/uve/api/v1/vulnerabilities/search","Get Vulnerabilities by RQL","vulnerabilities-search-api","Vulnerabilities Dashboard","UVESearchMicroService.json"