Prisma Cloud API를 사용하여 클라우드 자산 세부 정보를 검색하는 방법은 무엇입니까?

Prisma Cloud API를 사용하여 클라우드 자산 세부 정보를 검색하는 방법은 무엇입니까?

4962
Created On 07/21/24 05:22 AM - Last Modified 01/07/25 11:03 AM


Objective


  • 이 문서에서는 Prisma Cloud API를 사용하여 Cloud Asset Details를 검색하는 방법에 대한 단계를 강조합니다.

Environment


  • Prisma Cloud Enterprise Edition

Procedure


  1. API_KEY_VALUE 필드에 대한 API 호출에 사용할 JWT 토큰을 생성합니다 .
  2. 'rrn' 또는 'unified-asset-id'를 수집하세요
  • 다음 API는 자산 세부 정보를 검색하는 데 사용할 수 있는 해당 ID와 함께 모든 자산을 나열합니다. Resource Scan Info V2 - GET
  • API 출력에는 rrnunified-asset-id가 모두 포함됩니다.
메모: As this will list all the Assets, this may cause delay in response or generate error. Therefore, fill up the optional fields (shared below) to limit the result:
  • cloud.account ---> 여기에 계정 이름을 입력하세요(ID가 아닙니다)
  • 클라우드.타입
  • 한계(숫자값)
  • 스캔. 상태
For quick API call creation, fill in the details using the 요청 본문option on the API page itself

In the following example, the API call is created using the Request Body from the API page: 
curl -L -X GET 'https://api.sg.prismacloud.io/v2/resource/scan_info?cloud.account=APAC%20AWS%20ACCOUNT%20*****%20DO%20NOT%20DELETE*****&cloud.type=aws&scan.status=passed' \
-H 'Accept: application/json' \
-H 'x-redlock-auth: eyJhbGciOiJIUzI1NiJ9.eyJhY2Nlc3NLZXlJZCI6ImQ2MDJkNzk0LWU5MDYtNDY0ZS1hZGQ1LTE5MzlmODBjOTgwMCIsInN1YiI6ImFrcmFzdG9naUBwYWxvYWx0b25ldHdvcmtzLmNvbSIsImZpcnN0TG9naW4iOmZhbHNlLCJwcmlzbWFJZCI6Ijg3NDY1NDI4MDY5OTIyMzA0MCIsImlwQWRkcmVzcyI6IjxxxC4yMzguMTQuNzkiLCJpc3MiOiJodHRwczovL2FwaS5zZy5wcmlzbWFjbG91ZC5pbyIsInJlc3RyaWN0IjowLCJpc0FjY2Vzc0tleUxvZ2luIjp0cnVlLCJ1c2VyUm9sZVR5cGVEZXRhaWxzIjp7Imhhc09ubHlSZWFkQWNjZXNzIjpmYWxzZX0sInVzZXJSb2xlVHlwZU5hbWUiOiJTeXN0ZW0gQWRtaW4iLCJpc1NTT1Nlc3Npb24iOmZhbHNlLCJsYXN0TG9naW5UaW1lIjoxNzIxNTMzOTM0MzY5LCJhdWQiOiJodHRwczovL2FwaS5zZy5wcmlzbWFjbG91ZC5pbyIsInVzZXJSb2xlVHlwZUlkIjoxLCJhdXRoLW1ldGhvZCI6IlBBU1NXT1JEIiwic2VsZWN0ZWRDdXN0b21lck5hbWUiOiJQYWxvIEFsdG8gTmV0d29ya3MgKFRFU1QgQUNDVCkgLSAxMjk0MzI1MzM4NTAxMDczNTc1Iiwic2Vzc2lvblRpbWVvdXQiOjYwLCJ1c2VyUm9sZUlkIjoiODkyNzhjMjktYjRlYS00ZWU3LTg0MWQtYjE2NDExN2RmMDBiIiwiaGFzRGVmZW5kZXJQZXJtaXNzaW9ucyI6ZmFsc2UsImV4cCI6MTcyMTUzNjMxOCwiaWF0IjoxNzIxNTM1NzE4LCJ1c2VybmFtZSI6ImFrcmFzdG9naUBwYWxvYWx0b25ldHdvcmtzLmNvbSIsInVzZXJSb2xlTmFtZSI6IlN5c3RlbSBBZG1pbiJ9.pJieaGBoxnqYaPsMrpSlZ94_fHMFVZaPUCyk9g5bIuc'
결과: 
{
  "timestamp": 1721534400000,
  "totalMatchedCount": 34262,
  "pageSize": 10000,
  "resources": [
    {
      "id": "arn:aws:cloudwatch:us-east-1:1434695xxx80:alarm:aal-fw-aws-gwlb-stack_FW_PANW_ASG-cw-cpu-low",
      "name": "aal-fw-aws-gwlb-stack_FW_PANW_ASG-cw-cpu-low",
      "accountId": "1434695xxx80",
      "accountName": "APAC AWS ACCOUNT ***** DO NOT DELETE*****",
      "regionId": "us-east-1",
      "regionName": "AWS Virginia",
      "cloudType": "aws",
      "rrn": "rrn:aws:cloudWatchAlarm:us-east-1:1434695xxx80:cf9dcecd60c4c70c7d22d61d8e2e34f4a8bf536c:arn%3Aaws%3Acloudwatch%3Aus-east-1%3A143469561880%3Aalarm%3Aaal-fw-aws-gwlb-stack_FW_PANW_ASG-cw-cpu-low",
      "alertStatus": {
        "high": 0,
        "medium": 0,
        "low": 0,
        "critical": 0,
        "informational": 0
      },
      "appNames": [
        "CSPM"
      ],
      "unifiedAssetId": "16e0c26096fb9a6bf81dxxx6546a0392",
      "resourceDetailsAvailable": true,
      "resourceConfigJsonAvailable": true,
      "assetType": "CloudWatch Alarm"
    }
  ]
}
  1. Get Asset API 사용: Get Asset
curl -L -X POST 'https://api.sg.prismacloud.io/uai/v1/asset' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'x-redlock-auth: <API_KEY_VALUE>' \
--data-raw '{
"assetId": "[rrn or unified asset ID]",
"type": "asset"
}'


예:

curl -L -X POST 'https://api.sg.prismacloud.io/uai/v1/asset' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'x-redlock-auth: eyJhbGciOiJIUzI1NiJ9.eyJhY2Nlc3NLZXlJZCI6ImQ2MDJkNzk0LWU5MDYtNDY0ZS1hZGQ1LTE5MzlmODBjOTgwMCIsInN1YiI6ImFrcmFzdG9naUBwYWxvYWx0b25ldHdvcmtzLmNvbSIsImZpcnN0TG9naW4iOmZhbHNlLCJwcmlzbWFJZCI6Ijg3NDY1NDI4MDY5OTIyMzA0MCIsImlwQWRkcmVzcyI6IjEzNC4yMzguMTYuMjA3IiwiaXNzIjoiaHR0cHM6Ly9hcGkuc2cucHJpc21hY2xvdWQuaW8iLCJyZXN0cmljdCI6MCwiaXNBY2Nlc3NLZXlMb2dpbiI6dHJ1ZSwidXNlclJvbGVUeXBlRGV0YWlscyI6eyJoYXNPbmx5UmVhZEFjY2VzcyI6ZmFsc2V9LCJ1c2VyUm9sZVR5cGVOYW1lIjoiU3lzdGVtIEFkbWluIiwiaXNTU09TZXNzaW9uIjpmYWxzZSwibGFzdExvZ2luVGltZSI6MTcyMTUzMzkzNDM2OSwiYXVkIjoiaHR0cHM6Ly9hcGkuc2cucHJpc21hY2xvdWQuaW8iLCJ1c2VyUm9sZVR5cGVJZCI6MSwiYXV0aC1tZXRob2QiOiJQQVNTV09SRCIsInNlbGVjdGVkQ3VzdG9tZXJOYW1lIjoiUGFsbyBBbHRvIE5ldHdvcmtzIChURVNUIEFDQ1QpIC0gMTI5NDMyNTMzODUwMTA3MzU3NSIsInNlc3Npb25UaW1lb3V0Ijo2MCwidXNlclJvbGVJZCI6Ijg5Mjc4YzI5LWI0ZWEtNGVlNy04NDFkLWIxNjQxMTdkZjAwYiIsImhhc0RlZmVuZGVyUGVybWlzc2lvbnMiOmZhbHNlLCJleHAiOjE3MjE1NDAyOTksImlhdCI6MTcyMTUzOTY5OSwidXNlcm5hbWUiOiJha3Jhc3RvZ2lAcGFsb2FsdG9uZXR3b3Jrcy5jb20iLCJ1c2VyUm9sZU5hbWUiOiJTeXN0ZW0gQWRtaW4ifQ.Pwogr0XRyKg1YCLJAyQ4oIoV8lz0j71kpBz5THdyIrU' \
--data-raw '{
  "assetId": "16e0c26096fb9a6bf81d5d26546a0392",
  "type": "asset"
}'


산출:

{
  "data": {
    "asset": {
      "id": "16e0c26096fb9a6bf81d5d26546a0392",
      "externalAssetId": "arn:aws:cloudwatch:us-east-1:1434695xxx80:alarm:aal-fw-aws-gwlb-stack_FW_PANW_ASG-cw-cpu-low",
      "cloudType": "aws",
      "createdTs": 1660285739000,
      "insertTs": 1660285739000,
      "dynamicData": null,
      "data": {
        "tags": [],
        "unit": "Percent",
        "period": 900,
        "metrics": [],
        "alarmArn": "arn:aws:cloudwatch:us-east-1:1434695xxx80:alarm:aal-fw-aws-gwlb-stack_FW_PANW_ASG-cw-cpu-low",
        "alarmName": "aal-fw-aws-gwlb-stack_FW_PANW_ASG-cw-cpu-low",
        "namespace": "aal-fw-aws-gwlb-stack_FW_PANW_ASG",
        "okactions": [],
        "statistic": "Average",
        "threshold": 20,
        "dimensions": [],
        "metricName": "DataPlaneCPUUtilizationPct",
        "alarmActions": [
          "arn:aws:autoscaling:us-east-1:1434695xxx80:scalingPolicy:715a500c-87eb-466b-b869-e1ff69fc8cc2:autoScalingGroupName/aal-fw-aws-gwlb-stack_FW_PANW_ASG:policyName/aal-fw-aws-gwlb-stack_FW_PANW_ASG-scalein"
        ],
        "actionsEnabled": true,
        "alarmDescription": "DataPlane CPU Utilization Low",
        "evaluationPeriods": 1,
        "comparisonOperator": "LessThanThreshold",
        "insufficientDataActions": []
      },
      "name": "aal-fw-aws-gwlb-stack_FW_PANW_ASG-cw-cpu-low",
      "regionId": "us-east-1",
      "regionName": "AWS Virginia",
      "riskGrade": "n_a",
      "stateId": null,
      "url": "https://console.aws.amazon.com/cloudwatch/home?region=us-east-1#alarm:name=arn:aws:cloudwatch:us-east-1:1434695xxx80:alarm:aal-fw-aws-gwlb-stack_FW_PANW_ASG-cw-cpu-low",
      "vpcId": null,
      "vpcName": "",
      "relationshipCounts": 0,
      "vulnerabilityCounts": null,
      "vpcExternalAssetId": "",
      "tags": {
        "": ""
      },
      "assetType": "CloudWatch Alarm",
      "serviceName": "Amazon CloudWatch",
      "resourceType": "CloudWatch Alarm",
      "accountGroup": "account",
      "accountName": "APAC AWS ACCOUNT ***** DO NOT DELETE*****",
      "assetClassId": "other",
      "assetClass": "Other",
      "deleted": false,
      "problem": [],
      "alertsCount": [],
      "attributes": {},
      "alertCountBySeverity": [],
      "ipAddresses": [],
      "trueInternetExposure": null
    }
  },
  "errors": []
}


Additional Information


리소스 스캔 정보 V2 - GET
자산 가져오기
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000HDfmCAG&lang=ko&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language