diff --git a/docusaurus.config.ts b/docusaurus.config.ts index 2d355cb5b..b239f4408 100644 --- a/docusaurus.config.ts +++ b/docusaurus.config.ts @@ -492,7 +492,16 @@ const config = { }, { to: "/sase/api/introduction", +<<<<<<< HEAD label: "Configuration Orchestration", +======= + label: "Prisma Access Configuration Orchestration", + icon: "api-doc", + }, + { + to: "sase/api/sspm", + label: "SaaS Security Posture Management", +>>>>>>> f50abe3414b16907232b92e2a063ca0e66648ce7 icon: "api-doc", }, { @@ -906,6 +915,14 @@ const config = { configorch: { specPath: "openapi-specs/sase/config-orch", outputDir: "products/sase/api/config-orch", +<<<<<<< HEAD +======= + sidebarOptions: { groupPathsBy: "tag" }, + }, + sasesspm: { + specPath: "openapi-specs/sase/sspm", + outputDir: "products/sase/api/sspm", +>>>>>>> f50abe3414b16907232b92e2a063ca0e66648ce7 sidebarOptions: { groupPathsBy: "tag" }, }, access: { diff --git a/openapi-specs/cspm/consolidated_spec/all_endpoints.csv b/openapi-specs/cspm/consolidated_spec/all_endpoints.csv index 73ad57406..4dbf8352c 100644 --- a/openapi-specs/cspm/consolidated_spec/all_endpoints.csv +++ b/openapi-specs/cspm/consolidated_spec/all_endpoints.csv @@ -541,6 +541,7 @@ "post","/adoptionadvisor/api/v2/compute/discovered-secured/trend","Get Discovered and Secured Resources","value-widgets-get-discovered-vs-secured","Widgets","Monolith" "get","/c2c/api/v1/deploy/trend","List Deploy Trend","code-to-cloud-list-deploy-trend","Code to Cloud","code2cloudMicroService.json" "get","/c2c/api/v1/runtime/trend","List Runtime Trend","code-to-cloud-list-runtime-trend","Code to Cloud","code2cloudMicroService.json" +"get","/policy/api/v1/fetch/remediation/{policyId}","Get Policy Remediation","getRemediationForPolicy","Alerts","Monolith" "get","/appid/api/v1/satellite","List Cluster Details","listClusters","Settings","Monolith" "post","/appid/api/v1/satellite","Add Satellite Details","addClusterInfo","Settings","Monolith" "delete","/appid/api/v1/satellite/{id}","Delete Satellite Details","deleteCluster","Settings","Monolith" diff --git a/openapi-specs/cspm/pia-openapi.json b/openapi-specs/cspm/pia-openapi.json new file mode 100644 index 000000000..de08d8000 --- /dev/null +++ b/openapi-specs/cspm/pia-openapi.json @@ -0,0 +1,267 @@ +{ + "openapi": "3.0.1", + "info": { + "title": "OpenAPI definition", + "version": "v0" + }, + "servers": [ + { + "url": "https://api.prismacloud.io" + }, + { + "url": "https://api2.prismacloud.io" + }, + { + "url": "https://api3.prismacloud.io" + }, + { + "url": "https://api4.prismacloud.io" + }, + { + "url": "https://api.anz.prismacloud.io" + }, + { + "url": "https://api.eu.prismacloud.io" + }, + { + "url": "https://api2.eu.prismacloud.io" + }, + { + "url": "https://api.gov.prismacloud.io" + }, + { + "url": "https://api.prismacloud.cn" + }, + { + "url": "https://api.ca.prismacloud.io" + }, + { + "url": "https://api.sg.prismacloud.io" + }, + { + "url": "https://api.uk.prismacloud.io" + }, + { + "url": "https://api.ind.prismacloud.io" + }, + { + "url": "https://api.jp.prismacloud.io" + }, + { + "url": "https://api.fr.prismacloud.io" + } + ], + "tags": [ + { + "name": "Alerts", + "description": "..." + } + ], + "paths": { + "/policy/api/v1/fetch/remediation/{policyId}": { + "get": { + "tags": [ + "Alerts" + ], + "summary": "Get Policy Remediation", + "description": "Fetch AI Assisted Remediation and Recommendation content for a given policy. If AI Assisted Remediation is not available, fetch the recommendation content instead. The remediation typically includes actionable steps to mitigate or remediate the identified alert on the asset.", + "operationId": "getRemediationForPolicy", + "parameters": [ + { + "name": "policyId", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "unifiedAssetId", + "in": "query", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "alertId", + "in": "query", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "success", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/PolicyWithRemediationResponse" + } + } + } + }, + "400": { + "description": "bad_request" + }, + "401": { + "description": "unauthorized_access" + }, + "403": { + "description": "permission_error" + }, + "429": { + "description": "too_many_requests" + } + }, + "x-public": "true", + "security": [ + { + "x-redlock-auth": [] + } + ] + } + } + }, + "components": { + "schemas": { + "AiRemediation": { + "type": "object", + "properties": { + "manualRemediation": { + "$ref": "#/components/schemas/ManualRemediation" + }, + "cli": { + "type": "array", + "description": "The suggested CLI-based remediation steps", + "items": { + "$ref": "#/components/schemas/ScriptRemediation" + } + }, + "tf": { + "type": "array", + "description": "The suggested Terraform-based remediation steps", + "items": { + "$ref": "#/components/schemas/ScriptRemediation" + } + } + } + }, + "ManualRemediation": { + "type": "object", + "properties": { + "title": { + "type": "string", + "description": "A title for the manual remediation steps" + }, + "description": { + "type": "string", + "description": "A description of the remediation content" + }, + "instructions": { + "type": "string", + "description": "Detailed instructions to manually remediate the issue" + }, + "impact": { + "type": "string", + "description": "The potential impact of applying the remediation" + } + }, + "description": "The manual remediation steps to be taken" + }, + "PolicyWithRemediation": { + "type": "object", + "properties": { + "policyId": { + "type": "string" + }, + "policyName": { + "type": "string" + }, + "policyType": { + "type": "string" + }, + "cloudType": { + "type": "string", + "enum": [ + "all", + "aws", + "azure", + "gcp", + "alibaba_cloud", + "oci", + "other", + "ibm" + ] + }, + "findingTypes": { + "uniqueItems": true, + "type": "array", + "items": { + "type": "string" + } + }, + "aiRemediation": { + "$ref": "#/components/schemas/AiRemediation" + }, + "recommendation": { + "type": "string" + }, + "hasSearchExecutionSupport": { + "type": "boolean" + }, + "savedSearchId": { + "type": "string" + } + } + }, + "PolicyWithRemediationResponse": { + "type": "object", + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/components/schemas/PolicyWithRemediation" + } + } + } + }, + "ScriptRemediation": { + "type": "object", + "properties": { + "title": { + "type": "string", + "description": "A title for the remediation script to be executed" + }, + "description": { + "type": "string", + "description": "A description of the remediation content" + }, + "codeBlock": { + "type": "string", + "description": "The suggested code block to be executed for remediation" + }, + "impact": { + "type": "string", + "description": "The potential impact of applying the remediation" + }, + "automated": { + "type": "boolean", + "description": "can be executed automatically without manual intervention" + } + }, + "description": "The suggested Terraform-based remediation steps" + } + }, + "securitySchemes": { + "x-redlock-auth": { + "description": "The x-redlock-auth value is a JSON Web Token (JWT).", + "in": "header", + "name": "x-redlock-auth", + "type": "apiKey" + } + } + } +} diff --git a/openapi-specs/sase/config-orch/paloaltonetworks-Remote_Networks.yaml b/openapi-specs/sase/config-orch/paloaltonetworks-Remote_Networks.yaml index 8a5da006f..0817bb9ba 100644 --- a/openapi-specs/sase/config-orch/paloaltonetworks-Remote_Networks.yaml +++ b/openapi-specs/sase/config-orch/paloaltonetworks-Remote_Networks.yaml @@ -1260,9 +1260,15 @@ info: \ Remote Networks.\n\nThese APIs use the common SASE authentication mechanism\ \ and base URL. See the\n[Prisma SASE API Get Started](https://pan.dev/sase/docs/getstarted)\ \ guide for more information.\n\nThis Open API spec file was created on January\ +<<<<<<< HEAD \ 21, 2025. To check for a more recent version of this file, see\n[Configuration\ \ Orchestration APIs on pan.dev](https://pan.dev/sase/api/remote-networks/remote-networks.html).\ \ \n\n\xA9 2024 Palo Alto Networks, Inc. Palo Alto Networks is a registered trademark\ +======= + \ 24, 2025. To check for a more recent version of this file, see\n[Configuration\ + \ Orchestration APIs on pan.dev](https://pan.dev/sase/api/remote-networks/remote-networks.html).\ + \ \n\n\xA9 2025 Palo Alto Networks, Inc. Palo Alto Networks is a registered trademark\ +>>>>>>> f50abe3414b16907232b92e2a063ca0e66648ce7 \ of Palo\nAlto Networks. A list of our trademarks can be found at\n\n[https://www.paloaltonetworks.com/company/trademarks.html](https://www.paloaltonetworks.com/company/trademarks.html)\n\ \nAll other marks mentioned herein may be trademarks of their respective companies.\n" title: Configuration Orchestration API diff --git a/products/sase/api/config-orch/api-workflow.md b/products/sase/api/config-orch/api-workflow.md index c8f00a592..af5a1cae4 100644 --- a/products/sase/api/config-orch/api-workflow.md +++ b/products/sase/api/config-orch/api-workflow.md @@ -14,10 +14,15 @@ The purpose of this topic is to guide users on how to interact with the APIs ste This workflow is designed to ensure clarity and simplicity, making it easier for first-time users and experienced developers to integrate the APIs effectively. ### 1. Create Location Information +<<<<<<< HEAD **Step**: Use the `/v1/location-informations` endpoint to submit longitude and latitude. This retrieves the most accurate location data required for the setup. **API Reference**: [Location Information](/sase/api/config-orch/post-v-1-location-informations/) +======= +**Step**: Use the [`/v1/location-informations`](/sase/api/config-orch/post-v-1-location-informations/)) endpoint to submit longitude and latitude. This retrieves the most accurate location data required for the setup. + +>>>>>>> f50abe3414b16907232b92e2a063ca0e66648ce7 **Code Snippet (Example using cURL)**: ```bash curl -L 'https://api.sase.paloaltonetworks.com/v1/location-informations' \ diff --git a/products/sase/api/config-orch/introduction.md b/products/sase/api/config-orch/introduction.md index b89e13c59..3aa5a4d41 100644 --- a/products/sase/api/config-orch/introduction.md +++ b/products/sase/api/config-orch/introduction.md @@ -12,7 +12,10 @@ keywords: To create Remote Network firewall which is part of Prisma Access, Configuration Orchestration APIs allows you to directly configure Remote Network tunnels. For example, +<<<<<<< HEAD +======= +>>>>>>> f50abe3414b16907232b92e2a063ca0e66648ce7 SD-WAN OEM vendor is looking to integrate their SD-WAN solution with our cloud security services to simplify the onboarding process for their customers' SD-WAN branches. However, they encounter the following challenges: **Different APIs for Panorama and Strata Cloud Manager:** An organization has to work with different APIs for our various management platforms. This not only doubles their integration efforts but also introduces additional complexity for their end customers. diff --git a/products/sase/docs/home.mdx b/products/sase/docs/home.mdx index 156cecc8c..c77a6a62d 100644 --- a/products/sase/docs/home.mdx +++ b/products/sase/docs/home.mdx @@ -32,6 +32,7 @@ Currently, Prisma SASE offers the following APIs: - [Prisma Access Insights](/access/docs/insights) - [Prisma Access Browser](/access/api/browser-mgmt/browser-mgmt-api/) - [SaaS Security Posture Management](/sase/api/sspm/) +- [Prisma Access Configuration Orchestration](/sase/api/introduction) Most of these APIs use a common authentication mechanism and base URL. See [Get Started](/sase/docs/getstarted) for details. diff --git a/products/sase/docs/release-notes/changelog.md b/products/sase/docs/release-notes/changelog.md index 82c2850fb..b2e403592 100644 --- a/products/sase/docs/release-notes/changelog.md +++ b/products/sase/docs/release-notes/changelog.md @@ -13,6 +13,9 @@ keywords: | Date | Description | | --------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Jan 29th, 2025 | Added [Prisma Access Configuration Orchestration](/sase/api/introduction/). +| Oct 18, 2024 | Added [Prisma Access Browser APIs](/access/api/browser-mgmt/browser-mgmt-api/). + | Jan 9th, 2025 | Added [SaaS Security Posture Management](/sase/api/sspm/). | Oct 18, 2024 | Added [Prisma Access Browser APIs](/access/api/browser-mgmt/browser-mgmt-api/). | | Oct 11, 2024 | Added additional [Aggregate Monitoring APIs](/sase/api/mt-monitor/). | diff --git a/products/sase/sidebars.ts b/products/sase/sidebars.ts index d5c4a8fc4..2d46e4c48 100644 --- a/products/sase/sidebars.ts +++ b/products/sase/sidebars.ts @@ -307,6 +307,14 @@ module.exports = { "sase/api/config-orch/introduction", "sase/api/config-orch/api-workflow", require("./api/config-orch/sidebar"), +<<<<<<< HEAD +======= + ], + securityposture: [ + "sase/api/sspm/sspm-introduction", + "sase/api/sspm/sspm-api-workflow", + require("./api/sspm/sidebar"), +>>>>>>> f50abe3414b16907232b92e2a063ca0e66648ce7 ], sasesubscription: [ "sase/api/subscription/subscription-api",