Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

RLP_151624 changes #772

Merged
merged 5 commits into from
Nov 24, 2024
Merged

RLP_151624 changes #772

Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
6c85e14
RLP_151624 changes
smitapaloalto Nov 14, 2024
d515c5b
RLP-151624 changes
smitapaloalto Nov 14, 2024
940bab0
Update api-integration-config.md
smitapaloalto Nov 15, 2024
b1f7799
Update api-integration-config.md
smitapaloalto Nov 15, 2024
0fb6003
Merge branch 'master' into techpub-smita-cspm-changes
smitapaloalto Nov 21, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
72 changes: 72 additions & 0 deletions products/prisma-cloud/api/cspm/api-integration-config.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,78 @@ The request body for some of the endpoints includes an `integrationConfig` param

Note that most external systems require some configuration before you can use the Prisma Cloud API endpoints to add an integration to that system. For more details, see [Prisma Cloud Integrations](https://docs.prismacloud.io/en/classic/cspm-admin-guide/configure-external-integrations-on-prisma-cloud/prisma-cloud-integrations). If you are upgraded to the Darwin release, see [Prisma Cloud Integrations](https://docs.prismacloud.io/en/enterprise-edition/content-collections/administration/configure-external-integrations-on-prisma-cloud/prisma-cloud-integrations).


### AWS Security Hub

Prisma Cloud integrates with AWS Security Hub for centralized visibility into security and compliance risks associated with your cloud assets on the AWS Security Hub console.

As a part of the integration, Prisma Cloud monitors your AWS cloud assets. It sends alerts about resource misconfigurations, compliance violations, network security risks, and anomalous user activities directly to the AWS Security Hub console providing a centralized and comprehensive view of the cloud assets deployed on your AWS accounts.
smitapaloalto marked this conversation as resolved.
Show resolved Hide resolved


Note: Prisma Cloud integration with AWS Security Hub is not supported for `US Gov Cloud` regions.


#### Add, Update, or Test an AWS Security Hub Integration


To add an AWS Security Hub integration, make your request as described in
[Add Integration](/prisma-cloud/api/cspm/create-integration-v-1). As part of the request body, the `integrationType` parameter is `aws_security_hub`, and the `integrationConfig` parameter contains the following key/value pairs.


| Key | Value Description | Value Type | Default Value or Required |
jrdevore marked this conversation as resolved.
Show resolved Hide resolved
| -------------- | ----------------------------------------------------------------------------------------------------------------- | ---------- | ------------------------- |
| region | List of Regions where Prisma Cloud on AWS Security Hub is enabled for your cloud account | List of Objects<br/>{<br/>String name; (Required)<br/>String apiIdentifier; (Required)<br/>String cloudType;<br/>String sdkId;<br/>Boolean enabled;<br/>} | Required |
smitapaloalto marked this conversation as resolved.
Show resolved Hide resolved
| defaultRegion | The region where you will receive alert notifications for global resources | Object<br/>{<br/>String name (Required);<br/>String apiIdentifier (Required);<br/>String cloudType;<br/>String sdkId;<br/>Boolean enabled;<br/>} | Required if the user wants to receive global alerts |
| accountId | The Account ID of the AWS account that you have onboarded on Prisma Cloud | string | Required |


To update an AWS Security Hub integration, make your request as described in
[Update Integration](/prisma-cloud/api/cspm/update-integration-v-1). Parameter `integrationConfig` is mutable.


To test an AWS Security Hub, make your request as described in
[Test Integration](/prisma-cloud/api/cspm/test-integration).


##### Example Request Body to Add an Amazon Security Hub Integration


```json
{
"description": "string",
"enabled": true,
"integrationConfig": {
"regions": [
{
"name": "AWS Virginia",
"apiIdentifier": "us-east-1",
"cloudType": "aws",
"sdkId": "",
"enabled": true
},
{
"name": "string",
"apiIdentifier": "string",
"cloudType": "aws",
"sdkId": "string",
"enabled": true
}
],
"defaultRegion": {
"name": "string",
"apiIdentifier": "string",
"cloudType": "aws",
"sdkId": "string",
"enabled": true
},
"accountId": "string"
},
"integrationType": "aws_security_hub",
"name": "string",
"id": "string"
}
```

### Amazon Security Lake

Prisma Cloud integrates with Amazon Security Lake to ingest Prisma Cloud Open Cybersecurity Schema Framework (OCSF) compliant vulnerability security data into Amazon Security Lake.
Expand Down
Loading