Edit the configuration settings of the specified cloud instance. After editing, there is a notice in the UI that there are pending changes. The changes are applied after you execute the template in the CSP after editing.
Required license: Cortex Cloud Posture Management
Authorization
String
required
{api_key}
{api_key}
UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP
x-xdr-auth-id
String
required
{api_key_id}
{api_key_id}
241
curl -X 'POST'
-H
'Accept: application/json'
-H
'Content-Type: application/json'
-H
'Authorization: UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP '
-H
'x-xdr-auth-id: 241'
'https://api-yourfqdn/public_api/v1/cloud_onboarding/edit_instance'
-d
'{
"request_data" : {
"id" : "instance-1",
"scan_env_id" : "env-1",
"instance_name" : "Updated AWS Instance",
"cloud_provider" : "AWS",
"custom_resources_tags" : [ {
"key" : "environment",
"value" : "staging"
} ],
"collection_configuration" : {
"audit_logs" : {
"enabled" : true
}
},
"additional_capabilities" : {
"xsiam_analytics" : true,
"data_security_posture_management" : true,
"registry_scanning" : true,
"registry_scanning_options" : {
"type" : "ECR"
},
"serverless_scanning" : true,
"agentless_disk_scanning" : true
},
"scope_modifications" : {
"accounts" : {
"enabled" : true,
"type" : "INCLUDE",
"account_ids" : [ "123456789012", "210987654321" ]
},
"regions" : {
"enabled" : true,
"type" : "EXCLUDE",
"regions" : [ "us-east-1" ]
}
}
}
}'
import http.client
conn = http.client.HTTPSConnection("api-yourfqdn")
payload = "{\"request_data\":{\"id\":\"instance-1\",\"scan_env_id\":\"env-1\",\"instance_name\":\"Updated AWS Instance\",\"cloud_provider\":\"AWS\",\"custom_resources_tags\":[{\"key\":\"environment\",\"value\":\"staging\"}],\"collection_configuration\":{\"audit_logs\":{\"enabled\":true}},\"additional_capabilities\":{\"xsiam_analytics\":true,\"data_security_posture_management\":true,\"registry_scanning\":true,\"registry_scanning_options\":{\"type\":\"ECR\"},\"serverless_scanning\":true,\"agentless_disk_scanning\":true},\"scope_modifications\":{\"accounts\":{\"enabled\":true,\"type\":\"INCLUDE\",\"account_ids\":[\"123456789012\",\"210987654321\"]},\"regions\":{\"enabled\":true,\"type\":\"EXCLUDE\",\"regions\":[\"us-east-1\"]}}}}"
headers = {
'Authorization': "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ",
'x-xdr-auth-id': "241",
'content-type': "application/json"
}
conn.request("POST", "/public_api/v1/cloud_onboarding/edit_instance", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://api-yourfqdn/public_api/v1/cloud_onboarding/edit_instance")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Post.new(url)
request["Authorization"] = 'UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP '
request["x-xdr-auth-id"] = '241'
request["content-type"] = 'application/json'
request.body = "{\"request_data\":{\"id\":\"instance-1\",\"scan_env_id\":\"env-1\",\"instance_name\":\"Updated AWS Instance\",\"cloud_provider\":\"AWS\",\"custom_resources_tags\":[{\"key\":\"environment\",\"value\":\"staging\"}],\"collection_configuration\":{\"audit_logs\":{\"enabled\":true}},\"additional_capabilities\":{\"xsiam_analytics\":true,\"data_security_posture_management\":true,\"registry_scanning\":true,\"registry_scanning_options\":{\"type\":\"ECR\"},\"serverless_scanning\":true,\"agentless_disk_scanning\":true},\"scope_modifications\":{\"accounts\":{\"enabled\":true,\"type\":\"INCLUDE\",\"account_ids\":[\"123456789012\",\"210987654321\"]},\"regions\":{\"enabled\":true,\"type\":\"EXCLUDE\",\"regions\":[\"us-east-1\"]}}}}"
response = http.request(request)
puts response.read_bodyconst data = JSON.stringify({
"request_data": {
"id": "instance-1",
"scan_env_id": "env-1",
"instance_name": "Updated AWS Instance",
"cloud_provider": "AWS",
"custom_resources_tags": [
{
"key": "environment",
"value": "staging"
}
],
"collection_configuration": {
"audit_logs": {
"enabled": true
}
},
"additional_capabilities": {
"xsiam_analytics": true,
"data_security_posture_management": true,
"registry_scanning": true,
"registry_scanning_options": {
"type": "ECR"
},
"serverless_scanning": true,
"agentless_disk_scanning": true
},
"scope_modifications": {
"accounts": {
"enabled": true,
"type": "INCLUDE",
"account_ids": [
"123456789012",
"210987654321"
]
},
"regions": {
"enabled": true,
"type": "EXCLUDE",
"regions": [
"us-east-1"
]
}
}
}
});
const xhr = new XMLHttpRequest();
xhr.withCredentials = true;
xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});
xhr.open("POST", "https://api-yourfqdn/public_api/v1/cloud_onboarding/edit_instance");
xhr.setRequestHeader("Authorization", "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ");
xhr.setRequestHeader("x-xdr-auth-id", "241");
xhr.setRequestHeader("content-type", "application/json");
xhr.send(data);HttpResponse<String> response = Unirest.post("https://api-yourfqdn/public_api/v1/cloud_onboarding/edit_instance")
.header("Authorization", "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ")
.header("x-xdr-auth-id", "241")
.header("content-type", "application/json")
.body("{\"request_data\":{\"id\":\"instance-1\",\"scan_env_id\":\"env-1\",\"instance_name\":\"Updated AWS Instance\",\"cloud_provider\":\"AWS\",\"custom_resources_tags\":[{\"key\":\"environment\",\"value\":\"staging\"}],\"collection_configuration\":{\"audit_logs\":{\"enabled\":true}},\"additional_capabilities\":{\"xsiam_analytics\":true,\"data_security_posture_management\":true,\"registry_scanning\":true,\"registry_scanning_options\":{\"type\":\"ECR\"},\"serverless_scanning\":true,\"agentless_disk_scanning\":true},\"scope_modifications\":{\"accounts\":{\"enabled\":true,\"type\":\"INCLUDE\",\"account_ids\":[\"123456789012\",\"210987654321\"]},\"regions\":{\"enabled\":true,\"type\":\"EXCLUDE\",\"regions\":[\"us-east-1\"]}}}}")
.asString();import Foundation
let headers = [
"Authorization": "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ",
"x-xdr-auth-id": "241",
"content-type": "application/json"
]
let parameters = ["request_data": [
"id": "instance-1",
"scan_env_id": "env-1",
"instance_name": "Updated AWS Instance",
"cloud_provider": "AWS",
"custom_resources_tags": [
[
"key": "environment",
"value": "staging"
]
],
"collection_configuration": ["audit_logs": ["enabled": true]],
"additional_capabilities": [
"xsiam_analytics": true,
"data_security_posture_management": true,
"registry_scanning": true,
"registry_scanning_options": ["type": "ECR"],
"serverless_scanning": true,
"agentless_disk_scanning": true
],
"scope_modifications": [
"accounts": [
"enabled": true,
"type": "INCLUDE",
"account_ids": ["123456789012", "210987654321"]
],
"regions": [
"enabled": true,
"type": "EXCLUDE",
"regions": ["us-east-1"]
]
]
]] as [String : Any]
let postData = JSONSerialization.data(withJSONObject: parameters, options: [])
let request = NSMutableURLRequest(url: NSURL(string: "https://api-yourfqdn/public_api/v1/cloud_onboarding/edit_instance")! as URL,
cachePolicy: .useProtocolCachePolicy,
timeoutInterval: 10.0)
request.httpMethod = "POST"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data
let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
if (error != nil) {
print(error)
} else {
let httpResponse = response as? HTTPURLResponse
print(httpResponse)
}
})
dataTask.resume()<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api-yourfqdn/public_api/v1/cloud_onboarding/edit_instance",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => "{\"request_data\":{\"id\":\"instance-1\",\"scan_env_id\":\"env-1\",\"instance_name\":\"Updated AWS Instance\",\"cloud_provider\":\"AWS\",\"custom_resources_tags\":[{\"key\":\"environment\",\"value\":\"staging\"}],\"collection_configuration\":{\"audit_logs\":{\"enabled\":true}},\"additional_capabilities\":{\"xsiam_analytics\":true,\"data_security_posture_management\":true,\"registry_scanning\":true,\"registry_scanning_options\":{\"type\":\"ECR\"},\"serverless_scanning\":true,\"agentless_disk_scanning\":true},\"scope_modifications\":{\"accounts\":{\"enabled\":true,\"type\":\"INCLUDE\",\"account_ids\":[\"123456789012\",\"210987654321\"]},\"regions\":{\"enabled\":true,\"type\":\"EXCLUDE\",\"regions\":[\"us-east-1\"]}}}}",
CURLOPT_HTTPHEADER => [
"Authorization: UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ",
"content-type: application/json",
"x-xdr-auth-id: 241"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}CURL *hnd = curl_easy_init();
curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "POST");
curl_easy_setopt(hnd, CURLOPT_URL, "https://api-yourfqdn/public_api/v1/cloud_onboarding/edit_instance");
struct curl_slist *headers = NULL;
headers = curl_slist_append(headers, "Authorization: UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ");
headers = curl_slist_append(headers, "x-xdr-auth-id: 241");
headers = curl_slist_append(headers, "content-type: application/json");
curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, headers);
curl_easy_setopt(hnd, CURLOPT_POSTFIELDS, "{\"request_data\":{\"id\":\"instance-1\",\"scan_env_id\":\"env-1\",\"instance_name\":\"Updated AWS Instance\",\"cloud_provider\":\"AWS\",\"custom_resources_tags\":[{\"key\":\"environment\",\"value\":\"staging\"}],\"collection_configuration\":{\"audit_logs\":{\"enabled\":true}},\"additional_capabilities\":{\"xsiam_analytics\":true,\"data_security_posture_management\":true,\"registry_scanning\":true,\"registry_scanning_options\":{\"type\":\"ECR\"},\"serverless_scanning\":true,\"agentless_disk_scanning\":true},\"scope_modifications\":{\"accounts\":{\"enabled\":true,\"type\":\"INCLUDE\",\"account_ids\":[\"123456789012\",\"210987654321\"]},\"regions\":{\"enabled\":true,\"type\":\"EXCLUDE\",\"regions\":[\"us-east-1\"]}}}}");
CURLcode ret = curl_easy_perform(hnd);var client = new RestClient("https://api-yourfqdn/public_api/v1/cloud_onboarding/edit_instance");
var request = new RestRequest(Method.POST);
request.AddHeader("Authorization", "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ");
request.AddHeader("x-xdr-auth-id", "241");
request.AddHeader("content-type", "application/json");
request.AddParameter("application/json", "{\"request_data\":{\"id\":\"instance-1\",\"scan_env_id\":\"env-1\",\"instance_name\":\"Updated AWS Instance\",\"cloud_provider\":\"AWS\",\"custom_resources_tags\":[{\"key\":\"environment\",\"value\":\"staging\"}],\"collection_configuration\":{\"audit_logs\":{\"enabled\":true}},\"additional_capabilities\":{\"xsiam_analytics\":true,\"data_security_posture_management\":true,\"registry_scanning\":true,\"registry_scanning_options\":{\"type\":\"ECR\"},\"serverless_scanning\":true,\"agentless_disk_scanning\":true},\"scope_modifications\":{\"accounts\":{\"enabled\":true,\"type\":\"INCLUDE\",\"account_ids\":[\"123456789012\",\"210987654321\"]},\"regions\":{\"enabled\":true,\"type\":\"EXCLUDE\",\"regions\":[\"us-east-1\"]}}}}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);request_dataobject
idstringCloud instance ID.
Cloud instance ID.
scan_env_idstringWhen the scan mode is OUTPOST, you must include the scan_env_id field with the outpost ID as the value.
To obtain the outpost ID, call /public_api/v1/cloud_onboarding/get_outposts. The value of outpost_id in the response is the outpost ID.
When the scan mode is OUTPOST, you must include the scan_env_id field with the outpost ID as the value.
To obtain the outpost ID, call /public_api/v1/cloud_onboarding/get_outposts. The value of outpost_id in the response is the outpost ID.
instance_namestringCloud instance name.
Cloud instance name.
additional_capabilitiesobjectDefine which security capabilities you want to benefit from.
Note: Adding security capability typically requires additional cloud provider permissions. For detailed information on the permissions required, see Cloud service provider permissions.
Define which security capabilities you want to benefit from.
Note: Adding security capability typically requires additional cloud provider permissions. For detailed information on the permissions required, see Cloud service provider permissions.
xsiam_analyticsbooleanrequiredWhether to enable XSIAM analytics to analyze your endpoint data to develop a baseline and raise Analytics and Analytics BIOC alerts when anomalies and malicious behaviors are detected.
Whether to enable XSIAM analytics to analyze your endpoint data to develop a baseline and raise Analytics and Analytics BIOC alerts when anomalies and malicious behaviors are detected.
data_security_posture_managementbooleanrequiredWhether to enable data security posture management, an agentless data security scanner that discovers, classifies, protects, and governs sensitive data.
Whether to enable data security posture management, an agentless data security scanner that discovers, classifies, protects, and governs sensitive data.
registry_scanningbooleanrequiredWhether to enable registry scanning, a container registry scanner that scans registry images for vulnerabilities, malware, and secrets.
Whether to enable registry scanning, a container registry scanner that scans registry images for vulnerabilities, malware, and secrets.
registry_scanning_optionsobject
typestringType of registry scanning.
Type of registry scanning.
last_daysintegerNumber of days to scan back.
Number of days to scan back.
serverless_scanningbooleanrequiredWhether to enable serverless scanning to detect and remediate vulnerabilities within serverless functions during the development lifecycle. Seamless integration into CI/CD pipelines enables automated security scans for a continuously secure pre-production environment.
Whether to enable serverless scanning to detect and remediate vulnerabilities within serverless functions during the development lifecycle. Seamless integration into CI/CD pipelines enables automated security scans for a continuously secure pre-production environment.
agentless_disk_scanningbooleanrequiredWhether to enable agentless disk scanning to remotely detect and remediate vulnerabilities during the development lifecycle.
Whether to enable agentless disk scanning to remotely detect and remediate vulnerabilities during the development lifecycle.
kubernetes_securitybooleanWhether to enable Kubernetes security.
Whether to enable Kubernetes security.
automationbooleanWhether to enable automation.
Whether to enable automation.
automation_log_levelobject (Enum)Automation log level
Automation log level
cloud_providerstring (Enum)The cloud service provider. Valid values include:
AWSAZUREGCPOCIALIBABA_CLOUD
The cloud service provider. Valid values include:
AWSAZUREGCPOCIALIBABA_CLOUD
cloud_partitionobject (Enum)Whether the CSP environment is COMMERCIAL or GOV:
COMMERCIAL: (Default) Standard cloud deployment typically used for private and public sector organizations that do not require isolated government-specific infrastructure.GOV: Government cloud environments for compatibility with FedRAMP-certified tenants.
Note: You must use the same value that was used when the cloud instance was created.
Whether the CSP environment is COMMERCIAL or GOV:
COMMERCIAL: (Default) Standard cloud deployment typically used for private and public sector organizations that do not require isolated government-specific infrastructure.GOV: Government cloud environments for compatibility with FedRAMP-certified tenants. Note: You must use the same value that was used when the cloud instance was created.
custom_resources_tagsarray
keystringThe key of the custom resource tag.
The key of the custom resource tag.
valuestringThe value of the custom resource tag.
The value of the custom resource tag.
collection_configurationobject
audit_logsobjectTo maximize security coverage, include collection of logs. This may require additional cloud service provider permissions.
For detailed information on the permissions required, see Cloud service provider permissions.
To maximize security coverage, include collection of logs. This may require additional cloud service provider permissions. For detailed information on the permissions required, see Cloud service provider permissions.
enabledbooleanrequiredWhether to enable audit log collection. If this is false, then the other fields in this object should not be used.
Whether to enable audit log collection. If this is false, then the other fields in this object should not be used.
collection_methodobject (Enum)Indicates whether to use automated or custom log collection.
Note: collection_method is only relevant for AWS or OCI. For OCI, the value of collection_method must be CUSTOM and you must include custom_collectors with the details of the existing buckets. In AWS, if collection_method is CUSTOM, you need to update the bucket information when you manually upload the template to AWS CloudFormation.
Indicates whether to use automated or custom log collection.
Note: collection_method is only relevant for AWS or OCI. For OCI, the value of collection_method must be CUSTOM and you must include custom_collectors with the details of the existing buckets. In AWS, if collection_method is CUSTOM, you need to update the bucket information when you manually upload the template to AWS CloudFormation.
data_eventsbooleanThe data_events field is only relevant when cloud_provider is AWS and collection_method is AUTOMATED. Currently supports AWS Lambda and Amazon S3.
The data_events field is only relevant when cloud_provider is AWS and collection_method is AUTOMATED. Currently supports AWS Lambda and Amazon S3.
custom_collectorsarrayA list of OCI bucket configurations for collecting logs.
Note: This is only relevant for OCI when collection_method is CUSTOM.
A list of OCI bucket configurations for collecting logs.
Note: This is only relevant for OCI when collection_method is CUSTOM.
regionstringThe geographic region where the collection bucket is located.
The geographic region where the collection bucket is located.
bucket_namestringThe name of the storage bucket where the log collection data will be collected and stored.
The name of the storage bucket where the log collection data will be collected and stored.
compartment_ocidstringThe unique OCID (Oracle Cloud Identifier) of the compartment that owns the specified bucket.
The unique OCID (Oracle Cloud Identifier) of the compartment that owns the specified bucket.
scope_modificationsobject
accountsobject
enabledbooleanWhether to enable (true) or disable (false) this scope modification.
Whether to enable (true) or disable (false) this scope modification.
typestringDefine whether the account IDs/project IDs/subscription IDs specified should be included in the scope or excluded from the scope. Valid values include:
INCLUDEEXCLUDE
Define whether the account IDs/project IDs/subscription IDs specified should be included in the scope or excluded from the scope. Valid values include:
INCLUDEEXCLUDE
account_idsarray[string]The list of account IDs to include or exclude (for AWS).
The list of account IDs to include or exclude (for AWS).
project_idsarray[string]The list of account IDs to include or exclude (for GCP).
The list of account IDs to include or exclude (for GCP).
subscription_idsarray[string]The list of account IDs to include or exclude (for Azure).
The list of account IDs to include or exclude (for Azure).
compartment_idsarray[string]The list of compartment IDs to include or exclude (for OCI).
The list of compartment IDs to include or exclude (for OCI).
projectsobject
enabledbooleanWhether to enable (true) or disable (false) this scope modification.
Whether to enable (true) or disable (false) this scope modification.
typestringDefine whether the account IDs/project IDs/subscription IDs specified should be included in the scope or excluded from the scope. Valid values include:
INCLUDEEXCLUDE
Define whether the account IDs/project IDs/subscription IDs specified should be included in the scope or excluded from the scope. Valid values include:
INCLUDEEXCLUDE
account_idsarray[string]The list of account IDs to include or exclude (for AWS).
The list of account IDs to include or exclude (for AWS).
project_idsarray[string]The list of account IDs to include or exclude (for GCP).
The list of account IDs to include or exclude (for GCP).
subscription_idsarray[string]The list of account IDs to include or exclude (for Azure).
The list of account IDs to include or exclude (for Azure).
compartment_idsarray[string]The list of compartment IDs to include or exclude (for OCI).
The list of compartment IDs to include or exclude (for OCI).
subscriptionsobject
enabledbooleanWhether to enable (true) or disable (false) this scope modification.
Whether to enable (true) or disable (false) this scope modification.
typestringDefine whether the account IDs/project IDs/subscription IDs specified should be included in the scope or excluded from the scope. Valid values include:
INCLUDEEXCLUDE
Define whether the account IDs/project IDs/subscription IDs specified should be included in the scope or excluded from the scope. Valid values include:
INCLUDEEXCLUDE
account_idsarray[string]The list of account IDs to include or exclude (for AWS).
The list of account IDs to include or exclude (for AWS).
project_idsarray[string]The list of account IDs to include or exclude (for GCP).
The list of account IDs to include or exclude (for GCP).
subscription_idsarray[string]The list of account IDs to include or exclude (for Azure).
The list of account IDs to include or exclude (for Azure).
compartment_idsarray[string]The list of compartment IDs to include or exclude (for OCI).
The list of compartment IDs to include or exclude (for OCI).
regionsobject
enabledbooleanFlag to enable or disable region configuration
Flag to enable or disable region configuration
typestringType of region configuration (e.g., INCLUDE, EXCLUDE)
Type of region configuration (e.g., INCLUDE, EXCLUDE)
regionsarray[string]List of regions to include or exclude
List of regions to include or exclude
compartmentsobject
enabledbooleanWhether to enable (true) or disable (false) this scope modification.
Whether to enable (true) or disable (false) this scope modification.
typestringDefine whether the account IDs/project IDs/subscription IDs specified should be included in the scope or excluded from the scope. Valid values include:
INCLUDEEXCLUDE
Define whether the account IDs/project IDs/subscription IDs specified should be included in the scope or excluded from the scope. Valid values include:
INCLUDEEXCLUDE
account_idsarray[string]The list of account IDs to include or exclude (for AWS).
The list of account IDs to include or exclude (for AWS).
project_idsarray[string]The list of account IDs to include or exclude (for GCP).
The list of account IDs to include or exclude (for GCP).
subscription_idsarray[string]The list of account IDs to include or exclude (for Azure).
The list of account IDs to include or exclude (for Azure).
compartment_idsarray[string]The list of compartment IDs to include or exclude (for OCI).
The list of compartment IDs to include or exclude (for OCI).
gcp_workspaceobjectGCP Workspace configuration (GCP only).
GCP Workspace configuration (GCP only).
customer_idsarray[string]
enabledboolean
{
"request_data": {
"scope_modifications": {
"accounts": {
"enabled": true,
"type": "EXCLUDE",
"account_ids": [
"sample-account-1"
]
},
"regions": {
"enabled": false,
"type": null,
"regions": null
}
},
"additional_capabilities": {
"xsiam_analytics": true,
"data_security_posture_management": true,
"registry_scanning": true,
"serverless_scanning": true,
"agentless_disk_scanning": true,
"registry_scanning_options": {
"type": "ALL"
}
},
"custom_resources_tags": [
{
"key": "managed_by",
"value": "paloaltonetworks"
}
],
"collection_configuration": {
"audit_logs": {
"enabled": true,
"collection_method": "AUTOMATED",
"data_events": true
}
},
"scan_env_id": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"cloud_provider": "AWS",
"cloud_partition": "GOV"
}
}Successful Response
replyobjectThe main payload of the response, containing instance detail after edit. It includes a link to download the template file from your tenant.
The main payload of the response, containing instance detail after edit. It includes a link to download the template file from your tenant.
automatedobject
linkstring
tracking_guidstring
manualobject
TF/ARMstring
{
"reply": {
"automated": {
"link": "string",
"tracking_guid": "string"
},
"manual": {
"TF/ARM": "string"
}
}
}Invalid Client Request Error
replyobject
err_codestringError code
Error code
err_msgstringError message
Error message
err_extrastringExtra information about the error
Extra information about the error
{
"reply": {
"err_code": "example",
"err_msg": "example",
"err_extra": "example"
}
}Internal Server Error
replyobject
err_codestringError code
Error code
err_msgstringError message
Error message
err_extrastringExtra information about the error
Extra information about the error
{
"reply": {
"err_code": "example",
"err_msg": "example",
"err_extra": "example"
}
}