From 7b181d868c1751abde1def39d9ca8ee6fe502ba3 Mon Sep 17 00:00:00 2001 From: sra Date: Wed, 31 Jul 2024 18:57:15 +0530 Subject: [PATCH 01/29] Created a new remote branch and executed the script --- .../paloaltonetworks-Remote_Networks.yaml | 1884 ++++++++++++++++- 1 file changed, 1833 insertions(+), 51 deletions(-) diff --git a/openapi-specs/sase/remote-networks/paloaltonetworks-Remote_Networks.yaml b/openapi-specs/sase/remote-networks/paloaltonetworks-Remote_Networks.yaml index f2de59a5e..cb38aeaed 100644 --- a/openapi-specs/sase/remote-networks/paloaltonetworks-Remote_Networks.yaml +++ b/openapi-specs/sase/remote-networks/paloaltonetworks-Remote_Networks.yaml @@ -1,5 +1,41 @@ components: parameters: + Lattitude: + description: lattitude of a region + in: query + name: lattitude + required: true + schema: + type: string + Limit: + description: number of nearest locations + in: query + name: limit + schema: + default: 1 + format: int32 + type: integer + LocationInfoType: + description: Type of info queried + in: query + name: info_type + required: false + schema: + type: string + Longitude: + description: longitude of a region + in: query + name: longitude + required: true + schema: + type: string + Region: + description: agg bandwidth region + in: query + name: region + required: true + schema: + type: string RemoteNetworksNames: explode: true in: query @@ -10,12 +46,54 @@ components: type: string type: array style: deepObject + SiteNames: + in: query + name: SiteNames + schema: + items: + type: string + type: array + SpnName: + description: agg bandwidth region + in: query + name: SpnName + required: true + schema: + type: string SubTenantName: description: sub tenant name in a multi-tenancy setup in: query name: SubTenantName schema: type: string + folder-optional: + description: The folder for cloud config management + in: query + name: folder + required: false + schema: + type: string + limit-optional: + description: The max count in result entry (count per page) + in: query + name: limit + required: false + schema: + type: integer + name-optional: + description: The name of the entry + in: query + name: name + required: false + schema: + type: string + offset-optional: + description: The offset of the result entry + in: query + name: offset + required: false + schema: + type: integer uuid: description: uuid for the request in: query @@ -25,6 +103,24 @@ components: format: uuid type: string responses: + access_errors: + content: + application/json: + schema: + $ref: '#/components/schemas/generic_error' + description: Forbidden + auth_errors: + content: + application/json: + schema: + $ref: '#/components/schemas/generic_error' + description: Unauthorized + bad_request_errors_basic: + content: + application/json: + schema: + $ref: '#/components/schemas/generic_error' + description: Bad Request bad_request_errors_basic_with_body: content: application/json: @@ -37,7 +133,234 @@ components: schema: $ref: '#/components/schemas/generic_error' description: General Errors + not_found: + content: + application/json: + schema: + $ref: '#/components/schemas/generic_error' + description: Not Found schemas: + BandwidthAllocation: + properties: + bandwidth: + description: bandwidth to allocate in Mbps + type: string + compute_location: + description: aggregate compute region + type: string + edge_location: + description: edge location for given lat/long/ip + type: string + ipsec_node_list: + description: ipsec node list + items: + type: string + type: array + location: + $ref: '#/components/schemas/Location' + required: + - location + - bandwidth + type: object + BandwidthAllocationRegionNamesSet: + properties: + bandwidth_allocation_region_names: + items: + type: string + maxItems: 100 + minItems: 0 + type: array + uniqueItems: true + type: object + BandwidthAllocationSet: + properties: + bandwidth_allocations: + description: bandwidth allocations + items: + $ref: '#/components/schemas/BandwidthAllocation' + type: array + uuid: + $ref: '#/components/schemas/UuidResponse' + type: object + BandwidthAllocationSetV2: + properties: + bandwidth_allocations: + description: bandwidth allocations + items: + $ref: '#/components/schemas/BandwidthAllocationV2' + type: array + uuid: + $ref: '#/components/schemas/UuidResponse' + type: object + BandwidthAllocationV2: + properties: + bandwidth: + description: bandwidth to allocate in Mbps + type: string + compute_location: + description: aggregate compute region + type: string + edge_location: + description: edge location for given lat/long/ip + type: string + ipsec_node_list: + description: ipsec node list + items: + type: string + type: array + ipsec_termination_service: + description: ipsec termination service list + items: + properties: + capacity: + type: integer + name: + type: string + type: object + type: array + location: + $ref: '#/components/schemas/Location' + required: + - location + - bandwidth + type: object + ConfigRead: + properties: + config: + properties: + bandwidth_allocations: + items: + properties: + bandwidth: + type: string + compute_location: + type: string + ipsec_termination_service: + items: + properties: + capacity: + type: string + name: + type: string + type: object + type: array + spn_name_list: + items: + type: string + type: array + type: object + type: array + ike_crypto_profiles: + items: + properties: + dh-group: + properties: + member: + type: string + type: object + encryption: + properties: + member: + type: string + type: object + hash: + properties: + member: + type: string + type: object + lifetime: + properties: + hours: + type: string + type: object + name: + type: string + type: object + type: array + ipsecrypto_profiles: + items: + properties: + dh-group: + type: string + esp: + properties: + authentication: + properties: + member: + type: string + type: object + encryption: + properties: + member: + type: string + type: object + type: object + lifetime: + properties: + hours: + type: string + type: object + name: + type: string + type: object + type: array + remote_networks: + items: + properties: + ecmp-load-balancing: + type: string + ipsec-tunnel: + type: string + license-type: + type: string + name: + type: string + protocol: + properties: + bgp: + properties: + enable: + type: string + type: object + type: object + region: + type: string + secondary-wan-enabled: + type: string + spn-name: + type: string + subnets: + properties: + member: + items: + type: string + type: array + type: object + type: object + type: array + type: object + resources: + items: + enum: + - remote_networks + - ipsec_crypto_profiles + - ike_crypto_profiles + - bandwidth_allocations + type: string + type: array + type: object + ConfigResources: + properties: + resources: + items: + enum: + - remote_networks + - ipsec_crypto_profiles + - ike_crypto_profiles + - bandwidth_allocations + type: string + type: array + type: object EcmpLoadBalancing: properties: ecmp_load_balancing_enabled: @@ -284,6 +607,25 @@ components: - hash - dh_group type: object + IkeCryptoProfilesNamesSet: + properties: + ike_crypto_profiles_names: + items: + type: string + maxItems: 100 + minItems: 0 + type: array + uniqueItems: true + type: object + IkeCryptoProfilesSet: + description: set of ike crypto profiles + properties: + IkeCryptoProfiles: + description: The ike crypto profile + items: + $ref: '#/components/schemas/IkeCryptoProfiles' + type: array + type: object IpsecCrypto: properties: ipsec_crypto_profile: @@ -362,6 +704,25 @@ components: - name - lifetime type: object + IpsecCryptoProfilesNamesSet: + properties: + ipsec_crypto_profiles_names: + items: + type: string + maxItems: 100 + minItems: 0 + type: array + uniqueItems: true + type: object + IpsecCryptoProfilesSet: + description: set of ipsec crypto profiles + properties: + IkeCryptoProfiles: + description: The ipsec crypto profile + items: + $ref: '#/components/schemas/IpsecCryptoProfiles' + type: array + type: object IpsecTunnel: properties: anti_replay: @@ -475,6 +836,176 @@ components: title: days type: object type: object + Location: + description: Site Public IP or approximate gps coordinates + properties: + public-ip: + $ref: '#/components/schemas/PublicIp' + region-cordinates: + $ref: '#/components/schemas/RegionCordinates' + type: object + LocationInformationSet: + description: information for a set of locations + properties: + bandwidth_allocations: + $ref: '#/components/schemas/BandwidthAllocationSet' + info_type: + type: string + location_region_info: + $ref: '#/components/schemas/LocationRegionInfoSet' + type: object + LocationRegionInfo: + properties: + compute_location: + description: aggregate compute region + type: string + edge_location: + description: edge location for given lat/long/ip + type: string + location: + $ref: '#/components/schemas/Location' + required: + - location + - compute_location + - edge_location + type: object + LocationRegionInfoSet: + properties: + regions_info: + description: regions mapped info + items: + $ref: '#/components/schemas/LocationRegionInfo' + type: array + required: + - location + type: object + LocationSet: + description: set of locations + properties: + description: + description: optional user description + type: string + locations: + description: locations + items: + $ref: '#/components/schemas/Location' + type: array + type: object + NearestLocation: + properties: + country: + type: string + country_code: + type: string + display_name: + type: string + distance: + format: double + type: number + edge_location_name: + type: string + latitude: + type: string + longitude: + type: string + type: object + NearestLocationSet: + items: + $ref: '#/components/schemas/NearestLocation' + type: array + PublicIp: + description: Public IP to detect region + properties: + PublicIp: + description: Public IP to detect region + format: ipv4 + type: string + type: object + RegionCordinates: + description: approximate longitude latitude of the region + properties: + latitude: + description: Approximate Latitude for the site location + type: string + longitude: + description: Approximate Longitude for the site location + type: string + type: object + RemoteNetworkArchitecture: + properties: + capabilities: + properties: + compute_redundancy_support: + description: Indicates whether compute region redundancy is supported + type: boolean + site_level_cir_support: + description: Indicates whether Remote Network Sites with CIR (committed + information rate) configuration is supported + type: boolean + type: object + description: + description: A description of the architecture version + example: Remote Network Classic architecture + type: string + version: + description: Version string of the architecture + example: v1 + type: string + type: object + RemoteNetworkArchitectureDetails: + properties: + architecture_versions: + $ref: '#/components/schemas/RemoteNetworkArchitectures' + type: object + prisma_access_locations: + description: List of compute locations and their corresponding supported + architecture versions + items: + properties: + architecture_version: + description: Architecture version supported in this compute location. + This will be one of the keys in "architecture_versions" property's + key/value pairs + example: v1 + type: string + compute_location_config_name: + description: Aggregate compute location configuration name + example: us-southeast + type: string + compute_location_display_name: + description: Aggregate compute location display name + example: US Southeast + type: string + location_config_name: + description: Prisma Access Edge location configuration name + example: panama + type: string + location_display_name: + description: Prisma Access Edge location display name + example: Panama + type: string + type: object + type: array + type: object + RemoteNetworkArchitectures: + additionalProperties: + $ref: '#/components/schemas/RemoteNetworkArchitecture' + description: Key/Value pairs of architecture version key ("v1", "v2" etc) and + value of architecture details + example: + v1: + capabilities: + compute_redundancy_support: false + site_level_cir_support: false + description: Remote Network Classic architecture + version: v1 + v2: + capabilities: + compute_redundancy_support: true + site_level_cir_support: true + description: Remote Network High Performance (RN-HP) architecture + version: v2 + type: object RemoteNetworksIpsecTunnel: properties: bgp: @@ -586,53 +1117,217 @@ components: type: array uniqueItems: true type: object - UuidResponse: + RequestRecord: properties: - uuid: - format: uuid + JobId: type: string - readOnly: true - type: object - error_detail_cause_info: - properties: - code: + writeOnly: true + RequestId: type: string - details: - type: object - help: + RequestOrder: type: string - message: + RequestPayload: + readOnly: true + type: string + RequestResult: + type: string + RequestResultHash: + type: string + RequestStatus: + type: string + RequestTimeStamp: + type: string + SubTenantName: + type: string + TenantId: type: string - title: Cause Info type: object - error_detail_cause_infos: - items: - $ref: '#/components/schemas/error_detail_cause_info' - type: array - generic_error: + RequestRecordSet: properties: - _errors: - $ref: '#/components/schemas/error_detail_cause_infos' - _request_id: + count: + description: total number of records in the set type: string + request_record_set: + items: + $ref: '#/components/schemas/RequestRecord' + type: array type: object - securitySchemes: - Bearer: - scheme: bearer - type: http -info: - contact: - email: support@paloaltonetworks.com - description: "This Open API spec file represents the APIs available for\n[Palo Alto\ - \ Networks Interconnect](https://docs.paloaltonetworks.com/NEED-URL) APIs. ???\ - \ Add RN decription here ?????\n\nThese APIs use the common SASE authentication\ - \ mechanism and base URL. See the\n[Prisma SASE API Get Started](https://pan.dev/sase/docs/getstarted)\ - \ guide for more information.\n\nThis Open API spec file was created on June 27,\ - \ 2024. To check for a more recent version of this file, see\n[Interconnect APIs\ - \ on pan.dev](https://pan.dev/sase/api/mt-sp-interconnect/mt-interconnect-api.html).\ - \ ??? Replace the link with RN ????\n\n\xA9 2024 Palo Alto Networks, Inc. Palo\ - \ Alto Networks is a registered trademark of Palo\nAlto Networks. A list of our\ - \ trademarks can be found at\n\n[https://www.paloaltonetworks.com/company/trademarks.html](https://www.paloaltonetworks.com/company/trademarks.html)\n\ + Site: + properties: + address_line_1: + description: Address that the site has been created in + type: string + address_line_2: + description: Address that the site has been created in + type: string + city: + description: City that the site has been created in + example: Bangalore + type: string + country: + description: Country that the site has been created in + example: India + type: string + id: + description: uuid of the site + example: abcd-1234 + readOnly: true + type: string + latitude: + description: Latitude that the site has been created in + example: '72.10928' + type: string + longitude: + description: Longitude that the site has been created in + example: '72.10928' + type: string + members: + items: + properties: + mode: + description: Mode that the RN has to be configured in for this site + enum: + - active + - backup + example: active + type: string + name: + type: string + remote_network: + description: Name of the configured remote network to be added as + part of the site + example: sdwan-site-member-1 + type: string + type: object + type: array + name: + description: Name of the site defined + example: sdwan-site-1 + type: string + qos: + properties: + backup_cir: + description: CIR in mbps for backup region distributed equally for all + tunnels in the site + example: '10' + type: number + cir: + description: CIR in mbps distributed equally for all tunnels in the + site + example: '10' + type: number + profile: + description: Name of the qos profile configured + type: string + type: object + sdwan_site_id: + description: uuid of the sdwan site + example: abcd-1234 + readOnly: true + type: string + state: + description: State that the site has been created in + example: Karnataka + type: string + type: + description: Type of the site + enum: + - prisma-sdwan + - third-party-branch + - third-party-discovered + example: prisma-sdwan + type: string + zip_code: + description: Zip code of the region that the site has been created in + example: '72.10928' + type: string + required: + - name + - members + type: object + SiteSet: + properties: + sites: + description: collection of sites + items: + $ref: '#/components/schemas/Site' + type: array + uuid: + $ref: '#/components/schemas/UuidResponse' + type: object + TenantInfo: + properties: + panorama_cloud_service_plugin_version: + description: PrismaAccessPanorama cloud service plugin version if type is + PrismaAccessPanorama + type: string + panorama_subtenant_info: + description: PrismaAccessPanorama subtenant information + items: + properties: + id: + type: string + name: + type: string + type: object + type: array + panorama_version: + description: PrismaAccessPanorama version if type is PrismaAccessPanorama + type: string + type: + description: PrismaAccess or PrismaAccessPanorama + enum: + - prisma_access + - prisma_access_panorama + type: string + type: object + UuidResponse: + properties: + uuid: + format: uuid + type: string + readOnly: true + type: object + error_detail_cause_info: + properties: + code: + type: string + details: + type: object + help: + type: string + message: + type: string + title: Cause Info + type: object + error_detail_cause_infos: + items: + $ref: '#/components/schemas/error_detail_cause_info' + type: array + generic_error: + properties: + _errors: + $ref: '#/components/schemas/error_detail_cause_infos' + _request_id: + type: string + type: object + securitySchemes: + Bearer: + scheme: bearer + type: http +info: + contact: + email: support@paloaltonetworks.com + description: "This Open API spec file represents the APIs available for\n[Palo Alto\ + \ Networks Interconnect](https://docs.paloaltonetworks.com/NEED-URL) APIs. ???\ + \ Add RN decription here ?????\n\nThese APIs use the common SASE authentication\ + \ mechanism and base URL. See the\n[Prisma SASE API Get Started](https://pan.dev/sase/docs/getstarted)\ + \ guide for more information.\n\nThis Open API spec file was created on July 31,\ + \ 2024. To check for a more recent version of this file, see\n[Interconnect APIs\ + \ on pan.dev](https://pan.dev/sase/api/mt-sp-interconnect/mt-interconnect-api.html).\ + \ ??? Replace the link with RN ????\n\n\xA9 2024 Palo Alto Networks, Inc. Palo\ + \ Alto Networks is a registered trademark of Palo\nAlto Networks. A list of our\ + \ trademarks can be found at\n\n[https://www.paloaltonetworks.com/company/trademarks.html](https://www.paloaltonetworks.com/company/trademarks.html)\n\ \nAll other marks mentioned herein may be trademarks of their respective companies.\n" title: Remote Networks API version: '1.0' @@ -640,9 +1335,746 @@ info: x-audience: external-public openapi: 3.0.2 paths: + /v1/bandwidth-allocations: + delete: + description: 'Allows you to delete an aggregated bandwidth region. + + ' + operationId: delete-v1-bandwidth-allocations + parameters: + - $ref: '#/components/parameters/SubTenantName' + - $ref: '#/components/parameters/Region' + - $ref: '#/components/parameters/SpnName' + responses: + '202': + content: + application/json: + schema: + $ref: '#/components/schemas/UuidResponse' + description: successful operation + '400': + $ref: '#/components/responses/bad_request_errors_basic_with_body' + default: + $ref: '#/components/responses/default_errors' + security: + - Bearer: [] + summary: Delete an aggregated bandwidth region + tags: + - bandwidth allocations + get: + description: 'Provides the status for the given ID. + + ' + operationId: get-v1-bandwidth-allocations + parameters: + - $ref: '#/components/parameters/uuid' + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/BandwidthAllocationSet' + description: status for the given id + security: + - Bearer: [] + summary: Lists the status for the given ID + tags: + - bandwidth allocations + post: + description: 'Create aggregated bandwidth regions based on location data. + + ' + operationId: post-v1-bandwidth-allocations + parameters: + - $ref: '#/components/parameters/SubTenantName' + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/BandwidthAllocationSet' + description: The aggregated bandwidth region you want to create + required: true + responses: + '202': + content: + application/json: + schema: + $ref: '#/components/schemas/UuidResponse' + description: successful operation + '400': + $ref: '#/components/responses/bad_request_errors_basic_with_body' + default: + $ref: '#/components/responses/default_errors' + security: + - Bearer: [] + summary: Create aggregated bandwidth regions + tags: + - bandwidth allocations + put: + description: 'Modify an aggregated bandwidth regions. + + ' + operationId: put-v1-bandwidth-allocations + parameters: + - $ref: '#/components/parameters/SubTenantName' + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/BandwidthAllocationSet' + description: The aggregated bandwidth region you want to create + required: true + responses: + '202': + content: + application/json: + schema: + $ref: '#/components/schemas/UuidResponse' + description: successful operation + '400': + $ref: '#/components/responses/bad_request_errors_basic_with_body' + default: + $ref: '#/components/responses/default_errors' + security: + - Bearer: [] + summary: Edit aggregated bandwidth regions + tags: + - bandwidth allocations + /v1/bandwidth-allocations-read: + get: + description: 'Fetch the sire request if available. + + ' + operationId: get-v1-bandwidth-allocations-read + parameters: + - $ref: '#/components/parameters/uuid' + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/BandwidthAllocationSet' + description: Get the bandwidth allocation status. + security: + - Bearer: [] + summary: 'Poll for new site requests + + ' + tags: + - bandwidth allocations + post: + description: 'Create bandwidth allocation read request. + + ' + operationId: post-v1-bandwidth-allocations-read + parameters: + - $ref: '#/components/parameters/SubTenantName' + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/BandwidthAllocationRegionNamesSet' + description: The bandwidth allocation that you want to read + responses: + '202': + content: + application/json: + schema: + $ref: '#/components/schemas/UuidResponse' + description: successful operation + '400': + $ref: '#/components/responses/bad_request_errors_basic_with_body' + default: + $ref: '#/components/responses/default_errors' + security: + - Bearer: [] + summary: 'Create bandwidth allocation read request + + ' + tags: + - bandwidth allocations + /v1/config-read: + get: + description: 'Create read request to enable APIs. + + ' + operationId: get-v1-config-read + parameters: + - $ref: '#/components/parameters/SubTenantName' + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ConfigRead' + description: Get the enable read information. + security: + - Bearer: [] + summary: 'Details on read request to enable APIs + + ' + tags: + - Configuration Read + post: + description: 'Create read request to enable APIs. + + ' + operationId: post-v1-config-read + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ConfigResources' + description: The post read request for enabling apis. + responses: + '200': + description: successful operation + '400': + $ref: '#/components/responses/bad_request_errors_basic_with_body' + default: + $ref: '#/components/responses/default_errors' + security: + - Bearer: [] + summary: 'Read request to enable APIs + + ' + tags: + - Configuration Read + put: + description: 'Update read request to enable APIs. + + ' + operationId: put-v1-config-read + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ConfigResources' + description: The post read request for enabling apis. + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UuidResponse' + description: successful operation + '400': + $ref: '#/components/responses/bad_request_errors_basic_with_body' + default: + $ref: '#/components/responses/default_errors' + security: + - Bearer: [] + summary: 'Update read request to enable APIs + + ' + tags: + - Configuration Read + /v1/ike-crypto-profiles: + delete: + description: 'Delete a ike crypto profile. + + ' + operationId: delete-v1-ike-crypto-profiles + parameters: + - $ref: '#/components/parameters/SubTenantName' + - description: ike crypto profile name + in: query + name: name + required: true + schema: + type: string + responses: + '202': + content: + application/json: + schema: + $ref: '#/components/schemas/UuidResponse' + description: successful operation + '400': + $ref: '#/components/responses/bad_request_errors_basic_with_body' + default: + $ref: '#/components/responses/default_errors' + security: + - Bearer: [] + summary: Delete a ike crypto profile. + tags: + - ike crypto profiles + get: + description: "Provides a list of Internet Key Exchange(IKE) Crypto Profiles.\ + \ \n" + operationId: get-v1-ike-crypto-profiles + parameters: + - $ref: '#/components/parameters/uuid' + responses: + '200': + content: + application/json: + schema: + properties: + data: + allOf: + - items: + $ref: '#/components/schemas/IkeCryptoProfiles' + type: array + limit: + default: 200 + type: number + offset: + default: 0 + type: number + total: + type: number + type: object + description: List of ike crypto profiles + '400': + $ref: '#/components/responses/bad_request_errors_basic' + '401': + $ref: '#/components/responses/auth_errors' + '403': + $ref: '#/components/responses/access_errors' + '404': + $ref: '#/components/responses/not_found' + default: + $ref: '#/components/responses/default_errors' + security: + - Bearer: [] + summary: Get IKE crypto profile + tags: + - ike crypto profiles + post: + description: "Create an IKE Crypto Profiles. \n" + operationId: post-v1-ike-crypto-profiles + parameters: + - $ref: '#/components/parameters/SubTenantName' + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/IkeCryptoProfiles' + description: The ike crypto profile you want to create + responses: + '202': + content: + application/json: + schema: + $ref: '#/components/schemas/UuidResponse' + description: successful operation + '400': + $ref: '#/components/responses/bad_request_errors_basic_with_body' + default: + $ref: '#/components/responses/default_errors' + security: + - Bearer: [] + summary: Create IKE Crypto Profile + tags: + - ike crypto profiles + put: + description: 'Modify a ike crypto profile. + + ' + operationId: put-v1-ike-crypto-profiles + parameters: + - $ref: '#/components/parameters/SubTenantName' + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/IkeCryptoProfiles' + description: The ike crypto profile you want to edit + responses: + '202': + content: + application/json: + schema: + $ref: '#/components/schemas/UuidResponse' + description: successful operation + '400': + $ref: '#/components/responses/bad_request_errors_basic_with_body' + default: + $ref: '#/components/responses/default_errors' + security: + - Bearer: [] + summary: Edit a ike crypto profile. + tags: + - ike crypto profiles + /v1/ike-crypto-profiles-read: + get: + description: 'Provides a list of IKE Crypto Profiles. + + ' + operationId: get-v1-ike-crypto-profiles-read + parameters: + - $ref: '#/components/parameters/uuid' + responses: + '200': + content: + application/json: + schema: + properties: + data: + $ref: '#/components/schemas/IkeCryptoProfilesSet' + limit: + default: 200 + type: number + offset: + default: 0 + type: number + total: + type: number + type: object + description: List of ike crypto profiles + '400': + $ref: '#/components/responses/bad_request_errors_basic' + '401': + $ref: '#/components/responses/auth_errors' + '403': + $ref: '#/components/responses/access_errors' + '404': + $ref: '#/components/responses/not_found' + default: + $ref: '#/components/responses/default_errors' + security: + - Bearer: [] + summary: Get IKE Crypto Profiles + tags: + - ike crypto profiles + post: + description: 'Allows you to create IKE Crypto Profiles. + + ' + operationId: post-v1-ike-crypto-profiles-read + parameters: + - $ref: '#/components/parameters/SubTenantName' + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/IkeCryptoProfilesNamesSet' + description: The ike crypto profile you want to read + responses: + '202': + content: + application/json: + schema: + $ref: '#/components/schemas/UuidResponse' + description: successful operation + '400': + $ref: '#/components/responses/bad_request_errors_basic_with_body' + default: + $ref: '#/components/responses/default_errors' + security: + - Bearer: [] + summary: Create IKE Crypto Profiles + tags: + - ike crypto profiles + /v1/ipsec-crypto-profiles: + delete: + description: 'Allows you to delete an IPSEC Crypto Profile. + + ' + operationId: delete-v1-ipsec-crypto-profiles + parameters: + - $ref: '#/components/parameters/SubTenantName' + - description: ipsec crypto profile name + in: query + name: name + required: true + schema: + type: string + responses: + '202': + content: + application/json: + schema: + $ref: '#/components/schemas/UuidResponse' + description: successful operation + '400': + $ref: '#/components/responses/bad_request_errors_basic_with_body' + default: + $ref: '#/components/responses/default_errors' + security: + - Bearer: [] + summary: Delete an IPSEC Crypto Profile + tags: + - ipsec crypto profiles + get: + description: 'Provides you a list of IPSEC Crypto Profiles. + + ' + operationId: get-v1-ipsec-crypto-profiles + parameters: + - $ref: '#/components/parameters/uuid' + responses: + '200': + content: + application/json: + schema: + properties: + data: + allOf: + - items: + $ref: '#/components/schemas/IpsecCryptoProfiles' + type: array + limit: + default: 200 + type: number + offset: + default: 0 + type: number + total: + type: number + type: object + description: List of ipsec crypto profiles + '400': + $ref: '#/components/responses/bad_request_errors_basic' + '401': + $ref: '#/components/responses/auth_errors' + '403': + $ref: '#/components/responses/access_errors' + '404': + $ref: '#/components/responses/not_found' + default: + $ref: '#/components/responses/default_errors' + security: + - Bearer: [] + summary: List of the IPSEC Crypto Profiles + tags: + - ipsec crypto profiles + post: + description: 'Allows you to create a IPSEC Crypto Profile. + + ' + operationId: post-v1-ipsec-crypto-profiles + parameters: + - $ref: '#/components/parameters/SubTenantName' + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/IpsecCryptoProfiles' + description: The ipsec crypto profile you want to create + responses: + '202': + content: + application/json: + schema: + $ref: '#/components/schemas/UuidResponse' + description: successful operation + '400': + $ref: '#/components/responses/bad_request_errors_basic_with_body' + default: + $ref: '#/components/responses/default_errors' + security: + - Bearer: [] + summary: Create a IPSEC crypto profile. + tags: + - ipsec crypto profiles + put: + description: 'Allows you to edit an IPSEC Crypto Profile. + + ' + operationId: put-v1-ipsec-crypto-profiles + parameters: + - $ref: '#/components/parameters/SubTenantName' + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/IpsecCryptoProfiles' + description: The ipsec crypto profile you want to edit + responses: + '202': + content: + application/json: + schema: + $ref: '#/components/schemas/UuidResponse' + description: successful operation + '400': + $ref: '#/components/responses/bad_request_errors_basic_with_body' + default: + $ref: '#/components/responses/default_errors' + security: + - Bearer: [] + summary: Modify an IPSEC Crypto Profile + tags: + - ipsec crypto profiles + /v1/ipsec-crypto-profiles-read: + get: + description: "Provides a list of Internet Protocol Security (IPSEC) crypto profiles\ + \ that are created. \n" + operationId: get-v1-ipsec-crypto-profiles-read + parameters: + - $ref: '#/components/parameters/uuid' + responses: + '200': + content: + application/json: + schema: + properties: + data: + $ref: '#/components/schemas/IpsecCryptoProfilesSet' + limit: + default: 200 + type: number + offset: + default: 0 + type: number + total: + type: number + type: object + description: List of ipsec crypto profiles + '400': + $ref: '#/components/responses/bad_request_errors_basic' + '401': + $ref: '#/components/responses/auth_errors' + '403': + $ref: '#/components/responses/access_errors' + '404': + $ref: '#/components/responses/not_found' + default: + $ref: '#/components/responses/default_errors' + security: + - Bearer: [] + summary: Get IPSEC Crypto Profiles + tags: + - ipsec crypto profiles + post: + description: 'Create a IPSEC Crypto Profile. + + ' + operationId: post-v1-ipsec-crypto-profiles-read + parameters: + - $ref: '#/components/parameters/SubTenantName' + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/IpsecCryptoProfilesNamesSet' + description: The ipsec crypto profiles you want to read + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UuidResponse' + description: successful operation + '400': + $ref: '#/components/responses/bad_request_errors_basic_with_body' + default: + $ref: '#/components/responses/default_errors' + security: + - Bearer: [] + summary: Create IPSEC Crypto Profile + tags: + - ipsec crypto profiles + /v1/location-informations: + get: + description: 'Get the location information status of the given ID. + + ' + operationId: get-v1-location-informations + parameters: + - $ref: '#/components/parameters/uuid' + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LocationInformationSet' + description: status for the given id + security: + - Bearer: [] + summary: Get status for the ID + tags: + - location informations + post: + description: 'Add a query based on location information. + + ' + operationId: post-v1-location-informations + parameters: + - $ref: '#/components/parameters/SubTenantName' + - $ref: '#/components/parameters/LocationInfoType' + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LocationSet' + description: The location info you want to query for + required: true + responses: + '202': + content: + application/json: + schema: + $ref: '#/components/schemas/UuidResponse' + description: successful operation + '400': + $ref: '#/components/responses/bad_request_errors_basic_with_body' + default: + $ref: '#/components/responses/default_errors' + security: + - Bearer: [] + summary: Retrieve location-mapped information or configuration based on a query + tags: + - location informations + /v1/locations: + get: + description: "Provides details on all locations. \n" + operationId: get-v1-locations + responses: + '200': + content: + application/json: + schema: + items: + properties: + aggregate_region: + type: string + cloud_provider: + type: string + compute_region: + type: string + continent: + type: string + display: + type: string + value: + type: string + type: object + type: array + description: get all locations + security: + - Bearer: [] + summary: 'Location details + + ' + tags: + - Location + /v1/nearest-location: + get: + operationId: get-v1-nearest-location + parameters: + - $ref: '#/components/parameters/Lattitude' + - $ref: '#/components/parameters/Longitude' + - $ref: '#/components/parameters/Limit' + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NearestLocationSet' + description: nearest locations for the given latitude and longitude + security: + - Bearer: [] + summary: Autogenerated summary + tags: + - Nearest Location /v1/remote-networks: delete: - description: delete the set of ipsec tunnels + description: 'Allows you to delete the set of IPSEC tunnels. + + ' operationId: delete-v1-remote-networks parameters: - $ref: '#/components/parameters/SubTenantName' @@ -666,11 +2098,11 @@ paths: $ref: '#/components/responses/default_errors' security: - Bearer: [] - summary: bulk delete remote network ipsec tunnels. + summary: Delete remote network IPSEC tunnels at bulk tags: - RemoteNetworks get: - description: 'Get remote networks ipsec tunnel details by id. + description: 'Get Remote Networks IPSEC tunnel details by ID. ' operationId: get-v1-remote-networks @@ -685,11 +2117,11 @@ paths: description: Get the remote networks ipsec tunnel status by uuid. security: - Bearer: [] - summary: Get the remote networks ipsec tunnel details by uuid. + summary: Remote Networks IPSEC tunnel details by ID tags: - RemoteNetworks post: - description: 'Create remote network ipsec tunnel/s. + description: 'Create a Remote Network IPSEC tunnel. ' operationId: post-v1-remote-networks @@ -714,11 +2146,11 @@ paths: $ref: '#/components/responses/default_errors' security: - Bearer: [] - summary: Create remote network ipsec tunnel/s. + summary: Create remote network IPSEC tunnel tags: - RemoteNetworks put: - description: 'Modify remote network ipsec tunnel/s. + description: 'Allows you to edit a remote network IPSEC tunnel. ' operationId: put-v1-remote-networks @@ -743,12 +2175,35 @@ paths: $ref: '#/components/responses/default_errors' security: - Bearer: [] - summary: Modify remote network ipsec tunnel/s. + summary: Modify remote network IPSEC tunnel tags: - RemoteNetworks + /v1/remote-networks-architecture: + get: + description: 'Provides information about the remote network architectures supported + for the tenant. + + ' + operationId: get-v1-remote-networks-architecture + parameters: + - $ref: '#/components/parameters/SubTenantName' + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/RemoteNetworkArchitectureDetails' + description: request records for the given tenant + security: + - Bearer: [] + summary: 'Details on the Remote Network Architecture + + ' + tags: + - Remote Architecture /v1/remote-networks-read: get: - description: 'Get remote networks ipsec tunnel details by id. + description: 'Get the remote networks IPSEC tunnel status by UUID. ' operationId: get-v1-remote-networks-read @@ -763,11 +2218,11 @@ paths: description: Get the remote networks ipsec tunnel status by uuid. security: - Bearer: [] - summary: Get the remote networks ipsec tunnel details by uuid. + summary: Get the remote networks IPSEC tunnel details by UUID. tags: - RemoteNetworks post: - description: 'Create remote network ipsec tunnel/s. + description: 'Create remote network IPSEC tunnel/s. ' operationId: post-v1-remote-networks-read @@ -792,13 +2247,340 @@ paths: $ref: '#/components/responses/default_errors' security: - Bearer: [] - summary: Create remote network ipsec tunnel/s. + summary: Create remote network IPSEC tunnel/s. tags: - RemoteNetworks + /v1/siteConfigRequests: + get: + description: 'Allows you to get the details regarding the site (if available). + + ' + operationId: get-v1-siteconfigrequests + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/RequestRecordSet' + description: request records for the given tenant + security: + - Bearer: [] + summary: 'Poll for new site requests + + ' + tags: + - Site Configuration Requests + post: + description: 'Allows you to update the site requests. + + ' + operationId: post-v1-siteconfigrequests + parameters: + - $ref: '#/components/parameters/uuid' + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RequestRecordSet' + responses: + '202': + content: + application/json: + schema: + type: string + description: successful operation + security: + - Bearer: [] + summary: 'Update site requests + + ' + tags: + - Site Configuration Requests + /v1/sites: + delete: + description: 'Helps you delete a set of sites. + + ' + operationId: delete-v1-sites + parameters: + - $ref: '#/components/parameters/SubTenantName' + - description: sites prefix for bulk deletion + in: query + name: sites_prefix + required: true + schema: + type: string + - $ref: '#/components/parameters/SiteNames' + - $ref: '#/components/parameters/folder-optional' + - $ref: '#/components/parameters/uuid' + responses: + '202': + content: + application/json: + schema: + $ref: '#/components/schemas/UuidResponse' + description: successful operation + '400': + $ref: '#/components/responses/bad_request_errors_basic_with_body' + default: + $ref: '#/components/responses/default_errors' + security: + - Bearer: [] + summary: "Bulk delete \n" + tags: + - Sites + get: + description: 'Provides details on all the created sites. + + ' + operationId: get-v1-sites + parameters: + - $ref: '#/components/parameters/uuid' + - $ref: '#/components/parameters/folder-optional' + - $ref: '#/components/parameters/name-optional' + - $ref: '#/components/parameters/limit-optional' + - $ref: '#/components/parameters/offset-optional' + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SiteSet' + description: Get all the site details. + security: + - Bearer: [] + summary: 'Sites details + + ' + tags: + - Sites + post: + description: 'You can create sites at bulk + + ' + operationId: post-v1-sites + parameters: + - $ref: '#/components/parameters/SubTenantName' + - $ref: '#/components/parameters/folder-optional' + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SiteSet' + description: The sites you want to create + responses: + '202': + content: + application/json: + schema: + $ref: '#/components/schemas/UuidResponse' + description: successful operation + '400': + $ref: '#/components/responses/bad_request_errors_basic_with_body' + default: + $ref: '#/components/responses/default_errors' + security: + - Bearer: [] + summary: 'Create sites + + ' + tags: + - Sites + put: + description: 'Helps you modify a site. + + ' + operationId: put-v1-sites + parameters: + - $ref: '#/components/parameters/SubTenantName' + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SiteSet' + description: The sites you want to modify + responses: + '202': + content: + application/json: + schema: + $ref: '#/components/schemas/UuidResponse' + description: successful operation + '400': + $ref: '#/components/responses/bad_request_errors_basic_with_body' + default: + $ref: '#/components/responses/default_errors' + security: + - Bearer: [] + summary: 'Modify Sites + + ' + tags: + - Sites + /v1/tenantInfo: + get: + description: "Provides details on the tenant. \n" + operationId: get-v1-tenantinfo + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/TenantInfo' + description: metadata for the given tenant + security: + - Bearer: [] + summary: 'Tenant Information + + ' + tags: + - Tenant Information + /v2/bandwidth-allocations: + delete: + description: 'Delete an aggregated bandwidth region. + + ' + operationId: delete-v2-bandwidth-allocations + parameters: + - $ref: '#/components/parameters/SubTenantName' + - $ref: '#/components/parameters/Region' + - $ref: '#/components/parameters/SpnName' + responses: + '202': + content: + application/json: + schema: + $ref: '#/components/schemas/UuidResponse' + description: successful operation + '400': + $ref: '#/components/responses/bad_request_errors_basic_with_body' + default: + $ref: '#/components/responses/default_errors' + security: + - Bearer: [] + summary: Delete an aggregated bandwidth region + tags: + - bandwidth allocations + get: + description: 'status for the given id + + ' + operationId: get-v2-bandwidth-allocations + parameters: + - $ref: '#/components/parameters/uuid' + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/BandwidthAllocationSetV2' + description: status for the given id + security: + - Bearer: [] + summary: status for the given id + tags: + - bandwidth allocations + post: + description: 'Allows you to create an aggregated bandwidth regions based on + the location data. + + ' + operationId: post-v2-bandwidth-allocations + parameters: + - $ref: '#/components/parameters/SubTenantName' + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/BandwidthAllocationSetV2' + description: The aggregated bandwidth region you want to create + required: true + responses: + '202': + content: + application/json: + schema: + $ref: '#/components/schemas/UuidResponse' + description: successful operation + '400': + $ref: '#/components/responses/bad_request_errors_basic_with_body' + default: + $ref: '#/components/responses/default_errors' + security: + - Bearer: [] + summary: Create an aggregated bandwidth regions + tags: + - bandwidth allocations + put: + description: 'Modify aggregated bandwidth regions. + + ' + operationId: put-v2-bandwidth-allocations + parameters: + - $ref: '#/components/parameters/SubTenantName' + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/BandwidthAllocationSetV2' + description: The aggregated bandwidth region you want to create + required: true + responses: + '202': + content: + application/json: + schema: + $ref: '#/components/schemas/UuidResponse' + description: successful operation + '400': + $ref: '#/components/responses/bad_request_errors_basic_with_body' + default: + $ref: '#/components/responses/default_errors' + security: + - Bearer: [] + summary: Edit aggregated bandwidth regions + tags: + - bandwidth allocations servers: - url: https://api.sase.paloaltonetworks.com tags: -- description: '???? Add description +- description: 'IPSEC Crypto Profiles. + + ' + name: Internet Protocol Security Crypto Profiles +- description: 'IKE Crypto Profiles. + + ' + name: Internet Key Exchange Crypto Profiles +- description: 'Allocation of the bandwidth. + + ' + name: Bandwidth allocations +- description: "Information on the location. \n" + name: Location Information +- description: 'Status of the Remote Networks. ' name: Remote Network Status +- description: "Request for the site configuration. \n" + name: Site Configuration Requests +- description: 'Read configuration details. + + ' + name: Configuration Read +- description: 'Sites + + ' + name: Sites +- description: "Nearest location. \n" + name: Nearest Location +- description: 'Location + + ' + name: Location +- description: 'Information about the Tenant. + + ' + name: Tenant Information +- description: "Remote Architechture \n" + name: Remote Architechture From c0f637e9583816aef5555811d887cb3e47ce5fc9 Mon Sep 17 00:00:00 2001 From: sra Date: Wed, 31 Jul 2024 19:08:00 +0530 Subject: [PATCH 02/29] Added md file, updated the sidebar and config.js --- docusaurus.config.js | 5 +++++ .../sase/api/remote-networks/remote-networks.md | 16 ++++++++++++++++ products/sase/sidebars.js | 4 ++++ 3 files changed, 25 insertions(+) create mode 100644 products/sase/api/remote-networks/remote-networks.md diff --git a/docusaurus.config.js b/docusaurus.config.js index 6d9a303f9..3b4ef8ef7 100644 --- a/docusaurus.config.js +++ b/docusaurus.config.js @@ -685,6 +685,11 @@ const config = { outputDir: "products/sase/api/mt-interconnect", sidebarOptions: { groupPathsBy: "tag" }, }, + remotenetworks: { + specPath: "openapi-specs/sase/remote-networks", + outputDir: "products/sase/api/remote-networks", + sidebarOptions: { groupPathsBy: "tag" }, + }, access: { specPath: "openapi-specs/access/prisma-access-config", outputDir: "products/access/api/prisma-access-config", diff --git a/products/sase/api/remote-networks/remote-networks.md b/products/sase/api/remote-networks/remote-networks.md new file mode 100644 index 000000000..809de32f9 --- /dev/null +++ b/products/sase/api/remote-networks/remote-networks.md @@ -0,0 +1,16 @@ +--- +id: remote-networks +title: Prisma Access Remote Networks API +sidebar_label: Remote Networks API +slug: /sase/api/remote-networks +keywords: + - SASE + - Reference + - API +--- + +Prisma Access ensures consistent security by enabling safe access to cloud and data center applications, as well as the internet, for users at headquarters, branch offices, or on the road. It inspects all traffic across all ports, providing secure access to the internet, sanctioned SaaS applications, public cloud environments, data centers, and headquarters. Built-in features include threat prevention, malware prevention, URL filtering, SSL decryption, and application-based policy capabilities, ensuring uniform security regardless of user location or accessed resources. All Prisma Access logs are stored in the Strata Logging Service for centralized analysis, reporting, and forensics across all users, applications, and locations. + +Prisma Access offers scalable protection with global coverage, eliminating the need to size and deploy hardware firewalls at branches or manage appliances in colocation facilities. It provides the network infrastructure to connect remote branches, headquarters, data centers, and mobile users, without requiring you to build and manage your own global security infrastructure, thereby expanding your operational capacity. + +These APIs use the [common SASE authentication](/sase/docs/getstarted) for service access and authorization. \ No newline at end of file diff --git a/products/sase/sidebars.js b/products/sase/sidebars.js index 9b2f9a8ed..6efd50f30 100644 --- a/products/sase/sidebars.js +++ b/products/sase/sidebars.js @@ -301,6 +301,10 @@ module.exports = { "sase/api/mt-interconnect/mt-interconnect", require("./api/mt-interconnect/sidebar"), ], + saseremotenetworks: [ + "sase/api/remote-networks/remote-networks", + require("./api/remote-networks/sidebar"), + ], sasesubscription: [ "sase/api/subscription/subscription-api", require("./api/subscription/sidebar"), From ca23cc9c0c2bfc169cf3a19f78e6af9fa231447d Mon Sep 17 00:00:00 2001 From: sra Date: Wed, 31 Jul 2024 19:14:21 +0530 Subject: [PATCH 03/29] local server starts successfully --- docusaurus.config.js | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docusaurus.config.js b/docusaurus.config.js index 3b4ef8ef7..85231f24b 100644 --- a/docusaurus.config.js +++ b/docusaurus.config.js @@ -437,6 +437,11 @@ const config = { label: "Multitenant Interconnect", icon: "api-doc", }, + { + to: "sase/api/remote-networks", + label: "Remote Networks", + icon: "api-doc", + }, { to: "access/api/adem/autonomous-dem-api", label: "Autonomous DEM", From e5a4f65bf076ef1790b2df5c709ddf5eda68eeb2 Mon Sep 17 00:00:00 2001 From: sra Date: Mon, 5 Aug 2024 20:06:55 +0530 Subject: [PATCH 04/29] DOCS-5564 Revert the changes --- .../paloaltonetworks-Remote_Networks.yaml | 109 +++++++++--------- 1 file changed, 52 insertions(+), 57 deletions(-) diff --git a/openapi-specs/sase/remote-networks/paloaltonetworks-Remote_Networks.yaml b/openapi-specs/sase/remote-networks/paloaltonetworks-Remote_Networks.yaml index cb38aeaed..d8b025c9a 100644 --- a/openapi-specs/sase/remote-networks/paloaltonetworks-Remote_Networks.yaml +++ b/openapi-specs/sase/remote-networks/paloaltonetworks-Remote_Networks.yaml @@ -1318,16 +1318,26 @@ components: info: contact: email: support@paloaltonetworks.com - description: "This Open API spec file represents the APIs available for\n[Palo Alto\ - \ Networks Interconnect](https://docs.paloaltonetworks.com/NEED-URL) APIs. ???\ - \ Add RN decription here ?????\n\nThese APIs use the common SASE authentication\ - \ mechanism and base URL. See the\n[Prisma SASE API Get Started](https://pan.dev/sase/docs/getstarted)\ - \ guide for more information.\n\nThis Open API spec file was created on July 31,\ - \ 2024. To check for a more recent version of this file, see\n[Interconnect APIs\ - \ on pan.dev](https://pan.dev/sase/api/mt-sp-interconnect/mt-interconnect-api.html).\ - \ ??? Replace the link with RN ????\n\n\xA9 2024 Palo Alto Networks, Inc. Palo\ - \ Alto Networks is a registered trademark of Palo\nAlto Networks. A list of our\ - \ trademarks can be found at\n\n[https://www.paloaltonetworks.com/company/trademarks.html](https://www.paloaltonetworks.com/company/trademarks.html)\n\ + description: "\nPrisma Access ensures consistent security by enabling users at headquarters,\ + \ branch offices, or on the go to safely access cloud and data center applications,\ + \ as well as the internet. \nIt inspects all traffic across all ports, ensuring\ + \ secure access to the internet, approved SaaS applications, public cloud environments,\ + \ data centers, and headquarters. \nKey features include threat prevention, malware\ + \ prevention, URL filtering, SSL decryption, and application-based policy capabilities,\ + \ providing uniform security regardless of user location or accessed resources.\n\ + The Strata Logging Service stores all Prisma Access logs for centralized analysis,\ + \ reporting, and forensics across all users, applications, and locations. \nPrisma\ + \ Access delivers scalable protection with global coverage, eliminating the need\ + \ to size and deploy hardware firewalls at branches or manage appliances in colocation\ + \ facilities. \nIt provides the network infrastructure to connect remote branches,\ + \ headquarters, data centers, and mobile users, without requiring you to build\ + \ and manage your own global security infrastructure, thereby enhancing your operational\ + \ capacity.\nOur APIs now enable seamless integration and automation of Prisma\ + \ Access capabilities into your existing systems.\n\nThese APIs use the common\ + \ SASE authentication mechanism and base URL. See the\n[Prisma SASE API Get Started](https://pan.dev/sase/docs/getstarted)\ + \ guide for more information.\n\n\xA9 2024 Palo Alto Networks, Inc. Palo Alto\ + \ Networks is a registered trademark of Palo\nAlto Networks. A list of our trademarks\ + \ can be found at\n\n[https://www.paloaltonetworks.com/company/trademarks.html](https://www.paloaltonetworks.com/company/trademarks.html)\n\ \nAll other marks mentioned herein may be trademarks of their respective companies.\n" title: Remote Networks API version: '1.0' @@ -1442,7 +1452,7 @@ paths: - bandwidth allocations /v1/bandwidth-allocations-read: get: - description: 'Fetch the sire request if available. + description: 'Fetch the site request if available. ' operationId: get-v1-bandwidth-allocations-read @@ -1463,7 +1473,7 @@ paths: tags: - bandwidth allocations post: - description: 'Create bandwidth allocation read request. + description: 'Create a bandwidth allocation read request. ' operationId: post-v1-bandwidth-allocations-read @@ -1488,14 +1498,12 @@ paths: $ref: '#/components/responses/default_errors' security: - Bearer: [] - summary: 'Create bandwidth allocation read request - - ' + summary: "Create a bandwidth allocation \n" tags: - bandwidth allocations /v1/config-read: get: - description: 'Create read request to enable APIs. + description: 'Create a read request to enable APIs. ' operationId: get-v1-config-read @@ -1510,13 +1518,11 @@ paths: description: Get the enable read information. security: - Bearer: [] - summary: 'Details on read request to enable APIs - - ' + summary: "Details on read request \n" tags: - Configuration Read post: - description: 'Create read request to enable APIs. + description: 'Create a read request to enable APIs. ' operationId: post-v1-config-read @@ -1535,13 +1541,11 @@ paths: $ref: '#/components/responses/default_errors' security: - Bearer: [] - summary: 'Read request to enable APIs - - ' + summary: "Create a Read request \n" tags: - Configuration Read put: - description: 'Update read request to enable APIs. + description: 'Update a read request to enable APIs. ' operationId: put-v1-config-read @@ -1564,16 +1568,12 @@ paths: $ref: '#/components/responses/default_errors' security: - Bearer: [] - summary: 'Update read request to enable APIs - - ' + summary: "Update a read request \n" tags: - Configuration Read /v1/ike-crypto-profiles: delete: - description: 'Delete a ike crypto profile. - - ' + description: "Delete an IKE Crypto Profiles. \n" operationId: delete-v1-ike-crypto-profiles parameters: - $ref: '#/components/parameters/SubTenantName' @@ -1596,7 +1596,7 @@ paths: $ref: '#/components/responses/default_errors' security: - Bearer: [] - summary: Delete a ike crypto profile. + summary: Delete IKE Crypto Profile tags: - ike crypto profiles get: @@ -1638,7 +1638,7 @@ paths: $ref: '#/components/responses/default_errors' security: - Bearer: [] - summary: Get IKE crypto profile + summary: Get IKE Crypto Profile tags: - ike crypto profiles post: @@ -1669,9 +1669,7 @@ paths: tags: - ike crypto profiles put: - description: 'Modify a ike crypto profile. - - ' + description: "Edit an IKE Crypto Profiles. \n" operationId: put-v1-ike-crypto-profiles parameters: - $ref: '#/components/parameters/SubTenantName' @@ -1694,7 +1692,7 @@ paths: $ref: '#/components/responses/default_errors' security: - Bearer: [] - summary: Edit a ike crypto profile. + summary: Edit IKE Crypto Profile tags: - ike crypto profiles /v1/ike-crypto-profiles-read: @@ -1735,7 +1733,7 @@ paths: $ref: '#/components/responses/default_errors' security: - Bearer: [] - summary: Get IKE Crypto Profiles + summary: List of IKE Crypto Profiles to read tags: - ike crypto profiles post: @@ -1866,7 +1864,7 @@ paths: $ref: '#/components/responses/default_errors' security: - Bearer: [] - summary: Create a IPSEC crypto profile. + summary: Create a IPSEC Crypto Profile tags: - ipsec crypto profiles put: @@ -1900,8 +1898,8 @@ paths: - ipsec crypto profiles /v1/ipsec-crypto-profiles-read: get: - description: "Provides a list of Internet Protocol Security (IPSEC) crypto profiles\ - \ that are created. \n" + description: "Provides a list of Internet Protocol Security (IPSEC) Crypto Profile\ + \ s that are created. \n" operationId: get-v1-ipsec-crypto-profiles-read parameters: - $ref: '#/components/parameters/uuid' @@ -1988,9 +1986,8 @@ paths: tags: - location informations post: - description: 'Add a query based on location information. - - ' + description: "Retrieve location-mapped information or configuration based on\ + \ a query. \n" operationId: post-v1-location-informations parameters: - $ref: '#/components/parameters/SubTenantName' @@ -2015,7 +2012,7 @@ paths: $ref: '#/components/responses/default_errors' security: - Bearer: [] - summary: Retrieve location-mapped information or configuration based on a query + summary: Add a query based on location information tags: - location informations /v1/locations: @@ -2218,11 +2215,11 @@ paths: description: Get the remote networks ipsec tunnel status by uuid. security: - Bearer: [] - summary: Get the remote networks IPSEC tunnel details by UUID. + summary: Get the remote networks IPSEC tunnel details by UUID tags: - RemoteNetworks post: - description: 'Create remote network IPSEC tunnel/s. + description: 'Create remote network IPSEC tunnel. ' operationId: post-v1-remote-networks-read @@ -2247,7 +2244,7 @@ paths: $ref: '#/components/responses/default_errors' security: - Bearer: [] - summary: Create remote network IPSEC tunnel/s. + summary: Create remote network IPSEC tunnel tags: - RemoteNetworks /v1/siteConfigRequests: @@ -2298,7 +2295,7 @@ paths: - Site Configuration Requests /v1/sites: delete: - description: 'Helps you delete a set of sites. + description: 'Assists you in deleting a group of sites. ' operationId: delete-v1-sites @@ -2330,7 +2327,7 @@ paths: tags: - Sites get: - description: 'Provides details on all the created sites. + description: 'Provides information on all created sites. ' operationId: get-v1-sites @@ -2349,13 +2346,11 @@ paths: description: Get all the site details. security: - Bearer: [] - summary: 'Sites details - - ' + summary: "Get details on sites \n" tags: - Sites post: - description: 'You can create sites at bulk + description: 'You can create sites in bulk. ' operationId: post-v1-sites @@ -2381,13 +2376,13 @@ paths: $ref: '#/components/responses/default_errors' security: - Bearer: [] - summary: 'Create sites + summary: 'Create sites at bulk ' tags: - Sites put: - description: 'Helps you modify a site. + description: 'Assists you in modifying a site. ' operationId: put-v1-sites @@ -2462,7 +2457,7 @@ paths: tags: - bandwidth allocations get: - description: 'status for the given id + description: 'Status for the given ID. ' operationId: get-v2-bandwidth-allocations @@ -2477,7 +2472,7 @@ paths: description: status for the given id security: - Bearer: [] - summary: status for the given id + summary: Status for the given ID tags: - bandwidth allocations post: From aae20fd5c44329f7fd8558ceb4626ee36d6dac5c Mon Sep 17 00:00:00 2001 From: sra Date: Thu, 8 Aug 2024 09:33:25 +0530 Subject: [PATCH 05/29] test commit --- products/sase/docs/home.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/products/sase/docs/home.mdx b/products/sase/docs/home.mdx index d9b656da3..335e05ed4 100644 --- a/products/sase/docs/home.mdx +++ b/products/sase/docs/home.mdx @@ -12,7 +12,7 @@ keywords: Prisma SASE offers a [suite of cloud-delivered products](https://docs.paloaltonetworks.com/sase.html) that provide network configuration and network security services. This suite of software offers network security for an enterprise's users, no -matter where they might be physically located, be it in the office or from a remote location. +matter where they might be physically located, be it in the office or from a remote location. The Prisma SASE APIs described here are intended to enable automation and integration solutions for Prisma SASE products and services. From 681cc5bc74acc98d7529f90be013aecd1b6c8b31 Mon Sep 17 00:00:00 2001 From: sra Date: Tue, 13 Aug 2024 07:57:09 +0530 Subject: [PATCH 06/29] Updating the summary on pandev-tools --- .../paloaltonetworks-Remote_Networks.yaml | 995 +----------------- 1 file changed, 31 insertions(+), 964 deletions(-) diff --git a/openapi-specs/sase/remote-networks/paloaltonetworks-Remote_Networks.yaml b/openapi-specs/sase/remote-networks/paloaltonetworks-Remote_Networks.yaml index d8b025c9a..8efe086c8 100644 --- a/openapi-specs/sase/remote-networks/paloaltonetworks-Remote_Networks.yaml +++ b/openapi-specs/sase/remote-networks/paloaltonetworks-Remote_Networks.yaml @@ -1,20 +1,5 @@ components: parameters: - Lattitude: - description: lattitude of a region - in: query - name: lattitude - required: true - schema: - type: string - Limit: - description: number of nearest locations - in: query - name: limit - schema: - default: 1 - format: int32 - type: integer LocationInfoType: description: Type of info queried in: query @@ -22,13 +7,6 @@ components: required: false schema: type: string - Longitude: - description: longitude of a region - in: query - name: longitude - required: true - schema: - type: string Region: description: agg bandwidth region in: query @@ -46,13 +24,6 @@ components: type: string type: array style: deepObject - SiteNames: - in: query - name: SiteNames - schema: - items: - type: string - type: array SpnName: description: agg bandwidth region in: query @@ -66,34 +37,6 @@ components: name: SubTenantName schema: type: string - folder-optional: - description: The folder for cloud config management - in: query - name: folder - required: false - schema: - type: string - limit-optional: - description: The max count in result entry (count per page) - in: query - name: limit - required: false - schema: - type: integer - name-optional: - description: The name of the entry - in: query - name: name - required: false - schema: - type: string - offset-optional: - description: The offset of the result entry - in: query - name: offset - required: false - schema: - type: integer uuid: description: uuid for the request in: query @@ -162,16 +105,6 @@ components: - location - bandwidth type: object - BandwidthAllocationRegionNamesSet: - properties: - bandwidth_allocation_region_names: - items: - type: string - maxItems: 100 - minItems: 0 - type: array - uniqueItems: true - type: object BandwidthAllocationSet: properties: bandwidth_allocations: @@ -182,185 +115,6 @@ components: uuid: $ref: '#/components/schemas/UuidResponse' type: object - BandwidthAllocationSetV2: - properties: - bandwidth_allocations: - description: bandwidth allocations - items: - $ref: '#/components/schemas/BandwidthAllocationV2' - type: array - uuid: - $ref: '#/components/schemas/UuidResponse' - type: object - BandwidthAllocationV2: - properties: - bandwidth: - description: bandwidth to allocate in Mbps - type: string - compute_location: - description: aggregate compute region - type: string - edge_location: - description: edge location for given lat/long/ip - type: string - ipsec_node_list: - description: ipsec node list - items: - type: string - type: array - ipsec_termination_service: - description: ipsec termination service list - items: - properties: - capacity: - type: integer - name: - type: string - type: object - type: array - location: - $ref: '#/components/schemas/Location' - required: - - location - - bandwidth - type: object - ConfigRead: - properties: - config: - properties: - bandwidth_allocations: - items: - properties: - bandwidth: - type: string - compute_location: - type: string - ipsec_termination_service: - items: - properties: - capacity: - type: string - name: - type: string - type: object - type: array - spn_name_list: - items: - type: string - type: array - type: object - type: array - ike_crypto_profiles: - items: - properties: - dh-group: - properties: - member: - type: string - type: object - encryption: - properties: - member: - type: string - type: object - hash: - properties: - member: - type: string - type: object - lifetime: - properties: - hours: - type: string - type: object - name: - type: string - type: object - type: array - ipsecrypto_profiles: - items: - properties: - dh-group: - type: string - esp: - properties: - authentication: - properties: - member: - type: string - type: object - encryption: - properties: - member: - type: string - type: object - type: object - lifetime: - properties: - hours: - type: string - type: object - name: - type: string - type: object - type: array - remote_networks: - items: - properties: - ecmp-load-balancing: - type: string - ipsec-tunnel: - type: string - license-type: - type: string - name: - type: string - protocol: - properties: - bgp: - properties: - enable: - type: string - type: object - type: object - region: - type: string - secondary-wan-enabled: - type: string - spn-name: - type: string - subnets: - properties: - member: - items: - type: string - type: array - type: object - type: object - type: array - type: object - resources: - items: - enum: - - remote_networks - - ipsec_crypto_profiles - - ike_crypto_profiles - - bandwidth_allocations - type: string - type: array - type: object - ConfigResources: - properties: - resources: - items: - enum: - - remote_networks - - ipsec_crypto_profiles - - ike_crypto_profiles - - bandwidth_allocations - type: string - type: array - type: object EcmpLoadBalancing: properties: ecmp_load_balancing_enabled: @@ -891,28 +645,6 @@ components: $ref: '#/components/schemas/Location' type: array type: object - NearestLocation: - properties: - country: - type: string - country_code: - type: string - display_name: - type: string - distance: - format: double - type: number - edge_location_name: - type: string - latitude: - type: string - longitude: - type: string - type: object - NearestLocationSet: - items: - $ref: '#/components/schemas/NearestLocation' - type: array PublicIp: description: Public IP to detect region properties: @@ -931,81 +663,6 @@ components: description: Approximate Longitude for the site location type: string type: object - RemoteNetworkArchitecture: - properties: - capabilities: - properties: - compute_redundancy_support: - description: Indicates whether compute region redundancy is supported - type: boolean - site_level_cir_support: - description: Indicates whether Remote Network Sites with CIR (committed - information rate) configuration is supported - type: boolean - type: object - description: - description: A description of the architecture version - example: Remote Network Classic architecture - type: string - version: - description: Version string of the architecture - example: v1 - type: string - type: object - RemoteNetworkArchitectureDetails: - properties: - architecture_versions: - $ref: '#/components/schemas/RemoteNetworkArchitectures' - type: object - prisma_access_locations: - description: List of compute locations and their corresponding supported - architecture versions - items: - properties: - architecture_version: - description: Architecture version supported in this compute location. - This will be one of the keys in "architecture_versions" property's - key/value pairs - example: v1 - type: string - compute_location_config_name: - description: Aggregate compute location configuration name - example: us-southeast - type: string - compute_location_display_name: - description: Aggregate compute location display name - example: US Southeast - type: string - location_config_name: - description: Prisma Access Edge location configuration name - example: panama - type: string - location_display_name: - description: Prisma Access Edge location display name - example: Panama - type: string - type: object - type: array - type: object - RemoteNetworkArchitectures: - additionalProperties: - $ref: '#/components/schemas/RemoteNetworkArchitecture' - description: Key/Value pairs of architecture version key ("v1", "v2" etc) and - value of architecture details - example: - v1: - capabilities: - compute_redundancy_support: false - site_level_cir_support: false - description: Remote Network Classic architecture - version: v1 - v2: - capabilities: - compute_redundancy_support: true - site_level_cir_support: true - description: Remote Network High Performance (RN-HP) architecture - version: v2 - type: object RemoteNetworksIpsecTunnel: properties: bgp: @@ -1131,8 +788,6 @@ components: type: string RequestResult: type: string - RequestResultHash: - type: string RequestStatus: type: string RequestTimeStamp: @@ -1152,135 +807,6 @@ components: $ref: '#/components/schemas/RequestRecord' type: array type: object - Site: - properties: - address_line_1: - description: Address that the site has been created in - type: string - address_line_2: - description: Address that the site has been created in - type: string - city: - description: City that the site has been created in - example: Bangalore - type: string - country: - description: Country that the site has been created in - example: India - type: string - id: - description: uuid of the site - example: abcd-1234 - readOnly: true - type: string - latitude: - description: Latitude that the site has been created in - example: '72.10928' - type: string - longitude: - description: Longitude that the site has been created in - example: '72.10928' - type: string - members: - items: - properties: - mode: - description: Mode that the RN has to be configured in for this site - enum: - - active - - backup - example: active - type: string - name: - type: string - remote_network: - description: Name of the configured remote network to be added as - part of the site - example: sdwan-site-member-1 - type: string - type: object - type: array - name: - description: Name of the site defined - example: sdwan-site-1 - type: string - qos: - properties: - backup_cir: - description: CIR in mbps for backup region distributed equally for all - tunnels in the site - example: '10' - type: number - cir: - description: CIR in mbps distributed equally for all tunnels in the - site - example: '10' - type: number - profile: - description: Name of the qos profile configured - type: string - type: object - sdwan_site_id: - description: uuid of the sdwan site - example: abcd-1234 - readOnly: true - type: string - state: - description: State that the site has been created in - example: Karnataka - type: string - type: - description: Type of the site - enum: - - prisma-sdwan - - third-party-branch - - third-party-discovered - example: prisma-sdwan - type: string - zip_code: - description: Zip code of the region that the site has been created in - example: '72.10928' - type: string - required: - - name - - members - type: object - SiteSet: - properties: - sites: - description: collection of sites - items: - $ref: '#/components/schemas/Site' - type: array - uuid: - $ref: '#/components/schemas/UuidResponse' - type: object - TenantInfo: - properties: - panorama_cloud_service_plugin_version: - description: PrismaAccessPanorama cloud service plugin version if type is - PrismaAccessPanorama - type: string - panorama_subtenant_info: - description: PrismaAccessPanorama subtenant information - items: - properties: - id: - type: string - name: - type: string - type: object - type: array - panorama_version: - description: PrismaAccessPanorama version if type is PrismaAccessPanorama - type: string - type: - description: PrismaAccess or PrismaAccessPanorama - enum: - - prisma_access - - prisma_access_panorama - type: string - type: object UuidResponse: properties: uuid: @@ -1370,7 +896,7 @@ paths: - Bearer: [] summary: Delete an aggregated bandwidth region tags: - - bandwidth allocations + - Bandwidth Allocations get: description: 'Provides the status for the given ID. @@ -1389,7 +915,7 @@ paths: - Bearer: [] summary: Lists the status for the given ID tags: - - bandwidth allocations + - Bandwidth Allocations post: description: 'Create aggregated bandwidth regions based on location data. @@ -1419,7 +945,7 @@ paths: - Bearer: [] summary: Create aggregated bandwidth regions tags: - - bandwidth allocations + - Bandwidth Allocations put: description: 'Modify an aggregated bandwidth regions. @@ -1449,42 +975,19 @@ paths: - Bearer: [] summary: Edit aggregated bandwidth regions tags: - - bandwidth allocations - /v1/bandwidth-allocations-read: - get: - description: 'Fetch the site request if available. - - ' - operationId: get-v1-bandwidth-allocations-read - parameters: - - $ref: '#/components/parameters/uuid' - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/BandwidthAllocationSet' - description: Get the bandwidth allocation status. - security: - - Bearer: [] - summary: 'Poll for new site requests - - ' - tags: - - bandwidth allocations - post: - description: 'Create a bandwidth allocation read request. - - ' - operationId: post-v1-bandwidth-allocations-read + - Bandwidth Allocations + /v1/ike-crypto-profiles: + delete: + description: "Delete an IKE Crypto Profiles. \n" + operationId: delete-v1-ike-crypto-profiles parameters: - $ref: '#/components/parameters/SubTenantName' - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/BandwidthAllocationRegionNamesSet' - description: The bandwidth allocation that you want to read + - description: ike crypto profile name + in: query + name: name + required: true + schema: + type: string responses: '202': content: @@ -1498,113 +1001,15 @@ paths: $ref: '#/components/responses/default_errors' security: - Bearer: [] - summary: "Create a bandwidth allocation \n" + summary: Delete IKE Crypto Profile tags: - - bandwidth allocations - /v1/config-read: + - IKE Crypto Profiles get: - description: 'Create a read request to enable APIs. - - ' - operationId: get-v1-config-read + description: "Provides a list of Internet Key Exchange(IKE) Crypto Profiles.\ + \ \n" + operationId: get-v1-ike-crypto-profiles parameters: - - $ref: '#/components/parameters/SubTenantName' - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/ConfigRead' - description: Get the enable read information. - security: - - Bearer: [] - summary: "Details on read request \n" - tags: - - Configuration Read - post: - description: 'Create a read request to enable APIs. - - ' - operationId: post-v1-config-read - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ConfigResources' - description: The post read request for enabling apis. - responses: - '200': - description: successful operation - '400': - $ref: '#/components/responses/bad_request_errors_basic_with_body' - default: - $ref: '#/components/responses/default_errors' - security: - - Bearer: [] - summary: "Create a Read request \n" - tags: - - Configuration Read - put: - description: 'Update a read request to enable APIs. - - ' - operationId: put-v1-config-read - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ConfigResources' - description: The post read request for enabling apis. - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/UuidResponse' - description: successful operation - '400': - $ref: '#/components/responses/bad_request_errors_basic_with_body' - default: - $ref: '#/components/responses/default_errors' - security: - - Bearer: [] - summary: "Update a read request \n" - tags: - - Configuration Read - /v1/ike-crypto-profiles: - delete: - description: "Delete an IKE Crypto Profiles. \n" - operationId: delete-v1-ike-crypto-profiles - parameters: - - $ref: '#/components/parameters/SubTenantName' - - description: ike crypto profile name - in: query - name: name - required: true - schema: - type: string - responses: - '202': - content: - application/json: - schema: - $ref: '#/components/schemas/UuidResponse' - description: successful operation - '400': - $ref: '#/components/responses/bad_request_errors_basic_with_body' - default: - $ref: '#/components/responses/default_errors' - security: - - Bearer: [] - summary: Delete IKE Crypto Profile - tags: - - ike crypto profiles - get: - description: "Provides a list of Internet Key Exchange(IKE) Crypto Profiles.\ - \ \n" - operationId: get-v1-ike-crypto-profiles - parameters: - - $ref: '#/components/parameters/uuid' + - $ref: '#/components/parameters/uuid' responses: '200': content: @@ -1640,7 +1045,7 @@ paths: - Bearer: [] summary: Get IKE Crypto Profile tags: - - ike crypto profiles + - IKE Crypto Profiles post: description: "Create an IKE Crypto Profiles. \n" operationId: post-v1-ike-crypto-profiles @@ -1667,7 +1072,7 @@ paths: - Bearer: [] summary: Create IKE Crypto Profile tags: - - ike crypto profiles + - IKE Crypto Profiles put: description: "Edit an IKE Crypto Profiles. \n" operationId: put-v1-ike-crypto-profiles @@ -1694,7 +1099,7 @@ paths: - Bearer: [] summary: Edit IKE Crypto Profile tags: - - ike crypto profiles + - IKE Crypto Profiles /v1/ike-crypto-profiles-read: get: description: 'Provides a list of IKE Crypto Profiles. @@ -1735,7 +1140,7 @@ paths: - Bearer: [] summary: List of IKE Crypto Profiles to read tags: - - ike crypto profiles + - IKE Crypto Profiles post: description: 'Allows you to create IKE Crypto Profiles. @@ -1764,7 +1169,7 @@ paths: - Bearer: [] summary: Create IKE Crypto Profiles tags: - - ike crypto profiles + - IKE Crypto Profiles /v1/ipsec-crypto-profiles: delete: description: 'Allows you to delete an IPSEC Crypto Profile. @@ -1794,7 +1199,7 @@ paths: - Bearer: [] summary: Delete an IPSEC Crypto Profile tags: - - ipsec crypto profiles + - IPSEC Crypto Profiles get: description: 'Provides you a list of IPSEC Crypto Profiles. @@ -1837,7 +1242,7 @@ paths: - Bearer: [] summary: List of the IPSEC Crypto Profiles tags: - - ipsec crypto profiles + - IPSEC Crypto Profiles post: description: 'Allows you to create a IPSEC Crypto Profile. @@ -1866,7 +1271,7 @@ paths: - Bearer: [] summary: Create a IPSEC Crypto Profile tags: - - ipsec crypto profiles + - IPSEC Crypto Profiles put: description: 'Allows you to edit an IPSEC Crypto Profile. @@ -1895,7 +1300,7 @@ paths: - Bearer: [] summary: Modify an IPSEC Crypto Profile tags: - - ipsec crypto profiles + - IPSEC Crypto Profiles /v1/ipsec-crypto-profiles-read: get: description: "Provides a list of Internet Protocol Security (IPSEC) Crypto Profile\ @@ -1935,7 +1340,7 @@ paths: - Bearer: [] summary: Get IPSEC Crypto Profiles tags: - - ipsec crypto profiles + - IPSEC Crypto Profiles post: description: 'Create a IPSEC Crypto Profile. @@ -1964,7 +1369,7 @@ paths: - Bearer: [] summary: Create IPSEC Crypto Profile tags: - - ipsec crypto profiles + - IPSEC Crypto Profiles /v1/location-informations: get: description: 'Get the location information status of the given ID. @@ -2015,58 +1420,6 @@ paths: summary: Add a query based on location information tags: - location informations - /v1/locations: - get: - description: "Provides details on all locations. \n" - operationId: get-v1-locations - responses: - '200': - content: - application/json: - schema: - items: - properties: - aggregate_region: - type: string - cloud_provider: - type: string - compute_region: - type: string - continent: - type: string - display: - type: string - value: - type: string - type: object - type: array - description: get all locations - security: - - Bearer: [] - summary: 'Location details - - ' - tags: - - Location - /v1/nearest-location: - get: - operationId: get-v1-nearest-location - parameters: - - $ref: '#/components/parameters/Lattitude' - - $ref: '#/components/parameters/Longitude' - - $ref: '#/components/parameters/Limit' - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/NearestLocationSet' - description: nearest locations for the given latitude and longitude - security: - - Bearer: [] - summary: Autogenerated summary - tags: - - Nearest Location /v1/remote-networks: delete: description: 'Allows you to delete the set of IPSEC tunnels. @@ -2175,29 +1528,6 @@ paths: summary: Modify remote network IPSEC tunnel tags: - RemoteNetworks - /v1/remote-networks-architecture: - get: - description: 'Provides information about the remote network architectures supported - for the tenant. - - ' - operationId: get-v1-remote-networks-architecture - parameters: - - $ref: '#/components/parameters/SubTenantName' - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/RemoteNetworkArchitectureDetails' - description: request records for the given tenant - security: - - Bearer: [] - summary: 'Details on the Remote Network Architecture - - ' - tags: - - Remote Architecture /v1/remote-networks-read: get: description: 'Get the remote networks IPSEC tunnel status by UUID. @@ -2293,249 +1623,6 @@ paths: ' tags: - Site Configuration Requests - /v1/sites: - delete: - description: 'Assists you in deleting a group of sites. - - ' - operationId: delete-v1-sites - parameters: - - $ref: '#/components/parameters/SubTenantName' - - description: sites prefix for bulk deletion - in: query - name: sites_prefix - required: true - schema: - type: string - - $ref: '#/components/parameters/SiteNames' - - $ref: '#/components/parameters/folder-optional' - - $ref: '#/components/parameters/uuid' - responses: - '202': - content: - application/json: - schema: - $ref: '#/components/schemas/UuidResponse' - description: successful operation - '400': - $ref: '#/components/responses/bad_request_errors_basic_with_body' - default: - $ref: '#/components/responses/default_errors' - security: - - Bearer: [] - summary: "Bulk delete \n" - tags: - - Sites - get: - description: 'Provides information on all created sites. - - ' - operationId: get-v1-sites - parameters: - - $ref: '#/components/parameters/uuid' - - $ref: '#/components/parameters/folder-optional' - - $ref: '#/components/parameters/name-optional' - - $ref: '#/components/parameters/limit-optional' - - $ref: '#/components/parameters/offset-optional' - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/SiteSet' - description: Get all the site details. - security: - - Bearer: [] - summary: "Get details on sites \n" - tags: - - Sites - post: - description: 'You can create sites in bulk. - - ' - operationId: post-v1-sites - parameters: - - $ref: '#/components/parameters/SubTenantName' - - $ref: '#/components/parameters/folder-optional' - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SiteSet' - description: The sites you want to create - responses: - '202': - content: - application/json: - schema: - $ref: '#/components/schemas/UuidResponse' - description: successful operation - '400': - $ref: '#/components/responses/bad_request_errors_basic_with_body' - default: - $ref: '#/components/responses/default_errors' - security: - - Bearer: [] - summary: 'Create sites at bulk - - ' - tags: - - Sites - put: - description: 'Assists you in modifying a site. - - ' - operationId: put-v1-sites - parameters: - - $ref: '#/components/parameters/SubTenantName' - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SiteSet' - description: The sites you want to modify - responses: - '202': - content: - application/json: - schema: - $ref: '#/components/schemas/UuidResponse' - description: successful operation - '400': - $ref: '#/components/responses/bad_request_errors_basic_with_body' - default: - $ref: '#/components/responses/default_errors' - security: - - Bearer: [] - summary: 'Modify Sites - - ' - tags: - - Sites - /v1/tenantInfo: - get: - description: "Provides details on the tenant. \n" - operationId: get-v1-tenantinfo - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/TenantInfo' - description: metadata for the given tenant - security: - - Bearer: [] - summary: 'Tenant Information - - ' - tags: - - Tenant Information - /v2/bandwidth-allocations: - delete: - description: 'Delete an aggregated bandwidth region. - - ' - operationId: delete-v2-bandwidth-allocations - parameters: - - $ref: '#/components/parameters/SubTenantName' - - $ref: '#/components/parameters/Region' - - $ref: '#/components/parameters/SpnName' - responses: - '202': - content: - application/json: - schema: - $ref: '#/components/schemas/UuidResponse' - description: successful operation - '400': - $ref: '#/components/responses/bad_request_errors_basic_with_body' - default: - $ref: '#/components/responses/default_errors' - security: - - Bearer: [] - summary: Delete an aggregated bandwidth region - tags: - - bandwidth allocations - get: - description: 'Status for the given ID. - - ' - operationId: get-v2-bandwidth-allocations - parameters: - - $ref: '#/components/parameters/uuid' - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/BandwidthAllocationSetV2' - description: status for the given id - security: - - Bearer: [] - summary: Status for the given ID - tags: - - bandwidth allocations - post: - description: 'Allows you to create an aggregated bandwidth regions based on - the location data. - - ' - operationId: post-v2-bandwidth-allocations - parameters: - - $ref: '#/components/parameters/SubTenantName' - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/BandwidthAllocationSetV2' - description: The aggregated bandwidth region you want to create - required: true - responses: - '202': - content: - application/json: - schema: - $ref: '#/components/schemas/UuidResponse' - description: successful operation - '400': - $ref: '#/components/responses/bad_request_errors_basic_with_body' - default: - $ref: '#/components/responses/default_errors' - security: - - Bearer: [] - summary: Create an aggregated bandwidth regions - tags: - - bandwidth allocations - put: - description: 'Modify aggregated bandwidth regions. - - ' - operationId: put-v2-bandwidth-allocations - parameters: - - $ref: '#/components/parameters/SubTenantName' - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/BandwidthAllocationSetV2' - description: The aggregated bandwidth region you want to create - required: true - responses: - '202': - content: - application/json: - schema: - $ref: '#/components/schemas/UuidResponse' - description: successful operation - '400': - $ref: '#/components/responses/bad_request_errors_basic_with_body' - default: - $ref: '#/components/responses/default_errors' - security: - - Bearer: [] - summary: Edit aggregated bandwidth regions - tags: - - bandwidth allocations servers: - url: https://api.sase.paloaltonetworks.com tags: @@ -2559,23 +1646,3 @@ tags: name: Remote Network Status - description: "Request for the site configuration. \n" name: Site Configuration Requests -- description: 'Read configuration details. - - ' - name: Configuration Read -- description: 'Sites - - ' - name: Sites -- description: "Nearest location. \n" - name: Nearest Location -- description: 'Location - - ' - name: Location -- description: 'Information about the Tenant. - - ' - name: Tenant Information -- description: "Remote Architechture \n" - name: Remote Architechture From 6a8f11e3f8c69ce2786945cc88af486b97525f16 Mon Sep 17 00:00:00 2001 From: sra Date: Mon, 19 Aug 2024 17:41:33 +0530 Subject: [PATCH 07/29] DOCS-5927 Completed the initial configuration and local server starts fine. --- docusaurus.config.js | 10 ++++ .../application-monitor.md | 55 +++++++++++++++++++ products/sase/sidebars.js | 6 ++ 3 files changed, 71 insertions(+) create mode 100644 products/sase/docs/application-monitor/application-monitor.md diff --git a/docusaurus.config.js b/docusaurus.config.js index b56c94847..15a09d578 100644 --- a/docusaurus.config.js +++ b/docusaurus.config.js @@ -427,6 +427,11 @@ const config = { label: "Aggregate Monitoring", icon: "api-doc", }, + { + to: "sase/api/application-monitor", + label: "Application Monitoring", + icon: "api-doc", + }, { to: "sase/api/mt-notifications", label: "Multitenant Notifications", @@ -686,6 +691,11 @@ const config = { outputDir: "products/sase/api/mt-monitor", sidebarOptions: { groupPathsBy: "tag", categoryLinkSource: "info" }, }, + applicationmonitor: { + specPath: "openapi-specs/sase/application-monitor", + outputDir: "products/sase/api/application-monitor", + sidebarOptions: { groupPathsBy: "tag", categoryLinkSource: "info" }, + }, mtnotifications: { specPath: "openapi-specs/sase/mt-notifications", outputDir: "products/sase/api/mt-notifications", diff --git a/products/sase/docs/application-monitor/application-monitor.md b/products/sase/docs/application-monitor/application-monitor.md new file mode 100644 index 000000000..b43b55a98 --- /dev/null +++ b/products/sase/docs/application-monitor/application-monitor.md @@ -0,0 +1,55 @@ +--- +id: application-monitor +title: Application Monitoring APIs +description: Application Monitoring APIs +slug: /sase/docs/application-monitor +keywords: + - sase +--- + +# Welcome to the Application Monitoring APIs + +Welcome to the Application Monitoring APIs. These APIs are available to customers that utilize Cloud +Management for service onboarding, configuration, and operations. + +After you [create a tenant service group](/sase/docs/tenant-service-groups), +[create a service account](/sase/docs/service-accounts), +and [obtain an access token](/sase/docs/access-tokens), +you can use the [Application Monitoring API Reference](/sase/api/mt-monitor) to discover how to +perform aggregated monitoring queries for the following resources: + +- [Data Resource API](/sase/api/mt-monitor/data-resource-api/): retrieve aggregated summaries and counts + across all your tenants of a Prisma Access instance for threats, alerts, risky applications, URLs, + and connectivity status. +- [Insights Resource API](/sase/api/mt-monitor/insights-resource-api/): retrieve an aggregated list of insights, such as all upgrade statuses across tenants. +- [License Resource API](/sase/api/mt-monitor/license-resource-api/): retrieve aggregated lists across + Prisma Access tenants for license quotas, setup status, and utilization. +- [Tenant Resources API](/sase/api/mt-monitor/tenant-resources-api/): list all Prisma Access tenants in + the hierarchy. + +The monitoring functionality exposed by these APIs can also be performed using the Prisma SASE Platform's +[Multitentant Portal user interface](https://docs.paloaltonetworks.com/sase/prisma-sase-multitenant-platform/monitor-tenants). + +## Authentication + +See the [Prisma SASE API Get Started](/sase/docs/getstarted) for information about base URLs, authentication, and obtaining access tokens. + +## API Requests + +Send all API requests to the base URL plus the path and parameter of +`/mt/monitor/v1/agg/?`. + +For example, using curl: + + curl -X POST "https://api.sase.paloaltonetworks.com/mt/monitor/v1/agg/alerts/list?agg_by=tenant" \ + -H 'accept: application/json' \ + -H "Authorization: Bearer " \ + -H "Content-Type: application/json" \ + -H "X-PANW-Region: de" \ + -d '{"properties":[{"property":"sub_tenant_id"},{"property":"total_count"}],"filter":{"operator":"AND","rules":[{"property":"domain","operator":"in","values":["External","external"]},{"property":"event_time","operator":"last_n_days","values":[7]}]}}' + +Depending on the query and the [query parameter](/sase/docs/parameters), there are also [query +filters and properties](/sase/docs/filters) that you need to use in the request body. + +This API requires the x-panw-region header. See [About x-panw-region](/sase/docs/api-call/#about-x-panw-region) for usage information. + diff --git a/products/sase/sidebars.js b/products/sase/sidebars.js index 2f063df57..fc7843536 100644 --- a/products/sase/sidebars.js +++ b/products/sase/sidebars.js @@ -92,6 +92,12 @@ module.exports = { "sase/docs/mt-monitor/filters", ], }, + { + type: "category", + label: "Application Monitoring", + collapsed: true, + items: ["sase/docs/application-monitor/application-monitor"], + }, { type: "category", label: "Autonomous DEM", From 012dfe134a023e22d5259de0707d06f35ee4f2cb Mon Sep 17 00:00:00 2001 From: sra Date: Wed, 21 Aug 2024 10:53:14 +0530 Subject: [PATCH 08/29] DOCS-5927 Local server works fine. Will start working on the developers guide --- .../application-monitor/msp_openapi (1).yaml | 3872 +++++++++++++++++ .../application monitor.md | 26 + products/sase/sidebars.js | 4 + 3 files changed, 3902 insertions(+) create mode 100644 openapi-specs/sase/application-monitor/msp_openapi (1).yaml create mode 100644 products/sase/api/application-monitor/application monitor.md diff --git a/openapi-specs/sase/application-monitor/msp_openapi (1).yaml b/openapi-specs/sase/application-monitor/msp_openapi (1).yaml new file mode 100644 index 000000000..a087637c3 --- /dev/null +++ b/openapi-specs/sase/application-monitor/msp_openapi (1).yaml @@ -0,0 +1,3872 @@ +openapi: 3.0.2 +info: + title: multi-tenant-service API + version: "1.0" +paths: + /mt/monitor/v1/agg/alerts/list: + post: + tags: + - Data Resource API + summary: Get Alerts Counts By Source + description: Get alerts counts by source across tenants + parameters: + - name: agg_by + description: The value should be 'tenant'(if you want aggregated results across all child tenants) or empty. + in: query + example: tenant + schema: + type: string + - name: X-PANW-Region + description: This will be one of the 9 supported regions(americas, europe, au,de, jp, ca, sg, uk, in) + example: americas + in: header + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RequestBody_Alert' + examples: + Alerts Count By Source: + value: + properties: + - property: total_count + - property: mu_count + - property: rn_count + - property: sc_count + filter: + operator: AND + rules: + - property: domain + operator: in + values: + - External + - external + - property: event_time + operator: last_n_days + values: + - 7 + responses: + "200": + description: Success + content: + application/json: + examples: + Alerts Count By Source: + value: + - total_count: 10 + rn_count: 10 + mu_count: 10 + sc_count: 10 + "400": + description: Bad Request + "500": + description: Server Error + /mt/monitor/v1/agg/applications/list: + post: + tags: + - Data Resource API + summary: Get Application List + description: Get Application List across tenants + parameters: + - name: agg_by + description: The value should be 'tenant'(if you want aggregated results across all child tenants) or empty. + in: query + example: tenant + schema: + type: string + - name: X-PANW-Region + description: This will be one of the 9 supported regions(americas, europe, au,de, jp, ca, sg, uk, in) + example: americas + in: header + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RequestBody_Application' + examples: + Applications List: + value: + properties: + - property: sub_tenant_id + - property: unique_total_apps + - property: risk_of_app_count + - property: blocked_app_count + filter: + operator: AND + rules: + - property: event_time + operator: last_n_days + values: + - 7 + responses: + "200": + description: Success + content: + application/json: + examples: + Applications List: + value: + - sub_tenant_id: "1234" + unique_total_apps: "2" + risk_of_app_count: "3" + blocked_app_count: 10 + + "400": + description: Bad Request + "500": + description: Server Error + /mt/monitor/v1/agg/applications/source: + post: + tags: + - Data Resource API + summary: Get App Counts by source + description: Get App Counts by source across tenants + parameters: + - name: agg_by + description: The value should be 'tenant'(if you want aggregated results across all child tenants) or empty. + in: query + example: tenant + schema: + type: string + - name: X-PANW-Region + description: This will be one of the 9 supported regions(americas, europe, au,de, jp, ca, sg, uk, in) + example: americas + in: header + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RequestBody_AppSrc' + examples: + Risky Application Count by Source per Tenant: + value: + properties: + - property: sub_tenant_id + - property: total_app_count + - property: total_app_remote_network + - property: total_app_mobile_users + - property: total_app_proxy_nodes + filter: + operator: AND + rules: + - property: event_time + operator: last_n_days + values: + - 7 + Risky Application Count by Source: + value: + properties: + - property: total_app_count + - property: total_app_remote_network + - property: total_app_mobile_users + - property: total_app_proxy_nodes + filter: + operator: AND + rules: + - property: event_time + operator: last_n_days + values: + - 7 + responses: + "200": + description: Success + content: + application/json: + examples: + Risky Application Count by Source per Tenant: + value: + - sub_tenant_id: + total_app_count: 10 + total_app_remote_network: 10 + total_app_mobile_users: 10 + total_app_proxy_nodes: 10 + Risky Application Count by Source: + value: + - total_app_count: 10 + total_app_remote_network: 10 + total_app_mobile_users: 10 + total_app_proxy_nodes: 10 + "400": + description: Bad Request + "500": + description: Server Error + /mt/monitor/v1/agg/applications/summary: + post: + tags: + - Data Resource API + summary: Get Risky App Counts + description: Get Risky App Counts across tenants + parameters: + - name: agg_by + description: The value should be 'tenant'(if you want aggregated results across all child tenants) or empty. + in: query + example: tenant + schema: + type: string + - name: X-PANW-Region + description: This will be one of the 9 supported regions(americas, europe, au,de, jp, ca, sg, uk, in) + example: americas + in: header + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RequestBody_AppSummary' + examples: + Total Risky Apps Per Tenant: + value: + properties: + - property: sub_tenant_id + - property: total_app_count + - property: risk_of_app_count + filter: + operator: AND + rules: + - property: event_time + operator: last_n_days + values: + - 7 + Total Risky Apps: + value: + properties: + - property: total_app_count + - property: risk_of_app_count + filter: + operator: AND + rules: + - property: event_time + operator: last_n_days + values: + - 7 + Blocked Risky Apps: + value: + properties: + - property: total_app_count + - property: risk_of_app_count + - property: blocked_app_count + filter: + operator: AND + rules: + - property: event_time + operator: last_n_days + values: + - 7 + Unblocked Risky Apps: + value: + properties: + - property: total_app_count + - property: risk_of_app_count + - property: unblocked_app_count + filter: + operator: AND + rules: + - property: event_time + operator: last_n_days + values: + - 7 + Top Tenants using Risky Applications: + value: + properties: + - property: sub_tenant_id + - property: risk_of_app_count + alias: value + sort: + order: desc + filter: + operator: AND + rules: + - property: event_time + operator: last_n_days + values: + - 30 + count: 4 + responses: + "200": + description: Success + content: + application/json: + examples: + Total Risky Apps Per Tenant: + value: + - sub_tenant_id: + total_app_count: 10 + risk_of_app_count: 10 + Total Risky Apps: + value: + - total_app_count: 10 + risk_of_app_count: 10 + Blocked Risky Apps: + value: + - total_app_count: 10 + risk_of_app_count: 10 + blocked_apps_count: 10 + Unblocked Risky Apps: + value: + - total_app_count: 10 + risk_of_app_count: 10 + unblocked_apps_count: 10 + Top Tenants using Risky Applications: + value: + - sub_tenant_id: + value: 6 + "400": + description: Bad Request + "500": + description: Server Error + /mt/monitor/v1/agg/custom/serviceConnectivity/status: + get: + tags: + - Service connectivity status API + summary: Get Service connectivity status + description: Get Service connectivity status + parameters: + - name: agg_by + description: The value should be 'tenant'(if you want aggregated results across all child tenants) or empty. + in: query + example: tenant + schema: + type: string + - name: nodeType + description: The value can be CDL,MU,SC,RN or a combination of them + example: CDL,MU,SC,RN + in: query + schema: + type: string + - name: status + description: Status of the site, it can be Up, Down, Warning or combination of three + example: Up, Down + in: query + schema: + type: string + - name: X-PANW-Region + description: This will be one of the 9 supported regions(americas, europe, au,de, jp, ca, sg, uk, in) + example: americas + in: header + schema: + type: string + responses: + "200": + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/ServiceConnectivityCount' + examples: + Service connectivity status: + value: + sub_tenant_id: + status: + mu_count: 5000 + rn_count: 2 + cdl_count: 3 + sc_count: 2 + "400": + description: Bad Request + "500": + description: Server Error + /mt/monitor/v1/agg/serviceConnectivity/cdlStatus: + post: + tags: + - Data Resource API + summary: Get CDL Connectivity Status + description: Get CDL Connectivity Status + parameters: + - name: agg_by + description: The value should be 'tenant'(if you want aggregated results across all child tenants) or empty. + in: query + example: tenant + schema: + type: string + - name: X-PANW-Region + description: This will be one of the 9 supported regions(americas, europe, au,de, jp, ca, sg, uk, in) + example: americas + in: header + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RequestBody_CDLStatus' + examples: + Cortex Data Lake Connections: + value: + properties: + - property: status + - property: location_count + filter: + rules: + - property: state + operator: in + values: + - Up + - Down + Cortex Data Lake Connections per Tenant: + value: + properties: + - property: status + - property: location_count + - property: sub_tenant_id + filter: + rules: + - property: state + operator: in + values: + - Up + - Down + responses: + "200": + description: Success + content: + application/json: + examples: + Cortex Data Lake Connections per Tenant: + value: + - sub_tenant_id: + location_count: 100 + status: + Cortex Data Lake Connections: + value: + - location_count: 100 + status: + "400": + description: Bad Request + "500": + description: Server Error + /mt/monitor/v1/agg/serviceConnectivity/gatewayStatus: + post: + tags: + - Data Resource API + summary: Get Mobile Gateway Connection Status + description: Get Mobile Gateway Connection Status + parameters: + - name: agg_by + description: The value should be 'tenant'(if you want aggregated results across all child tenants) or empty. + in: query + example: tenant + schema: + type: string + - name: X-PANW-Region + description: This will be one of the 9 supported regions(americas, europe, au,de, jp, ca, sg, uk, in) + example: americas + in: header + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RequestBody_GatewayStatus' + examples: + Gateway Locations: + value: + properties: + - property: status + - property: gateway_count + Gateway Locations per Tenant: + value: + properties: + - property: status + - property: gateway_count + - property: sub_tenant_id + responses: + "200": + description: Success + content: + application/json: + examples: + Gateway Locations: + value: + - gateway_count: 100 + status: + Gateway Locations per Tenant: + value: + - sub_tenant_id: + gateway_count: 100 + status: + "400": + description: Bad Request + "500": + description: Server Error + /mt/monitor/v1/agg/serviceConnectivity/licenseAllocated: + get: + tags: + - Data Resource API + summary: Total GP License allocated + description: Total GP License allocated(mobile_users - explicit_proxy) + parameters: + - name: X-PANW-Region + description: This will be one of the 9 supported regions(americas, europe, au,de, jp, ca, sg, uk, in) + example: americas + in: header + schema: + type: string + responses: + "200": + description: Success + content: + application/json: + examples: + Total GP License Allocated: + value: + - remote_networks: + unit: mbps + size: 10000 + mobile_users: + unit: user + size: 10000 + okyo: + unit: user + size: 0 + explicit_proxy: + size: 0 + unit: user + "400": + description: Bad Request + "500": + description: Server Error + /mt/monitor/v1/agg/serviceConnectivity/topOutliers: + post: + tags: + - Data Resource API + summary: Get top outliers(sites which consumes more bandwidth than allocated) + description: Get top outliers(sites which consumes more bandwidth than allocated) + parameters: + - name: agg_by + description: The value should be 'tenant'(if you want aggregated results across all child tenants) or empty. + in: query + example: tenant + schema: + type: string + - name: X-PANW-Region + description: This will be one of the 9 supported regions(americas, europe, au,de, jp, ca, sg, uk, in) + example: americas + in: header + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RequestBody_Outliers' + examples: + Top Outliers: + value: + properties: + - property: site_name + - property: bandwidth_consumed + - property: unit + filter: + rules: + - property: event_time + operator: last_n_days + values: + - 45 + - property: threshold + operator: gt + values: + - 80 + - property: node_type + operator: in + values: + - 48 + count: 5 + responses: + "200": + description: Success + content: + application/json: + examples: + Top Outliers: + value: + - site_name: + bandwidth_consumed: 10 + unit: "Kbps" + - site_name: + count: 9 + bandwidth_consumed: 100 + unit: "Kbps" + + "400": + description: Bad Request + "500": + description: Server Error + /mt/monitor/v1/agg/serviceConnectivity/uniqueUsers: + post: + tags: + - Data Resource API + summary: Get Unique GP users connected in last 90 days + description: Get Unique GP users connected in last 90 days + parameters: + - name: agg_by + description: The value should be 'tenant'(if you want aggregated results across all child tenants) or empty. + in: query + example: tenant + schema: + type: string + - name: X-PANW-Region + description: This will be one of the 9 supported regions(americas, europe, au,de, jp, ca, sg, uk, in) + example: americas + in: header + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RequestBody_UniqueUsers' + examples: + Unique Users GP: + value: + properties: + - property: user_count + responses: + "200": + description: Success + content: + application/json: + examples: + Unique Users GP: + value: + - user_count: 100 + "400": + description: Bad Request + "500": + description: Server Error + /mt/monitor/v1/agg/threats/list: + post: + tags: + - Data Resource API + summary: Get Threats List + description: Get Threats List across tenants + parameters: + - name: agg_by + description: The value should be 'tenant'(if you want aggregated results across all child tenants) or empty. + in: query + example: tenant + schema: + type: string + - name: X-PANW-Region + description: This will be one of the 9 supported regions(americas, europe, au,de, jp, ca, sg, uk, in) + example: americas + in: header + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RequestBody_Threat' + examples: + Threat List: + value: + properties: + - property: sub_tenant_id + - property: total_threats + - property: blocked_count + - property: unblocked_count + - property: malicious_count + - property: unknown_count + filter: + operator: AND + rules: + - property: severity + operator: in + values: + - Critical + - High + - Medium + responses: + "200": + description: Success + content: + application/json: + examples: + Threat List: + value: + - sub_tenant_id: + total_threats: 10 + blocked_count: 10 + unblocked_count: 10 + malicious_count: 10 + unknown_count: 10 + + "400": + description: Bad Request + "500": + description: Server Error + /mt/monitor/v1/agg/threats/source: + post: + tags: + - Data Resource API + summary: Get Threat Counts by source + description: Get Threat counts by source across tenants + parameters: + - name: agg_by + description: The value should be 'tenant'(if you want aggregated results across all child tenants) or empty. + in: query + example: tenant + schema: + type: string + - name: X-PANW-Region + description: This will be one of the 9 supported regions(americas, europe, au,de, jp, ca, sg, uk, in) + example: americas + in: header + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RequestBody_ThreatSrc' + examples: + Threat Count by Source per Tenant: + value: + properties: + - property: sub_tenant_id + - property: total_threats + - property: total_remote_network + - property: total_mobile_users + - property: total_proxy_nodes + filter: + operator: AND + rules: + - property: severity + operator: in + values: + - Critical + - High + - Medium + - property: event_time + operator: last_n_days + values: + - 7 + Threat Count by Source: + value: + properties: + - property: total_threats + - property: total_remote_network + - property: total_mobile_users + - property: total_proxy_nodes + filter: + operator: AND + rules: + - property: severity + operator: in + values: + - Critical + - High + - Medium + - property: event_time + operator: last_n_days + values: + - 7 + responses: + "200": + description: Success + content: + application/json: + examples: + Threat Count by Source per Tenant: + value: + - sub_tenant_id: + total_threats: 10 + total_remote_network: 10 + total_mobile_users: 10 + total_proxy_nodes: 10 + Threat Count by Source: + value: + - total_threats: 10 + total_remote_network: 10 + total_mobile_users: 10 + total_proxy_nodes: 10 + "400": + description: Bad Request + "500": + description: Server Error + /mt/monitor/v1/agg/threats/summary: + post: + tags: + - Data Resource API + summary: Get Threats Summary + description: Get Summary of Threats across tenants + parameters: + - name: agg_by + description: The value should be 'tenant'(if you want aggregated results across all child tenants) or empty. + in: query + example: tenant + schema: + type: string + - name: X-PANW-Region + description: This will be one of the 9 supported regions(americas, europe, au,de, jp, ca, sg, uk, in) + example: americas + in: header + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RequestBody_ThreatSummary' + examples: + Total Critical Threats: + value: + properties: + - property: total_threats + filter: + operator: AND + rules: + - property: event_time + operator: last_n_days + values: + - 7 + - property: severity + operator: in + values: + - Critical + - High + - Medium + Blocked Threats: + value: + properties: + - property: total_threats + - property: blocked_count + filter: + operator: AND + rules: + - property: severity + operator: in + values: + - Critical + - High + - Medium + - property: event_time + operator: last_n_days + values: + - 7 + Unblocked Threats: + value: + properties: + - property: total_threats + - property: unblocked_count + filter: + operator: AND + rules: + - property: severity + operator: in + values: + - Critical + - High + - Medium + - property: event_time + operator: last_n_days + values: + - 7 + Total Critical Threats Per Tenant: + value: + properties: + - property: sub_tenant_id + - property: total_threats + filter: + operator: AND + rules: + - property: event_time + operator: last_n_days + values: + - 7 + - property: severity + operator: in + values: + - Critical + - High + - Medium + Threat Summary: + value: + properties: + - property: sub_tenant_id + - property: total_threats + - property: blocked_count + - property: unblocked_count + - property: malicious_count + - property: unknown_count + - property: wildfire_verdict + filter: + operator: AND + rules: + - property: event_time + operator: last_n_days + values: + - 30 + - property: severity + operator: in + values: + - Critical + - High + - Medium + Top Tenants with Unblocked Threats: + value: + properties: + - property: sub_tenant_id + - property: total_threats + alias: total + - property: unblocked_count + alias: value + sort: + order: desc + filter: + operator: AND + rules: + - property: event_time + operator: last_n_days + values: + - 30 + - property: severity + operator: in + values: + - Critical + - High + - Medium + count: 2 + responses: + "200": + description: Success + content: + application/json: + examples: + Total Critical Threats: + value: + - total_threats: 10 + Blocked Threats: + value: + - total_threats: 10 + blocked_count: 10 + Unblocked Threats: + value: + - total_threats: 10 + unblocked_count: 10 + Total Critical Threats Per Tenant: + value: + - sub_tenant_id: + total_threats: 10 + Threat Summary: + value: + - blocked_count: 79760 + malicious_count: 16654 + sub_tenant_id: + total_threats: 99574 + unblocked_count: 19814 + unknown_count: 0 + wildfire_verdict: 0 + Top Tenants with Unblocked Threats: + value: + - sub_tenant_id: + total: 99574 + value: 19814 + "400": + description: Bad Request + "500": + description: Server Error + /mt/monitor/v1/agg/url/summary: + post: + tags: + - Data Resource API + summary: Get URL Count Summary + description: Get URL count summary across tenants + parameters: + - name: agg_by + description: The value should be 'tenant'(if you want aggregated results across all child tenants) or empty. + in: query + example: tenant + schema: + type: string + - name: X-PANW-Region + description: This will be one of the 9 supported regions(americas, europe, au,de, jp, ca, sg, uk, in) + example: americas + in: header + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RequestBody_UrlSummary' + examples: + Risky URL Count By Tenant: + value: + properties: + - property: sub_tenant_id + - property: total_uri + alias: count + sort: + order: desc + filter: + operator: AND + rules: + - property: event_time + operator: last_n_days + values: + - 7 + Blocked Risky URL Count By Tenant: + value: + properties: + - property: sub_tenant_id + - property: blocked_uri_count + alias: count + sort: + order: desc + filter: + operator: AND + rules: + - property: event_time + operator: last_n_days + values: + - 7 + Blocked Risky URL Count: + value: + properties: + - property: blocked_uri_count + alias: count + filter: + operator: AND + rules: + - property: event_time + operator: last_n_days + values: + - 7 + responses: + "200": + description: Success + content: + application/json: + examples: + Risky URL Count By Tenant: + value: + - sub_tenant_id: + count: 10 + Blocked Risky URL Count By Tenant: + value: + - sub_tenant_id: + count: 10 + Blocked Risky URL Count: + value: + count: 10 + "400": + description: Bad Request + "500": + description: Server Error + /mt/monitor/v1/agg/alerts: + post: + tags: + - Data Resource API + summary: Get Alerts Counts + description: Get alerts counts across tenants resource + parameters: + - name: agg_by + description: The value should be 'tenant'(if you want aggregated results across all child tenants) or empty. + in: query + example: tenant + schema: + type: string + - name: X-PANW-Region + description: This will be one of the 9 supported regions(americas, europe, au,de, jp, ca, sg, uk, in) + example: americas + in: header + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RequestBody_Resource' + examples: + Alerts Count By Tenant: + value: + properties: + - property: sub_tenant_id + - function: count + property: alert_id + alias: count + + filter: + operator: AND + rules: + - property: domain + operator: in + values: + - External + - external + - property: updated_time + operator: last_n_days + values: + - 7 + Alerts Distribution By Severity: + value: + properties: + - property: severity + - function: count + property: alert_id + alias: count + sort: + order: desc + filter: + operator: AND + rules: + - property: domain + operator: in + values: + - External + - external + - property: updated_time + operator: last_n_days + values: + - 7 + Alerts Trend: + value: + properties: + - function: count + property: alert_id + alias: count + sort: + order: desc + filter: + operator: AND + rules: + - property: domain + operator: in + values: + - External + - external + - property: updated_time + operator: last_n_days + values: + - 7 + histogram: + property: updated_time + range: day + enableEmptyInterval: false + value: "1" + responses: + "200": + description: Success + content: + application/json: + examples: + Alerts Count By Tenant: + value: + - sub_tenant_id: + count: 10 + Alerts Distribution By Severity: + value: + - severity: + count: 3 + Alerts Trend: + value: + - updated_time: 1657238400000 + count: 1 + - updated_time: 1657411200000 + count: 1 + "400": + description: Bad Request + "500": + description: Server Error + /mt/monitor/v1/agg/applications: + post: + tags: + - Data Resource API + summary: Get Applications Counts + description: Get applications counts across tenants + parameters: + - name: agg_by + description: The value should be 'tenant'(if you want aggregated results across all child tenants) or empty. + in: query + example: tenant + schema: + type: string + - name: X-PANW-Region + description: This will be one of the 9 supported regions(americas, europe, au,de, jp, ca, sg, uk, in) + example: americas + in: header + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RequestBody_Resource' + examples: + Top Users Accessing Risky Apps: + value: + properties: + - property: app_count + function: sum + alias: count + sort: + order: desc + - property: source_user_info_name + alias: user_name + - property: sub_tenant_id + filter: + operator: AND + rules: + - property: source_user_info_name + operator: not_equals + values: + - "" + - property: source_user_info_name + operator: is_not_null + - rule: app_risky + - property: event_time + operator: last_n_days + values: + - 30 + count: 4 + Top Applications By Connection: + value: + properties: + - property: session_id + function: count + alias: total_sessions + sort: + order: desc + - property: app_category + - property: sub_tenant_id + filter: + operator: AND + rules: + - property: app_category + operator: is_not_null + - property: app_category + operator: not_equals + values: + - "" + - property: event_time + operator: last_n_days + values: + - 30 + count: 5 + Security Rules and Risky Apps: + value: + properties: + - property: sub_tenant_id + - property: app_count + function: sum + alias: count + sort: + order: desc + - property: rule_matched + alias: rule_name + filter: + operator: AND + rules: + - rule: app_risky + - property: rule_matched + operator: not_equals + values: + - "" + - property: rule_matched + operator: is_not_null + - rule: unblocked + - property: event_time + operator: last_n_days + values: + - 30 + count: 4 + + responses: + "200": + description: Success + content: + application/json: + examples: + Top Users Accessing Risky Apps: + value: + - sub_tenant_id: + count: 12 + user_name: + Top Applications By Connection: + value: + - sub_tenant_id: + total_sessions: 100 + app_category: + Security Rules and Risky Apps: + value: + - sub_tenant_id: + count: 100 + rule_name: + "400": + description: Bad Request + "500": + description: Server Error + /mt/monitor/v1/agg/threats: + post: + tags: + - Data Resource API + summary: Get threats Counts + description: Get threats counts across tenants + parameters: + - name: agg_by + description: The value should be 'tenant'(if you want aggregated results across all child tenants) or empty. + in: query + example: tenant + schema: + type: string + - name: X-PANW-Region + description: This will be one of the 9 supported regions(americas, europe, au,de, jp, ca, sg, uk, in) + example: americas + in: header + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RequestBody_Resource' + examples: + Threats Distribution by Threat Type: + value: + properties: + - property: threat_sub_type + - property: threat_id + function: distinct_count + alias: unique_threat_count + - property: threat_count + function: sum + filter: + operator: AND + rules: + - property: event_time + operator: last_n_days + values: + - 7 + - property: severity + operator: in + values: + - Critical + - High + - Medium + - property: threat_sub_type + operator: is_not_null + - property: threat_sub_type + operator: not_equals + values: + - "" + Threats Trend: + value: + properties: + - property: threat_count + function: sum + alias: count + filter: + operator: AND + rules: + - property: event_time + operator: last_n_days + values: + - 7 + - property: severity + operator: in + values: + - Critical + - High + - Medium + histogram: + property: event_time + range: day + enableEmptyInterval: false + value: "1" + Security Rules and Unblocked Threats: + value: + properties: + - property: sub_tenant_id + - property: threat_id + function: count + alias: threat_count + sort: + order: desc + - property: rule_matched + alias: rule_name + filter: + operator: AND + rules: + - property: event_time + operator: last_n_days + values: + - 30 + - property: severity + operator: in + values: + - Critical + - High + - Medium + - property: rule_matched + operator: is_not_null + - property: rule_matched + operator: not_equals + values: + - "" + count: 4 + Top Users with Critical Threats: + value: + properties: + - property: threat_id + function: count + alias: unique_threat_count + - property: threat_count + function: sum + alias: total_threat_count + sort: + order: desc + - property: source_user + - property: source_user_info_name + filter: + operator: AND + rules: + - property: severity + operator: in + values: + - Critical + - property: event_time + operator: last_n_days + values: + - 30 + - property: source_user + operator: is_not_null + - property: source_user + operator: not_equals + values: + - "" + count: 4 + responses: + "200": + description: Success + content: + application/json: + examples: + Threats Distribution by Threat Type: + value: + - threat_sub_type: + threat_count: 10 + unique_threat_count: 5 + Threats Trend: + value: + - event_time: + count: 10 + Top Users with Critical Threats: + value: + - source_user: + source_user_info_name: + unique_threat_count: 3924 + total_threat_count: 3999 + "400": + description: Bad Request + "500": + description: Server Error + /mt/monitor/v1/agg/resource: + post: + tags: + - Data Resource API + summary: Get Network Inventory Count + description: Get network inventory across tenants + parameters: + - name: agg_by + description: The value should be 'tenant'(if you want aggregated results across all child tenants) or empty. + in: query + example: tenant + schema: + type: string + - name: X-PANW-Region + description: This will be one of the 9 supported regions(americas, europe, au,de, jp, ca, sg, uk, in) + example: americas + in: header + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RequestBody_Resource' + examples: + Network Inventory Count: + value: + properties: + - property: node_type + - property: node_type + alias: node_count + function: count + responses: + "200": + description: Success + content: + application/json: + examples: + Network Inventory Count: + value: + - node_type: 48 + node_count: 30 + - node_type: 49 + node_count: 10 + - node_type: 50 + node_count: 10 + - node_type: 51 + node_count: 4 + "400": + description: Bad Request + "500": + description: Server Error + /mt/monitor/v1/agg/urlLogs: + post: + tags: + - Data Resource API + summary: Get Top Tenants with Risky Urls + description: Get Top Tenants with Risky Urls + parameters: + - name: agg_by + description: The value should be 'tenant'(if you want aggregated results across all child tenants) or empty. + in: query + example: tenant + schema: + type: string + - name: X-PANW-Region + description: This will be one of the 9 supported regions(americas, europe, au,de, jp, ca, sg, uk, in) + example: americas + in: header + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RequestBody_Resource' + examples: + Top Tenants with Risky URLs: + value: + properties: + - property: sub_tenant_id + - property: uri_count + function: sum + alias: value + sort: + order: desc + filter: + operator: AND + rules: + - property: url_category_value + operator: in + values: + - high-risk + - malware + - property: event_time + operator: last_n_days + values: + - 7 + Security Rules and Unblocked Risky Urls: + value: + properties: + - property: sub_tenant_id + - property: uri_count + function: sum + sort: + order: desc + - property: rule_matched + alias: rule_name + filter: + operator: AND + rules: + - rule: url_high_risk + - rule: unblocked + - property: severity + operator: in + values: + - Critical + - High + - Medium + - property: event_time + operator: last_n_days + values: + - 30 + - property: rule_matched + operator: is_not_null + - property: rule_matched + operator: not_equals + values: + - "" + count: 4 + Top Users Accessing Unblocked Risky Urls: + value: + properties: + - property: sub_tenant_id + - property: uri_count + function: sum + sort: + order: desc + - property: source_user_info_name + alias: user_name + filter: + operator: AND + rules: + - rule: url_high_risk + - property: event_time + operator: last_n_days + values: + - 30 + - property: severity + operator: in + values: + - Critical + - High + - Medium + - property: source_user_info_name + operator: is_not_null + - property: source_user_info_name + operator: not_equals + values: + - "" + count: 4 + responses: + "200": + description: Success + content: + application/json: + examples: + Top Tenants with Risky URLs: + value: + - sub_tenant_id: + value: 340 + Security Rules and Unblocked Risky Urls: + value: + - rule_name: + sub_tenant_id: + uri_count: 300 + Top Users Accessing Unblocked Risky Urls: + value: + - sub_tenant_id: + uri_count: 596 + user_name: + "400": + description: Bad Request + "500": + description: Server Error + /mt/monitor/v1/agg/applicationUsage: + post: + tags: + - Data Resource API + summary: Get Application Usage by Application type + description: Get Application Usage by Application type + parameters: + - name: agg_by + description: The value should be 'tenant'(if you want aggregated results across all child tenants) or empty. + in: query + example: tenant + schema: + type: string + - name: X-PANW-Region + description: This will be one of the 9 supported regions(americas, europe, au,de, jp, ca, sg, uk, in) + example: americas + in: header + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RequestBody_Resource' + examples: + Risky Application Usage Trend: + value: + properties: + - property: total_bytes + function: sum + alias: total_bytes_usage + filter: + operator: AND + rules: + - property: event_time + operator: last_n_days + values: + - 7 + - rule: app_risky + histogram: + property: event_time + range: day + enableEmptyInterval: false + value: "1" + Top Apps by Data: + value: + properties: + - property: app + - property: app + function: distinct_count + alias: unique_count + - property: total_bytes + function: sum + alias: total_bytes_usage + filter: + operator: AND + rules: + - property: event_time + operator: last_n_days + values: + - 30 + - property: app + operator: is_not_null + - property: app + operator: not_equals + values: + - "" + Top Application Categories by Data Usage: + value: + properties: + - property: total_bytes + function: sum + alias: app_usage + sort: + order: desc + - property: app_sub_category + filter: + operator: AND + rules: + - property: app_sub_category + operator: is_not_null + - property: app_sub_category + operator: not_equals + values: + - "" + - property: event_time + operator: last_n_days + values: + - 30 + count: 5 + responses: + "200": + description: Success + content: + application/json: + examples: + Risky Application Usage Trend: + value: + - event_time: