Merge pull request #772 from PaloAltoNetworks/techpub-smita-cspm-changes

RLP_151624 changes
PaloAltoNetworks · Nov 24, 2024 · 7e49fb8 · 7e49fb8
2 parents c67a66e + 0fb6003
commit 7e49fb8
Showing 1 changed file with 72 additions and 0 deletions.
diff --git a/products/prisma-cloud/api/cspm/api-integration-config.md b/products/prisma-cloud/api/cspm/api-integration-config.md
@@ -10,6 +10,78 @@ The request body for some of the endpoints includes an `integrationConfig` param
 
 Note that most external systems require some configuration before you can use the Prisma Cloud API endpoints to add an integration to that system. For more details, see [Prisma Cloud Integrations](https://docs.prismacloud.io/en/classic/cspm-admin-guide/configure-external-integrations-on-prisma-cloud/prisma-cloud-integrations). If you are upgraded to the Darwin release, see [Prisma Cloud Integrations](https://docs.prismacloud.io/en/enterprise-edition/content-collections/administration/configure-external-integrations-on-prisma-cloud/prisma-cloud-integrations).
 
+
+### AWS Security Hub
+
+Prisma Cloud integrates with AWS Security Hub for centralized visibility into security and compliance risks associated with your cloud assets on the AWS Security Hub console.
+
+As a part of the integration, Prisma Cloud monitors your AWS cloud assets. It sends alerts about resource misconfigurations, compliance violations, network security risks, and anomalous user activities directly to the AWS Security Hub console providing a centralized and comprehensive view of the cloud assets deployed on your AWS accounts.
+
+
+Note: Prisma Cloud integration with AWS Security Hub is not supported for `US Gov Cloud` regions.
+
+
+#### Add, Update, or Test an AWS Security Hub Integration
+
+
+To add an AWS Security Hub integration, make your request as described in
+[Add Integration](/prisma-cloud/api/cspm/create-integration-v-1). As part of the request body, the `integrationType` parameter is `aws_security_hub`, and the `integrationConfig` parameter contains the following key/value pairs.
+
+
+| Key            | Value Description                                                                                                 | Value Type | Default Value or Required |
+| -------------- | ----------------------------------------------------------------------------------------------------------------- | ---------- | ------------------------- |
+| region         | List of Regions where Prisma Cloud on AWS Security Hub is enabled for your cloud account | List of Objects<br/>{<br/>String name; (Required)<br/>String apiIdentifier; (Required)<br/>String cloudType;<br/>String sdkId;<br/>Boolean enabled;<br/>}    | Required               |
+| defaultRegion        | The region where you will receive alert notifications for global resources |  Object<br/>{<br/>String name (Required);<br/>String apiIdentifier (Required);<br/>String cloudType;<br/>String sdkId;<br/>Boolean enabled;<br/>}    | Required if the user wants to receive global alerts               |
+| accountId     | The Account ID of the AWS account that you have onboarded on Prisma Cloud | string     | Required                |
+
+
+To update an AWS Security Hub integration, make your request as described in
+[Update Integration](/prisma-cloud/api/cspm/update-integration-v-1). Parameter `integrationConfig` is mutable.
+
+
+To test an AWS Security Hub, make your request as described in
+[Test Integration](/prisma-cloud/api/cspm/test-integration).
+
+
+##### Example Request Body to Add an Amazon Security Hub Integration
+
+
+```json
+{
+   "description": "string",
+   "enabled": true,
+   "integrationConfig": {
+       "regions": [
+           {
+               "name": "AWS Virginia",
+               "apiIdentifier": "us-east-1",
+               "cloudType": "aws",
+               "sdkId": "",
+               "enabled": true
+           },
+           {
+               "name": "string",
+               "apiIdentifier": "string",
+               "cloudType": "aws",
+               "sdkId": "string",
+               "enabled": true
+           }
+       ],
+       "defaultRegion": {
+           "name": "string",
+           "apiIdentifier": "string",
+           "cloudType": "aws",
+           "sdkId": "string",
+           "enabled": true
+       },
+       "accountId": "string"
+   },
+   "integrationType": "aws_security_hub",
+   "name": "string",
+   "id": "string"
+}
+```
+
 ### Amazon Security Lake
 
 Prisma Cloud integrates with Amazon Security Lake to ingest Prisma Cloud Open Cybersecurity Schema Framework (OCSF) compliant vulnerability security data into Amazon Security Lake.