openapi: 3.1.0 info: title: Palo Alto Networks Prisma Cloud Code Security API description: >- REST API for Prisma Cloud Code Security (Application Security) providing programmatic access to repository management, CI/CD integration scanning, scan execution and status, suppression rules for policy violations, code errors by branch, and fix suggestions for pull requests. The API enables integration with version control systems such as GitHub, GitLab, Bitbucket, and Azure Repos, and supports scanning Terraform, CloudFormation, Kubernetes manifests, Dockerfiles, and other IaC frameworks using the Checkov scanning engine. Authentication requires a JWT token obtained from the Prisma Cloud CSPM /login endpoint, passed via the x-redlock-auth header. version: '1.0' contact: name: Palo Alto Networks Developer Support url: https://pan.dev/ license: name: Proprietary url: https://www.paloaltonetworks.com/legal servers: - url: https://api.prismacloud.io/code/api/v1 description: Prisma Cloud Code Security API (US region 1). - url: https://api2.prismacloud.io/code/api/v1 description: Prisma Cloud Code Security API (US region 2). - url: https://api.eu.prismacloud.io/code/api/v1 description: Prisma Cloud Code Security API (EU). - url: https://api.anz.prismacloud.io/code/api/v1 description: Prisma Cloud Code Security API (ANZ). - url: https://api.sg.prismacloud.io/code/api/v1 description: Prisma Cloud Code Security API (Singapore). - url: https://api.ca.prismacloud.io/code/api/v1 description: Prisma Cloud Code Security API (Canada). security: - redlockAuth: [] tags: - name: Errors description: Code security errors and policy violations by branch. - name: Fixes description: Automated fix suggestions for pull requests. - name: Repositories description: VCS repository onboarding and management. - name: Scans description: CI/CD scan execution, integration listing, and scan status. - name: Suppressions description: Suppression rules for managing policy violations. paths: /repositories: get: operationId: listRepositories summary: Palo Alto Networks List Connected Repositories description: >- Returns a list of all repositories that have been connected to Prisma Cloud Code Security. Includes repository metadata such as the source VCS provider, default branch, last scan time, and counts of open security errors. tags: - Repositories parameters: - name: offset in: query description: Number of records to skip for pagination. schema: type: integer default: 0 example: 0 - name: limit in: query description: Maximum number of records to return. schema: type: integer default: 25 example: 25 - name: search in: query description: Search term to filter repositories by name or owner. schema: type: string example: example-search - name: sourceType in: query description: Filter by VCS provider type. schema: type: string enum: - Github - Gitlab - Bitbucket - AzureRepos - githubEnterprise - gitlabEnterprise - bitbucketEnterprise example: Github responses: '200': description: Repositories returned successfully. content: application/json: schema: type: object properties: totalCount: type: integer description: Total number of connected repositories. repositories: type: array items: $ref: '#/components/schemas/Repository' examples: ListRepositories200Example: summary: Default listRepositories 200 response x-microcks-default: true value: totalCount: 937 repositories: - id: example-id name: Production Agent 31 owner: example-owner fullName: Branch Sensor 57 sourceType: githubEnterprise defaultBranch: example-defaultBranch url: https://vpn.test-corp.net/02d758 isPublic: true lastScanDate: '2026-08-07T04:21:38Z' lastScanStatus: pending errorCounts: &id001 critical: 381 high: 403 medium: 984 low: 743 info: 996 createdAt: '2024-04-02T14:25:56Z' '401': $ref: '#/components/responses/Unauthorized' '403': $ref: '#/components/responses/Forbidden' '500': $ref: '#/components/responses/InternalServerError' x-microcks-operation: delay: 0 dispatcher: FALLBACK post: operationId: addRepository summary: Palo Alto Networks Add a Repository description: >- Connects a new VCS repository to Prisma Cloud Code Security for automated scanning. Triggers an initial scan of the default branch after onboarding. tags: - Repositories requestBody: required: true content: application/json: schema: type: object required: - id - sourceType - owner - name properties: id: type: string description: Repository identifier in the VCS provider. sourceType: type: string enum: - Github - Gitlab - Bitbucket - AzureRepos - githubEnterprise - gitlabEnterprise - bitbucketEnterprise description: VCS provider type. owner: type: string description: Repository owner or organization name. name: type: string description: Repository name. defaultBranch: type: string description: Default branch to scan. Defaults to the VCS default branch. examples: AddRepositoryRequestExample: summary: Default addRepository request x-microcks-default: true value: id: example-id sourceType: githubEnterprise owner: example-owner name: Branch Policy 04 defaultBranch: example-defaultBranch responses: '200': description: Repository added successfully. content: application/json: schema: $ref: '#/components/schemas/Repository' examples: AddRepository200Example: summary: Default addRepository 200 response x-microcks-default: true value: id: example-id name: Production Agent 31 owner: example-owner fullName: Branch Sensor 57 sourceType: githubEnterprise defaultBranch: example-defaultBranch url: https://vpn.test-corp.net/02d758 isPublic: true lastScanDate: '2026-08-07T04:21:38Z' lastScanStatus: pending errorCounts: *id001 createdAt: '2024-04-02T14:25:56Z' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '403': $ref: '#/components/responses/Forbidden' '500': $ref: '#/components/responses/InternalServerError' x-microcks-operation: delay: 0 dispatcher: FALLBACK delete: operationId: removeRepository summary: Palo Alto Networks Remove a Repository description: >- Disconnects a repository from Prisma Cloud Code Security. Scan history and error records are retained for audit purposes. tags: - Repositories requestBody: required: true content: application/json: schema: type: object required: - id properties: id: type: string description: Repository identifier to remove. sourceType: type: string description: VCS provider type. examples: RemoveRepositoryRequestExample: summary: Default removeRepository request x-microcks-default: true value: id: example-id sourceType: standard responses: '200': description: Repository removed successfully. '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '500': $ref: '#/components/responses/InternalServerError' x-microcks-operation: delay: 0 dispatcher: FALLBACK /scans/integrations: get: operationId: listScanIntegrations summary: Palo Alto Networks List CI/CD Scan Integrations description: >- Returns a list of configured CI/CD pipeline integrations for automated scanning. Integrations include Jenkins, GitHub Actions, CircleCI, GitLab CI, Azure Pipelines, and other supported CI platforms. tags: - Scans parameters: - name: offset in: query description: Number of records to skip for pagination. schema: type: integer default: 0 example: 0 - name: limit in: query description: Maximum number of records to return. schema: type: integer default: 25 example: 25 responses: '200': description: CI/CD integrations returned successfully. content: application/json: schema: type: object properties: totalCount: type: integer integrations: type: array items: $ref: '#/components/schemas/ScanIntegration' examples: ListScanIntegrations200Example: summary: Default listScanIntegrations 200 response x-microcks-default: true value: totalCount: 800 integrations: - id: example-id name: Corporate Agent 16 type: circleci repositoryId: '140485' enabled: true createdAt: '2024-02-04T09:08:54Z' - id: example-id name: Corporate Agent 16 type: circleci repositoryId: '140485' enabled: true createdAt: '2024-02-04T09:08:54Z' '401': $ref: '#/components/responses/Unauthorized' '403': $ref: '#/components/responses/Forbidden' '500': $ref: '#/components/responses/InternalServerError' x-microcks-operation: delay: 0 dispatcher: FALLBACK /scans: post: operationId: triggerScan summary: Palo Alto Networks Trigger a Scan description: >- Triggers an IaC and SCA scan for a specific repository branch. The scan analyzes all supported file types in the repository. Returns a scan identifier for polling status. tags: - Scans requestBody: required: true content: application/json: schema: type: object required: - repositoryId properties: repositoryId: type: string description: Unique identifier of the repository to scan. branch: type: string description: Branch to scan. Defaults to the repository default branch. scanTypes: type: array description: Types of scans to run. Defaults to all scan types. items: type: string enum: - iac - sca - secrets - cicd examples: TriggerScanRequestExample: summary: Default triggerScan request x-microcks-default: true value: repositoryId: '181356' branch: example-branch scanTypes: - iac - sca responses: '200': description: Scan triggered successfully. content: application/json: schema: $ref: '#/components/schemas/ScanStatus' examples: TriggerScan200Example: summary: Default triggerScan 200 response x-microcks-default: true value: scan_id: '905307' repositoryId: '225862' branch: example-branch status: failed startTime: '2025-06-09T14:49:57Z' endTime: '2026-10-02T12:40:08Z' scanTypes: &id002 - sca - iac summary: &id003 filesScanned: 87 resourcesScanned: 381 errorsBySeverity: critical: 274 high: 812 medium: 73 low: 85 info: 478 '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '500': $ref: '#/components/responses/InternalServerError' x-microcks-operation: delay: 0 dispatcher: FALLBACK /scans/{scan_id}: get: operationId: getScanStatus summary: Palo Alto Networks Get Scan Status description: >- Returns the current status and summary results of a specific scan. Poll this endpoint to determine when a triggered scan has completed. tags: - Scans parameters: - name: scan_id in: path required: true description: Unique scan identifier. schema: type: string example: '170028' responses: '200': description: Scan status returned successfully. content: application/json: schema: $ref: '#/components/schemas/ScanStatus' examples: GetScanStatus200Example: summary: Default getScanStatus 200 response x-microcks-default: true value: scan_id: '905307' repositoryId: '225862' branch: example-branch status: failed startTime: '2025-06-09T14:49:57Z' endTime: '2026-10-02T12:40:08Z' scanTypes: *id002 summary: *id003 '401': $ref: '#/components/responses/Unauthorized' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '500': $ref: '#/components/responses/InternalServerError' x-microcks-operation: delay: 0 dispatcher: FALLBACK /suppressions: get: operationId: listSuppressions summary: Palo Alto Networks List Suppressions description: >- Returns a list of suppression rules for policy violations. Suppressions can be scoped to a specific resource, file, repository, or applied globally for a policy. tags: - Suppressions parameters: - name: offset in: query description: Number of records to skip for pagination. schema: type: integer default: 0 example: 0 - name: limit in: query description: Maximum number of records to return. schema: type: integer default: 25 example: 25 - name: policyId in: query description: Filter suppressions by Checkov policy ID. schema: type: string example: '981710' - name: suppressionType in: query description: Filter by suppression scope. schema: type: string enum: - Policy - Resources - Accounts - Tags example: Policy responses: '200': description: Suppressions returned successfully. content: application/json: schema: type: object properties: totalCount: type: integer description: Total number of suppression rules. suppressions: type: array items: $ref: '#/components/schemas/Suppression' examples: ListSuppressions200Example: summary: Default listSuppressions 200 response x-microcks-default: true value: totalCount: 663 suppressions: - suppressionId: '518567' policyId: '162253' policyName: Branch Policy 92 suppressionType: Resources justification: example-justification createdBy: example-createdBy createdAt: '2026-05-28T01:52:46Z' expirationDate: '2025-01-22T20:00:21Z' suppressedErrorCount: 194 - suppressionId: '518567' policyId: '162253' policyName: Branch Policy 92 suppressionType: Resources justification: example-justification createdBy: example-createdBy createdAt: '2026-05-28T01:52:46Z' expirationDate: '2025-01-22T20:00:21Z' suppressedErrorCount: 194 '401': $ref: '#/components/responses/Unauthorized' '403': $ref: '#/components/responses/Forbidden' '500': $ref: '#/components/responses/InternalServerError' x-microcks-operation: delay: 0 dispatcher: FALLBACK post: operationId: createSuppression summary: Palo Alto Networks Create a Suppression description: >- Creates a suppression rule to suppress specific code security policy violations. Use suppressions to manage accepted risks, false positives, or findings addressed through compensating controls. tags: - Suppressions requestBody: required: true content: application/json: schema: type: object required: - policyId - suppressionType properties: policyId: type: string description: Checkov policy ID to suppress (e.g., CKV_AWS_18). suppressionType: type: string enum: - Policy - Resources - Accounts - Tags description: Scope of the suppression rule. justification: type: string description: Reason for creating the suppression. expirationDate: type: string format: date-time description: Optional expiration date for the suppression. resources: type: array items: type: object properties: repositoryId: type: string filePath: type: string resourceId: type: string description: Specific resources to suppress. Required when suppressionType is Resources. examples: CreateSuppressionRequestExample: summary: Default createSuppression request x-microcks-default: true value: policyId: '694864' suppressionType: Resources justification: example-justification expirationDate: '2024-03-12T16:44:56Z' resources: - repositoryId: '321691' filePath: /api/v1/c851d2 resourceId: '717744' responses: '200': description: Suppression created successfully. content: application/json: schema: $ref: '#/components/schemas/Suppression' examples: CreateSuppression200Example: summary: Default createSuppression 200 response x-microcks-default: true value: suppressionId: '518567' policyId: '162253' policyName: Branch Policy 92 suppressionType: Resources justification: example-justification createdBy: example-createdBy createdAt: '2026-05-28T01:52:46Z' expirationDate: '2025-01-22T20:00:21Z' suppressedErrorCount: 194 '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '403': $ref: '#/components/responses/Forbidden' '500': $ref: '#/components/responses/InternalServerError' x-microcks-operation: delay: 0 dispatcher: FALLBACK /suppressions/{suppression_id}: delete: operationId: deleteSuppression summary: Palo Alto Networks Delete a Suppression description: Deletes a specific suppression rule. The suppressed policy violations will resume being reported. tags: - Suppressions parameters: - name: suppression_id in: path required: true description: Unique suppression identifier. schema: type: string example: '985961' responses: '200': description: Suppression deleted successfully. '401': $ref: '#/components/responses/Unauthorized' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '500': $ref: '#/components/responses/InternalServerError' x-microcks-operation: delay: 0 dispatcher: FALLBACK /errors/branch: get: operationId: getErrorsByBranch summary: Palo Alto Networks Get Errors by Branch description: >- Returns code security errors (policy violations, misconfigurations, and vulnerabilities) for a specific repository branch. Each error includes the Checkov policy ID, severity, resource name, and the file location where the issue was detected. tags: - Errors parameters: - name: repositoryId in: query required: true description: Repository identifier to retrieve errors for. schema: type: string example: '319189' - name: branch in: query description: Branch name to retrieve errors for. Defaults to the default branch. schema: type: string example: example-branch - name: severity in: query description: Filter errors by severity level. schema: type: string enum: - CRITICAL - HIGH - MEDIUM - LOW - INFO example: CRITICAL - name: errorType in: query description: Filter by error category. schema: type: string enum: - iac - sca - secrets - cicd example: sca - name: status in: query description: Filter by error status. schema: type: string enum: - OPEN - SUPPRESSED - FIXED example: SUPPRESSED - name: offset in: query description: Number of records to skip for pagination. schema: type: integer default: 0 example: 0 - name: limit in: query description: Maximum number of records to return. schema: type: integer default: 25 example: 25 responses: '200': description: Code errors returned successfully. content: application/json: schema: type: object properties: totalCount: type: integer description: Total number of errors matching the filter criteria. errors: type: array items: $ref: '#/components/schemas/CodeError' examples: GetErrorsByBranch200Example: summary: Default getErrorsByBranch 200 response x-microcks-default: true value: totalCount: 352 errors: - errorId: '770500' policyId: '731580' policyName: Staging Firewall 29 severity: HIGH category: CICD status: OPEN resourceName: Corporate Agent 51 resourceType: custom filePath: /api/v1/4ec64a fileLineRange: &id004 - 280 - 370 repositoryId: '404787' branch: example-branch guideline: example-guideline firstDetected: '2026-10-23T03:12:18Z' lastDetected: '2024-04-11T14:31:52Z' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '403': $ref: '#/components/responses/Forbidden' '500': $ref: '#/components/responses/InternalServerError' x-microcks-operation: delay: 0 dispatcher: FALLBACK /fixes/pull_request: get: operationId: getFixSuggestionsForPR summary: Palo Alto Networks Get Fix Suggestions for Pull Requests description: >- Returns automated fix suggestions for misconfigurations detected in a pull request or branch. Each fix includes the original code snippet, the suggested replacement, and the policy that triggered the finding. Fix suggestions are available for IaC files including Terraform, CloudFormation, and Kubernetes manifests. tags: - Fixes parameters: - name: repositoryId in: query required: true description: Repository identifier to retrieve fix suggestions for. schema: type: string example: '432434' - name: branch in: query description: Branch or pull request branch to retrieve fix suggestions for. schema: type: string example: example-branch - name: filePath in: query description: Filter fix suggestions by specific file path. schema: type: string example: /api/v1/81ae7f - name: offset in: query description: Number of records to skip for pagination. schema: type: integer default: 0 example: 0 - name: limit in: query description: Maximum number of records to return. schema: type: integer default: 25 example: 25 responses: '200': description: Fix suggestions returned successfully. content: application/json: schema: type: object properties: totalCount: type: integer description: Total number of available fix suggestions. fixes: type: array items: $ref: '#/components/schemas/Fix' examples: GetFixSuggestionsForPr200Example: summary: Default getFixSuggestionsForPR 200 response x-microcks-default: true value: totalCount: 786 fixes: - fixId: '465958' policyId: '290769' policyName: Primary Policy 52 severity: INFO resourceName: Staging Sensor 42 filePath: /api/v1/69ba75 lineRange: &id005 - 799 - 127 originalCode: example-originalCode suggestedCode: example-suggestedCode framework: ARM repositoryId: '212627' branch: example-branch '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '403': $ref: '#/components/responses/Forbidden' '500': $ref: '#/components/responses/InternalServerError' x-microcks-operation: delay: 0 dispatcher: FALLBACK components: securitySchemes: redlockAuth: type: apiKey in: header name: x-redlock-auth description: >- JWT token obtained from the Prisma Cloud /login endpoint. Pass the token value in the x-redlock-auth header. Tokens are valid for 10 minutes. responses: BadRequest: description: Invalid request parameters or body. content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' Unauthorized: description: Invalid or expired authentication token. content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' Forbidden: description: Insufficient permissions for this operation. content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' NotFound: description: The requested resource was not found. content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' InternalServerError: description: Internal server error. content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' schemas: Repository: type: object properties: id: type: string description: Unique repository identifier in Prisma Cloud. example: example-id name: type: string description: Repository name. example: Production Agent 31 owner: type: string description: Repository owner or organization name. example: example-owner fullName: type: string description: Full repository name in owner/repo format. example: Branch Sensor 57 sourceType: type: string enum: - Github - Gitlab - Bitbucket - AzureRepos - githubEnterprise - gitlabEnterprise - bitbucketEnterprise description: VCS provider type. example: githubEnterprise defaultBranch: type: string description: Default branch of the repository. example: example-defaultBranch url: type: string description: URL to the repository in the VCS provider. example: https://vpn.test-corp.net/02d758 isPublic: type: boolean description: Whether the repository is publicly accessible. example: true lastScanDate: type: string format: date-time description: Timestamp of the most recent scan. example: '2026-08-07T04:21:38Z' lastScanStatus: type: string enum: - completed - running - failed - pending description: Status of the most recent scan. example: pending errorCounts: type: object description: Count of open errors by severity. properties: critical: type: integer example: 956 high: type: integer example: 723 medium: type: integer example: 176 low: type: integer example: 486 info: type: integer example: 135 example: *id001 createdAt: type: string format: date-time description: Timestamp when the repository was connected. example: '2024-04-02T14:25:56Z' ScanIntegration: type: object properties: id: type: string description: Unique integration identifier. example: example-id name: type: string description: Integration name. example: Corporate Agent 16 type: type: string description: CI/CD platform type. enum: - jenkins - github_actions - gitlab_ci - circleci - azure_pipelines - bitbucket_pipelines - other example: circleci repositoryId: type: string description: Repository this integration is associated with. example: '140485' enabled: type: boolean description: Whether the integration is active. example: true createdAt: type: string format: date-time example: '2024-02-04T09:08:54Z' ScanStatus: type: object properties: scan_id: type: string description: Unique scan identifier. example: '905307' repositoryId: type: string description: Repository that was scanned. example: '225862' branch: type: string description: Branch that was scanned. example: example-branch status: type: string enum: - queued - running - completed - failed description: Current scan status. example: failed startTime: type: string format: date-time description: Scan start timestamp. example: '2025-06-09T14:49:57Z' endTime: type: string format: date-time description: Scan completion timestamp. example: '2026-10-02T12:40:08Z' scanTypes: type: array items: type: string enum: - iac - sca - secrets - cicd description: Types of scans included in this run. example: *id002 summary: type: object description: High-level scan result summary. Available after completion. properties: filesScanned: type: integer example: 387 resourcesScanned: type: integer example: 861 errorsBySeverity: type: object properties: critical: type: integer example: 932 high: type: integer example: 868 medium: type: integer example: 675 low: type: integer example: 245 info: type: integer example: 509 example: critical: 138 high: 977 medium: 550 low: 371 info: 383 example: *id003 Suppression: type: object properties: suppressionId: type: string description: Unique suppression rule identifier. example: '518567' policyId: type: string description: Checkov policy ID being suppressed. example: '162253' policyName: type: string description: Human-readable policy name. example: Branch Policy 92 suppressionType: type: string enum: - Policy - Resources - Accounts - Tags description: Scope of the suppression. example: Resources justification: type: string description: Reason provided for the suppression. example: example-justification createdBy: type: string description: Email address of the user who created the suppression. example: example-createdBy createdAt: type: string format: date-time description: Timestamp when the suppression was created. example: '2026-05-28T01:52:46Z' expirationDate: type: string format: date-time description: Expiration date. Null if the suppression does not expire. example: '2025-01-22T20:00:21Z' suppressedErrorCount: type: integer description: Number of errors currently suppressed by this rule. example: 194 CodeError: type: object properties: errorId: type: string description: Unique error identifier. example: '770500' policyId: type: string description: Checkov policy ID that triggered the error (e.g., CKV_AWS_18). example: '731580' policyName: type: string description: Human-readable name of the violated policy. example: Staging Firewall 29 severity: type: string enum: - CRITICAL - HIGH - MEDIUM - LOW - INFO description: Error severity level. example: HIGH category: type: string enum: - IAC - SCA - SECRETS - CICD description: Error category based on the type of scan that detected it. example: CICD status: type: string enum: - OPEN - SUPPRESSED - FIXED description: Current status of the error. example: OPEN resourceName: type: string description: Name of the IaC resource where the error was detected. example: Corporate Agent 51 resourceType: type: string description: Type of the IaC resource. example: custom filePath: type: string description: Relative path to the file containing the error. example: /api/v1/4ec64a fileLineRange: type: array items: type: integer minItems: 2 maxItems: 2 description: Start and end line numbers of the affected code block. example: *id004 repositoryId: type: string description: Repository where the error was found. example: '404787' branch: type: string description: Branch where the error was detected. example: example-branch guideline: type: string description: URL to documentation explaining the policy and remediation steps. example: example-guideline firstDetected: type: string format: date-time description: Timestamp when the error was first detected. example: '2026-10-23T03:12:18Z' lastDetected: type: string format: date-time description: Timestamp of the most recent scan where the error was found. example: '2024-04-11T14:31:52Z' Fix: type: object properties: fixId: type: string description: Unique fix suggestion identifier. example: '465958' policyId: type: string description: Checkov policy ID associated with the fix. example: '290769' policyName: type: string description: Human-readable policy name. example: Primary Policy 52 severity: type: string enum: - CRITICAL - HIGH - MEDIUM - LOW - INFO description: Severity of the original finding. example: INFO resourceName: type: string description: IaC resource name where the fix applies. example: Staging Sensor 42 filePath: type: string description: Relative path to the file requiring the fix. example: /api/v1/69ba75 lineRange: type: array items: type: integer minItems: 2 maxItems: 2 description: Start and end line numbers of the code to be replaced. example: *id005 originalCode: type: string description: Original code snippet that contains the misconfiguration. example: example-originalCode suggestedCode: type: string description: Suggested replacement code that resolves the misconfiguration. example: example-suggestedCode framework: type: string enum: - Terraform - CloudFormation - Kubernetes - Helm - Dockerfile - ARM - Bicep description: IaC framework of the affected file. example: ARM repositoryId: type: string description: Repository where the fix applies. example: '212627' branch: type: string description: Branch where the fix applies. example: example-branch ErrorResponse: type: object properties: status: type: integer description: HTTP status code. example: 602 message: type: string description: Human-readable error message. example: Traffic activity investigation malware violation policy Security monitoring. error: type: string description: Error code. example: example-error