Skip to main content

Update Runtime Container Policy

PUT 

/api/v31.02/policies/runtime/container

x-prisma-cloud-target-env: {"permission":"policyRuntimeContainer","saas":true,"self-hosted":true}
x-public: true

Updates the runtime policy for containers. All rules in the policy are updated in a single shot.

Prisma Cloud automatically builds allow-list security models for each container image in your environment. Use runtime container rules to augment the rules in those models. Manually defined rules augment learned models as follows:

Policy (allowed) = Manual rules (explicitly allowed) + Model (all learned behavior) - Manual rules (explicitly denied)

This endpoint maps to the Add rule button in Defend > Runtime > Container policy in the Console UI.

cURL Request

Refer to the following example cURL command that overwrites all rules in your current policy with a new policy that has a single rule:

$ curl 'https://<CONSOLE>/api/v<VERSION>/policies/runtime/container' \
-k \
-X PUT \
-u <USER> \
-H 'Content-Type: application/json' \
-d \
'{
"rules":[
{
"name":"my-rule",
"collections":[
{
"name":"All"
}
],
"processes":{
"effect":"alert"
},
"network":{
"effect":"alert"
},
"dns":{
"effect":"alert"
},
"filesystem":{
"effect":"alert"
}
}
]
}'

Note: No response will be returned upon successful execution.

Request

Responses

OK