Skip to main content

Policy Clone

POST 
/code/api/v1/policies/clone/:policyId
deprecated

This endpoint has been deprecated and may be replaced or removed in future versions of the API.

Prisma Cloud Application Security supports policy-as-code capabilities using YAML-based policy definition files to enable attribute and connection checks (composite checks).

For information on defining YAML-based policies, see the Prisma Cloud documentation about the Code Editor and Custom Build Policy Examples. If you are upgraded to Darwin, see Code Editor and Custom Build Policy Examples.

To use the API request, add your token to the header. API supports both YAML and JSON configuration of Prisma Cloud Application Security custom policy schema.

This API clones an existing Policy.

Given a valid Policy Id, this API will create a new Policy based on the different fields from the original Policy, and will override any field given to it as input.

:::info Use the CSPM endpoint Update Policy in place of this endpoint. :::

Request

Path Parameters

    policyId stringrequired

Body

required
    benchmarks object
    object
    property name* string[]
  • Array [

    • string

  • ]
    • category CategoryType (string)

    Possible values: [elasticsearch, general, iam, logging, monitoring, networking, public, secrets, serverless, storage, kubernetes, vulnerabilities, compute, vcs, buildIntegrity, licenses, alibabacloud, drift]

    code object
    anyOf
    definition object required
    anyOf
    attribute stringrequired
    cond_type stringrequired

    Possible values: [attribute]

    operator object required
    anyOf

    string

    Possible values: [within, equals, not_equals, regex_match, not_regex_match, greater_than, greater_than_or_equal, less_than, less_than_or_equal, exists, not_exists, contains, not_contains, starting_with, not_starting_with, ending_with, not_ending_with, is_empty, is_not_empty, length_equals, length_not_equals, length_greater_than, length_greater_than_or_equal, length_less_than, length_less_than_or_equal, is_true, is_false, subset, not_subset, intersects, not_intersects, equals_ignore_case, not_equals_ignore_case, number_of_words_equals, number_of_words_not_equals, number_of_words_less_than, number_of_words_less_than_or_equal, number_of_words_greater_than, number_of_words_greater_than_or_equal]

    resource_types objectrequired
    object
    property name* ResourceType
    arguments string[]required
    provider stringrequired
    value object
    anyOf

    string

    metadata objectrequired
    category CategoryType (string)required

    Possible values: [elasticsearch, general, iam, logging, monitoring, networking, public, secrets, serverless, storage, kubernetes, vulnerabilities, compute, vcs, buildIntegrity, licenses, alibabacloud, drift]

    guidelines stringrequired
    name stringrequired
    severity SeverityType (string)required

    Possible values: [critical, high, medium, low, info]

    scope object
    provider ProviderType (string)required

    Possible values: [aws, gcp, azure, kubernetes, oci, openstack, packages, git, linode, digitalocean, panos, licenses, alibabacloud, circleci, github, gitlab, docker]

    conditions object
    anyOf
    attribute stringrequired
    cond_type stringrequired

    Possible values: [attribute]

    operator object required
    anyOf

    string

    Possible values: [within, equals, not_equals, regex_match, not_regex_match, greater_than, greater_than_or_equal, less_than, less_than_or_equal, exists, not_exists, contains, not_contains, starting_with, not_starting_with, ending_with, not_ending_with, is_empty, is_not_empty, length_equals, length_not_equals, length_greater_than, length_greater_than_or_equal, length_less_than, length_less_than_or_equal, is_true, is_false, subset, not_subset, intersects, not_intersects, equals_ignore_case, not_equals_ignore_case, number_of_words_equals, number_of_words_not_equals, number_of_words_less_than, number_of_words_less_than_or_equal, number_of_words_greater_than, number_of_words_greater_than_or_equal]

    resource_types objectrequired
    object
    property name* ResourceType
    arguments string[]required
    provider stringrequired
    value object
    anyOf

    string

    constructiveTitle string
    descriptiveTitle string
    frameworks FrameworkTypes (string)[]

    Possible values: [Terraform, CloudFormation, Kubernetes, TerraformPlan, Helm, Kustomize, Serverless, ARM, Bicep, Git, AWS, GCP, Azure, DockerImage, Docker, Vulnerabilities, VCS, OpenAPI, GithubAction, SCA]

    guidelines string
    provider ProviderType (string)

    Possible values: [aws, gcp, azure, kubernetes, oci, openstack, packages, git, linode, digitalocean, panos, licenses, alibabacloud, circleci, github, gitlab, docker]

    severity SeverityType (string)

    Possible values: [critical, high, medium, low, info]

    title string

Responses

Clone a policy

Schema
    anyOf
    message stringrequired
Loading...