Skip to main content

Policy Clone

Prisma Cloud Code Security supports policy-as-code capabilities using YAML-based policy definition files to enable attribute and connection checks (composite checks).

To use the API request, add your token to the header. API supports both YAML and JSON configuration of Prisma Cloud Code Security custom policy schema)

This API clones an existing Policy. Given a valid Policy Id, this API will create a new Policy based on the different fields from the original Policy, and will override any field given to it as input.

Path Parameters
  • policyId string required
Request Body required
  • benchmarks object
  • property name* object
  • Array [
  • string
  • ]
  • category CategoryType

    Possible values: [elasticsearch, general, iam, logging, monitoring, networking, public, secrets, serverless, storage, kubernetes, vulnerabilities, compute, vcs, buildIntegrity, licenses, alibabacloud]

  • code object
  • anyOf
  • definition object required
  • anyOf
  • attribute string required
  • cond_type string required

    Possible values: [attribute]

  • operator AttributeOperator required

    Possible values: [within, equals, not_equals, regex_match, not_regex_match, greater_than, greater_than_or_equal, less_than, less_than_or_equal, exists, not_exists, contains, not_contains, starting_with, not_starting_with, ending_with, not_ending_with, jsonpath_equals, jsonpath_not_equals, jsonpath_exists, jsonpath_not_exists, subset, not_subset]

  • resource_types object required
  • anyOf
  • Array [
  • string
  • ]
  • value object
  • anyOf
  • string
  • operator string required

    Possible values: [exists, not_exists]

  • resource_types object required
  • anyOf
  • Array [
  • string
  • ]
  • operator string required

    Possible values: [exists, not_exists]

  • resource_types object required
  • anyOf
  • Array [
  • string
  • ]
  • ]
  • not object
  • anyOf
  • Array [
  • anyOf
  • attribute string required
  • cond_type string required

    Possible values: [attribute]

  • operator AttributeOperator required

    Possible values: [within, equals, not_equals, regex_match, not_regex_match, greater_than, greater_than_or_equal, less_than, less_than_or_equal, exists, not_exists, contains, not_contains, starting_with, not_starting_with, ending_with, not_ending_with, jsonpath_equals, jsonpath_not_equals, jsonpath_exists, jsonpath_not_exists, subset, not_subset]

  • resource_types object required
  • anyOf
  • Array [
  • string
  • ]
  • value object
  • anyOf
  • string
  • operator string required

    Possible values: [exists, not_exists]

  • resource_types object required
  • anyOf
  • Array [
  • string
  • ]
  • ]
  • or object[]
  • Array [
  • anyOf
  • attribute string required
  • cond_type string required

    Possible values: [attribute]

  • operator AttributeOperator required

    Possible values: [within, equals, not_equals, regex_match, not_regex_match, greater_than, greater_than_or_equal, less_than, less_than_or_equal, exists, not_exists, contains, not_contains, starting_with, not_starting_with, ending_with, not_ending_with, jsonpath_equals, jsonpath_not_equals, jsonpath_exists, jsonpath_not_exists, subset, not_subset]

  • resource_types object required
  • anyOf
  • Array [
  • string
  • ]
  • value object
  • anyOf
  • string
  • operator string required

    Possible values: [exists, not_exists]

  • resource_types object required
  • anyOf
  • Array [
  • string
  • ]
  • ]
  • metadata object required
  • category CategoryType required

    Possible values: [elasticsearch, general, iam, logging, monitoring, networking, public, secrets, serverless, storage, kubernetes, vulnerabilities, compute, vcs, buildIntegrity, licenses, alibabacloud]

  • guidelines string required
  • name string required
  • severity SeverityType required

    Possible values: [critical, high, medium, low, info]

  • scope object required
  • provider ProviderType required

    Possible values: [aws, gcp, azure, kubernetes, oci, openstack, packages, git, linode, digitalocean, panos, licenses, alibabacloud]

  • conditions object
  • anyOf
  • attribute string required
  • cond_type string required

    Possible values: [attribute]

  • operator AttributeOperator required

    Possible values: [within, equals, not_equals, regex_match, not_regex_match, greater_than, greater_than_or_equal, less_than, less_than_or_equal, exists, not_exists, contains, not_contains, starting_with, not_starting_with, ending_with, not_ending_with, jsonpath_equals, jsonpath_not_equals, jsonpath_exists, jsonpath_not_exists, subset, not_subset]

  • resource_types object required
  • anyOf
  • Array [
  • string
  • ]
  • value object
  • anyOf
  • string
  • operator string required

    Possible values: [exists, not_exists]

  • resource_types object required
  • anyOf
  • Array [
  • string
  • ]
  • operator string required

    Possible values: [exists, not_exists]

  • resource_types object required
  • anyOf
  • Array [
  • string
  • ]
  • ]
  • not object
  • anyOf
  • Array [
  • anyOf
  • attribute string required
  • cond_type string required

    Possible values: [attribute]

  • operator AttributeOperator required

    Possible values: [within, equals, not_equals, regex_match, not_regex_match, greater_than, greater_than_or_equal, less_than, less_than_or_equal, exists, not_exists, contains, not_contains, starting_with, not_starting_with, ending_with, not_ending_with, jsonpath_equals, jsonpath_not_equals, jsonpath_exists, jsonpath_not_exists, subset, not_subset]

  • resource_types object required
  • anyOf
  • Array [
  • string
  • ]
  • value object
  • anyOf
  • string
  • operator string required

    Possible values: [exists, not_exists]

  • resource_types object required
  • anyOf
  • Array [
  • string
  • ]
  • ]
  • or object[]
  • Array [
  • anyOf
  • attribute string required
  • cond_type string required

    Possible values: [attribute]

  • operator AttributeOperator required

    Possible values: [within, equals, not_equals, regex_match, not_regex_match, greater_than, greater_than_or_equal, less_than, less_than_or_equal, exists, not_exists, contains, not_contains, starting_with, not_starting_with, ending_with, not_ending_with, jsonpath_equals, jsonpath_not_equals, jsonpath_exists, jsonpath_not_exists, subset, not_subset]

  • resource_types object required
  • anyOf
  • Array [
  • string
  • ]
  • value object
  • anyOf
  • string
  • operator string required

    Possible values: [exists, not_exists]

  • resource_types object required
  • anyOf
  • Array [
  • string
  • ]
  • ]
  • constructiveTitle string
  • descriptiveTitle string
  • frameworks FrameworkType[]

    Possible values: [Terraform, CloudFormation, Kubernetes, TerraformPlan, Helm, Kustomize, Serverless, ARM, Bicep, Git, AWS, GCP, Azure, DockerImage, Docker, Vulnerabilities, VCS, OpenAPI, GithubAction, SCA]

  • guidelines string
  • provider ProviderType

    Possible values: [aws, gcp, azure, kubernetes, oci, openstack, packages, git, linode, digitalocean, panos, licenses, alibabacloud]

  • severity SeverityType

    Possible values: [critical, high, medium, low, info]

  • title string
    • Responses

    Clone a policy

    Schema
    • anyOf
    • message string required
    Loading...