Skip to main content

Policy Preview

Prisma Cloud Code Security supports policy-as-code capabilities using YAML-based policy definition files to enable attribute and connection checks (composite checks).

To use the API request, add your token to the header. API supports both YAML and JSON configuration of Prisma Cloud Code Security custom policy schema)

This API gets up to 30 results (by default) of non-compliant resources for a specific policy. The input is the policy to test and the output is an array of resources results. Use the first example to configure the API to test a policy, and use the second example as a reference of the expected output.

Request Body required
  • policy object required
  • policy_preview object required
  • query object required
  • anyOf
  • attribute string required
  • cond_type string required

    Possible values: [attribute]

  • operator AttributeOperator required

    Possible values: [within, equals, not_equals, regex_match, not_regex_match, greater_than, greater_than_or_equal, less_than, less_than_or_equal, exists, not_exists, contains, not_contains, starting_with, not_starting_with, ending_with, not_ending_with, jsonpath_equals, jsonpath_not_equals, jsonpath_exists, jsonpath_not_exists, subset, not_subset]

  • resource_types object required
  • anyOf
  • Array [
  • string
  • ]
  • value object
  • anyOf
  • string
  • operator string required

    Possible values: [exists, not_exists]

  • resource_types object required
  • anyOf
  • Array [
  • string
  • ]
  • operator string required

    Possible values: [exists, not_exists]

  • resource_types object required
  • anyOf
  • Array [
  • string
  • ]
  • ]
  • not object
  • anyOf
  • Array [
  • anyOf
  • attribute string required
  • cond_type string required

    Possible values: [attribute]

  • operator AttributeOperator required

    Possible values: [within, equals, not_equals, regex_match, not_regex_match, greater_than, greater_than_or_equal, less_than, less_than_or_equal, exists, not_exists, contains, not_contains, starting_with, not_starting_with, ending_with, not_ending_with, jsonpath_equals, jsonpath_not_equals, jsonpath_exists, jsonpath_not_exists, subset, not_subset]

  • resource_types object required
  • anyOf
  • Array [
  • string
  • ]
  • value object
  • anyOf
  • string
  • operator string required

    Possible values: [exists, not_exists]

  • resource_types object required
  • anyOf
  • Array [
  • string
  • ]
  • ]
  • or object[]
  • Array [
  • anyOf
  • attribute string required
  • cond_type string required

    Possible values: [attribute]

  • operator AttributeOperator required

    Possible values: [within, equals, not_equals, regex_match, not_regex_match, greater_than, greater_than_or_equal, less_than, less_than_or_equal, exists, not_exists, contains, not_contains, starting_with, not_starting_with, ending_with, not_ending_with, jsonpath_equals, jsonpath_not_equals, jsonpath_exists, jsonpath_not_exists, subset, not_subset]

  • resource_types object required
  • anyOf
  • Array [
  • string
  • ]
  • value object
  • anyOf
  • string
  • operator string required

    Possible values: [exists, not_exists]

  • resource_types object required
  • anyOf
  • Array [
  • string
  • ]
  • ]
  • ]
  • ]
  • ]
  • resource_types object
  • anyOf
  • string
  • scope object
  • provider ProviderType required

    Possible values: [aws, gcp, azure, kubernetes, oci, openstack, packages, git, linode, digitalocean, panos, licenses, alibabacloud]

  • resultsNumber double
  • token string
    • Responses

    Got policy preview

    Schema
    • anyOf
    • data object[] required
    • Array [
    • arn string required
    • awsAccountId string required
    • code string required
    • createdBy string required
    • customerName string required
    • file_path string required
    • lines double[] required
    • resource string required
    • source string required
    • status string required
    • ]
    • token string
    Loading...