List Policies

GET 
/policy

Returns all available policies, both system default and custom. You can apply filters to narrow the returned policy list to a subset of policies or potentially to a specific policy. Response includes open alert counts, which can affect performance.

Request

Query Parameters

policy.name string

Policy name

policy.severity string

Possible values: [critical, high, medium, low, informational]

Policy severity

policy.label string

Policy label

policy.type string

Possible values: [config, network, audit_event]

Policy type

policy.complianceStandard string

Policy compliance standard name

policy.complianceRequirement string

Policy compliance requirement name

policy.complianceSection string

Policy compliance section ID

policy.enabled string

Possible values: [true, false]

Policy enabled

policy.policyMode string

Possible values: [custom, redlock_default]

Policy mode

policy.remediable string

Possible values: [true, false]

Policy is remediable

cloud.type string

Cloud type

Responses

200

successful operation

application/json; charset=UTF-8

Schema

Schema

• Array [
cloudType string

Possible values: [ALL, AWS, AZURE, GCP, ALIBABA_CLOUD, OCI, IBM]

Cloud type (Required for config policies). Not case-sensitive. Default is ALL.

complianceMetadata object[]
List of compliance data. Each item has compliance standard, requirement, and/or section information.
Array [
complianceId string
Compliance Section UUID
customAssigned boolean
policyId string
Policy ID
requirementDescription string
Requirement description
requirementId string
Requirement ID
requirementName string
Requirement name
sectionDescription string
Section name
sectionId string
Section Id
sectionLabel string
Section Label
standardDescription string
Compliance standard description
standardId string
standardName string
Compliance standard name
]
createdBy string

Created by

createdOn int64

Created on this timestamp

deleted boolean

Deleted

description string

Policy description

enabled boolean

true=enabled. false=disabled.

findingTypes string[]

Finding Type

labels string[]

Labels

lastModifiedBy string

Last modified by

lastModifiedOn int64

Last modified on this timestamp

name stringrequired

Policy name

openAlertsCount int32

Open Alerts Count (Deprecated)

overridden boolean

Overridden

owner string

Owner

policyCategory string

Possible values: [risk, incident]

PolicyCategory

policyClass object

PolicyClass

policyId string

Policy ID

policyMode string

Possible values: [custom/redlock_default]

PolicyMode

policySubTypes object[]

Policy subtype

policyType objectrequired

Policy type. Policy type anomaly is read-only.

policyUpi string

Policy UPI

readOnly boolean

Read Only

recommendation string

Remediation recommendation

remediable boolean

isRemediable

remediation object

Model for Remediation

actions object[]

Policy Action

Array [

operation string

payload string

]

cliScriptTemplate string

CLI Script Template

description string

Description

restrictAlertDismissal boolean

Restrict alert dismissal

rule objectrequired

Model for Rule

apiName string

API name

cloudAccount string

Cloud account

cloudType string

Cloud type

criteria stringrequired

Saved search ID that defines the rule criteria.

dataCriteria object

Criteria for Rule

classificationResult string

Data policy. Required for DLP rule criteria.

exposure string

Possible values: [private, public, conditional]

File exposure

extension string[]

File extensions

name stringrequired

Name

parameters objectrequired

Parameters (e.g. {"savedSearch": "true"})

property name* string

resourceIdPath string

Resource ID path

resourceType string

Resource type

type stringrequired

Possible values: [Config, Network, AuditEvent, DLP, IAM, NetworkConfig]

Type of rule or RQL query

ruleLastModifiedOn int64

Rule last modified on

severity stringrequired

Possible values: [high, medium, low]

Severity

systemDefault boolean

true = Policy is a Prisma Cloud system default policy

• ]

Example (from schema)

[
  {
    "cloudType": "ALL",
    "complianceMetadata": [
      {
        "complianceId": "string",
        "customAssigned": true,
        "policyId": "string",
        "requirementDescription": "string",
        "requirementId": "string",
        "requirementName": "string",
        "sectionDescription": "string",
        "sectionId": "string",
        "sectionLabel": "string",
        "standardDescription": "string",
        "standardId": "string",
        "standardName": "string"
      }
    ],
    "createdBy": "string",
    "createdOn": 0,
    "deleted": true,
    "description": "string",
    "enabled": true,
    "findingTypes": [
      "string"
    ],
    "labels": [
      "string"
    ],
    "lastModifiedBy": "string",
    "lastModifiedOn": 0,
    "name": "string",
    "openAlertsCount": 0,
    "overridden": true,
    "owner": "string",
    "policyCategory": "risk",
    "policyClass": {},
    "policyId": "string",
    "policyMode": "custom/redlock_default",
    "policySubTypes": [
      {}
    ],
    "policyType": {},
    "policyUpi": "string",
    "readOnly": true,
    "recommendation": "string",
    "remediable": true,
    "remediation": {
      "actions": [
        {
          "operation": "string",
          "payload": "string"
        }
      ],
      "cliScriptTemplate": "string",
      "description": "string"
    },
    "restrictAlertDismissal": true,
    "rule": {
      "apiName": "string",
      "cloudAccount": "string",
      "cloudType": "string",
      "criteria": "string",
      "dataCriteria": {
        "classificationResult": "string",
        "exposure": "private",
        "extension": [
          "string"
        ]
      },
      "name": "string",
      "parameters": {},
      "resourceIdPath": "string",
      "resourceType": "string",
      "type": "Config"
    },
    "ruleLastModifiedOn": 0,
    "severity": "high",
    "systemDefault": true
  }
]

Loading...