Update Policy
PUT/policy/:id
Updates the existing policy that has the specified policy ID.
Although multiple body parameters are marked as required, to update a policy, you need to provide only the body parameters that you want to update. All body parameters that you don't update will default to the values of the existing policy.
Request
Path Parameters
Policy ID
- application/json; charset=UTF-8
Body
required
Model for Policy
- Array [
- ]
- Array [
- ]
Possible values: [ALL, AWS, AZURE, GCP, ALIBABA_CLOUD, OCI, IBM]
Cloud type (Required for config policies). Not case-sensitive. Default is ALL.
complianceMetadata object[]
List of compliance data. Each item has compliance standard, requirement, and/or section information.
Compliance Section UUID
Policy ID
Requirement description
Requirement ID
Requirement name
Section name
Section Id
Section Label
Compliance standard description
Compliance standard name
Policy description
true=enabled. false=disabled.
Finding Type
Labels
Policy name
Possible values: [config, network, audit_event, anomaly, data, iam, workload_vulnerability, workload_incident, api, attack_path, malware, grayware]
Policy type. Policy type anomaly is read-only.
Remediation recommendation
remediation object
Model for Remediation
actions object[]
Policy Action
CLI Script Template
Description
rule objectrequired
Model for Rule
Saved search ID that defines the rule criteria.
dataCriteria object
Criteria for Rule
Data policy. Required for DLP rule criteria.
Possible values: [private, public, conditional]
File exposure
File extensions
Name
parameters objectrequired
Parameters (e.g. {"savedSearch": "true"})
Possible values: [Config, Network, AuditEvent, DLP, IAM, NetworkConfig]
Type of rule or RQL query
Possible values: [high, medium, low]
Severity
Responses
- 200
- 400
- 403
- 404
successful operation
- application/json; charset=UTF-8
- Schema
- Example (from schema)
Schema
- Array [
- ]
- Array [
- ]
Possible values: [ALL, AWS, AZURE, GCP, ALIBABA_CLOUD, OCI, IBM]
Cloud type (Required for config policies). Not case-sensitive. Default is ALL.
complianceMetadata object[]
List of compliance data. Each item has compliance standard, requirement, and/or section information.
Compliance Section UUID
Policy ID
Requirement description
Requirement ID
Requirement name
Section name
Section Id
Section Label
Compliance standard description
Compliance standard name
Created by
Created on this timestamp
Deleted
Policy description
true=enabled. false=disabled.
Finding Type
Labels
Last modified by
Last modified on this timestamp
Policy name
Overridden
Policy ID
Possible values: [run, build, run_and_build, audit, data_classification, dns, malware, network_event, network, ueba, permissions, network_config, identity, sensitive_data_exposure, internet_exposure, injections, vulnerability_scanning, shellshock, known_bots, unknown_bots, virtual_patches, event, misconfig_and_event, misconfig, host, container_image]
Policy subtype
Possible values: [config, network, audit_event, anomaly, data, iam, workload_vulnerability, workload_incident, api, attack_path, malware, grayware]
Policy type. Policy type anomaly is read-only.
Policy UPI
Remediation recommendation
isRemediable
remediation object
Model for Remediation
actions object[]
Policy Action
CLI Script Template
Description
Restrict alert dismissal
rule objectrequired
Model for Rule
API name
Cloud account
Cloud type
Saved search ID that defines the rule criteria.
dataCriteria object
Criteria for Rule
Data policy. Required for DLP rule criteria.
Possible values: [private, public, conditional]
File exposure
File extensions
Name
parameters objectrequired
Parameters (e.g. {"savedSearch": "true"})
Resource ID path
Resource type
Possible values: [Config, Network, AuditEvent, DLP, IAM, NetworkConfig]
Type of rule or RQL query
Rule last modified on
Possible values: [high, medium, low]
Severity
true = Policy is a Prisma Cloud system default policy
{
"cloudType": "ALL",
"complianceMetadata": [
{
"complianceId": "string",
"customAssigned": true,
"policyId": "string",
"requirementDescription": "string",
"requirementId": "string",
"requirementName": "string",
"sectionDescription": "string",
"sectionId": "string",
"sectionLabel": "string",
"standardDescription": "string",
"standardId": "string",
"standardName": "string"
}
],
"createdBy": "string",
"createdOn": 0,
"deleted": true,
"description": "string",
"enabled": true,
"findingTypes": [
"string"
],
"labels": [
"string"
],
"lastModifiedBy": "string",
"lastModifiedOn": 0,
"name": "string",
"overridden": true,
"policyId": "string",
"policySubTypes": [
"run"
],
"policyType": "config",
"policyUpi": "string",
"recommendation": "string",
"remediable": true,
"remediation": {
"actions": [
{
"operation": "string",
"payload": "string"
}
],
"cliScriptTemplate": "string",
"description": "string"
},
"restrictAlertDismissal": true,
"rule": {
"apiName": "string",
"cloudAccount": "string",
"cloudType": "string",
"criteria": "string",
"dataCriteria": {
"classificationResult": "string",
"exposure": "private",
"extension": [
"string"
]
},
"name": "string",
"parameters": {},
"resourceIdPath": "string",
"resourceType": "string",
"type": "Config"
},
"ruleLastModifiedOn": 0,
"severity": "high",
"systemDefault": true
}
missing_required_parameter / invalid_parameter_value / policy_id_cannot_be_changed /type_cannot_be_changed / create_update_disallowed_for_json_schema_type_policy / duplicate_name / remediation_allowed_only_for_config_policies / policy_remediation_disallowed_for_non_sys_admins / unable_to_determine_sub_types / unauthorized_access / compliance_mapping_update_disallowed_for_policy_type/policy_enable_failed_due_to_not_enough_wait
not_system_admin_user / not_owner_or_same_role
not_found