- Python: >= 3
- pipenv: If you don't have pipenv installed, install it first.
pip install --user pipenv
Install project dependencies.
pipenv install
The following environment variables need to be set.
export PRISMA_API_URL=https://api.prismacloud.io
export PC_ACCESS_KEY=<your-access-key>
export PC_SECRET_KEY=<your-secret-key>
Alternatively, you can pass them as a command line argument in addition to other arguments:
python -m pccs.main --auth "https://api.prismacloud.io::<your-access-key>::<your-secret-key>" --list <any additinoal args>
đź’ˇ Note: You may need to turn off VPN for using these scripts.
- Filter all custom policies (more on filters https://prisma.pan.dev/api/cloud/cspm/policy#operation/get-policy-filters-and-options):
python -m pccs.main --list -q policy.policyMode=custom
- List all policies (custom and otb):
python -m pccs.main --list
- List all policies (verbose):
python -m pccs.main --list --verbose
- Get custom policy by ID:
python -m pccs.main -id xxxxxxx --list
The command below will create the policy present in the filepath supplied to the --publish argument
python -m pccs.main -p -f policies/azure/BC_AZ_C_001.yml
Output:
Note: Found unnecessary attribute "id: BC_AZ_C_001" in policy. Ignoring it for publishing.
{
"policy": "900776649199591424_AZR_1649355555209"
}
Policy published successfully.
The command below will delete the policy with the id passed to the --delete argument.
python -m pccs.main --delete -id 900776649199591424_AZR_1649355555209
Output:
{
"policy": "900776649199591424_AZR_1649355555209"
}
Deleted successfully.
python -m pccs.main --update -f policies/azure/BC_AZ_C_001.yml -id 900776649199591424_AZR_1649355555209