Bridgecrew supports policy-as-code capabilities using YAML-based policy definition files to enable attribute and connection checks (composite checks).
Visit Prisma Cloud’s documentation to define YAML based policies -
https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-code-security/get-started/code-repositories-policy-management/code-editor
based on our sample files - https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-code-security/get-started/code-repositories-policy-management/custom-build-policy-examples.
To use the API request, add your token to the header. API supports both YAML and JSON configuration of Bridgecrew custom policy schema)
This API is used to validate a user defined Bridgecrew YAML-based custom policy schema. It returns an array of errors for not supported keys, values, and more. This call is used to verify that a custom policy which is about to be saved is properly configured.
Policy definitions include the following types:
option 1 - "attribute" block (defined by cond_type=attribute) - checks the specific attributes of a given resource type
option 2 - "connection" block (defined by cond_type=connection) - checks the existence of connection between given two resource group types
option 3 - "filter" block (defined by cond_type=filter) - return given resource group types
option 4 - "and"/"or" - structure that supports nested "and"/"or" logic and blocks for options 1, 2 and 3
Use the example below as a reference for configuring the API request body.