Automating your security is crucial, especially for companies operating in the cloud! I have recently made a video tutorial on how to use Terraform provider for Prisma Cloud Compute.
It would help anyone using Palo Alto Network's security platform to start building automation around their security practices.
I will include code snippets from this tutorial below:
creds.json
{"username":"test","password":"test","console_url":"https://192.168.64.2:32677"}main.tf
terraform{required_providers{prismacloudcompute={source="PaloAltoNetworks/prismacloudcompute"version="0.1.0"}}}provider"prismacloudcompute"{config_file="creds.json"}resource"prismacloudcompute_collection""node_alpine"{name="node-alpine-collection"description="Collection for Node images based on Alpine"color="#68A063"application_ids=["*"]code_repositories=["*"]images=["node:17-alpine3.12","*/node:17-alpine3.12"]labels=["*"]namespaces=["*"]}resource"prismacloudcompute_ci_image_vulnerability_policy""ruleset"{depends_on=[prismacloudcompute_collection.node_alpine,]rule{collections=[prismacloudcompute_collection.node_alpine.name,]disabled=falseeffect="alert, block"grace_days=30name="${prismacloudcompute_collection.node_alpine.name}-ci-policy"notes="CI policy for ${prismacloudcompute_collection.node_alpine.name}"only_fixed=trueverbose=falsealert_threshold{disabled=falsevalue=1}block_threshold{enabled=truevalue=2}cve_rule{description="Ignore ansi-regex"effect="ignore"id="CVE-2021-3807"expiration{date="2022-01-06T06:00:00Z"enabled=true}}cve_rule{description="Ignore busybox"effect="ignore"id="CVE-2021-28831"expiration{date="2022-01-06T06:00:00Z"enabled=true}}}rule{collections=["All",]disabled=falseeffect="alert, block"grace_days=30name="default"notes="Default policy for CI scans"only_fixed=trueverbose=falsealert_threshold{disabled=falsevalue=1}block_threshold{enabled=truevalue=2}}}Top comments(0)
Subscribe
For further actions, you may consider blocking this person and/orreporting abuse
