Releases: PaloAltoNetworks/prismacloud-cli
v0.6.19
What's Changed
- added Azure examples by @jjchavanne in #120
- fix issues #88 by @SimOnPanw in #91
- Add a --connected option for Defenders by @sgordon46 in #123
- Update version.py by @steven-deboer in #125
New Contributors
- @sgordon46 made their first contribution in #123
Full Changelog: v0.6.18...v0.6.19
v0.6.18
CWPP - Incidents Command
Within the Compute Workload Protection Platform (CWPP) functions, the incidents command allows you to manage and interact with incidents in your Prisma Cloud environment. With the incidents command, you can list, archive, and restore incidents.
What's Changed
- CWPP - Incidents Command by @steven-deboer in #121
Full Changelog: v0.6.16...v0.6.17
v0.6.16
v0.6.15
What's Changed
- Create automatically a pull request on repositories that contains certain level of vulnerabilities
- by @SimOnPanw in #119
You can use the command as below:
pc -vv -ojson repositories resources -i AzureRepos -s high -s critical --fix | jq '.'
Full Changelog: v0.6.14...v0.6.15
v0.6.14
v0.6.13
What's Changed
- Added all-except-licenses option and progress bar by @steven-deboer in #117
Full Changelog: v0.6.12...v0.6.13
Raw output & filter vulnerabilities by collection
Description
Added output option raw for raw json output without parsing.
Added filter by collection for output of stats vulnerabilities
Example
pc --config -o raw stats vulnerabilities --collection "dvwa" | jq
Motivation and Context
In some cases parsing to dataframe and then output as json is unwanted and does not show the requested output.
v0.6.11
What's Changed
- Added output count which just returns the number of results found.
- Added option to rql command --file, to define a yaml file with rql queries to run
Use Case
The new --field parameter of the rql command can be used to parse a file with
RQL queries. This file needs to be in yaml format as the example below:
- name: Find all permissions granted to Users
query: config from iam where grantedby.cloud.entity.type = 'user'
- name: Find all permissions granted to Roles
query: config from iam where grantedby.cloud.entity.type = 'role'
- name: IAM identities that can delete DynamoDB tables
query: config from iam where action.name = 'dynamodb:DeleteTable'
Examples to use this:
pc -o count rql --file ~/.prismacloud/my-important-queries.yaml
pc rql --file ~/.prismacloud/my-important-queries.yaml
Sample output
Command
pc -o markdown rql --file ~/.prismacloud/my-important-queries.yaml
RQL Query name: Find all permissions granted to Roles
RQL Query: config from iam where grantedby.cloud.entity.type = 'role'
id | sourcePublic | sourceCloudType | sourceCloudAccount | sourceCloudRegion |
---|---|---|---|---|
7984fc7e5041b7439272897da5c948 | False | AWS | Pedro AWS Account | AWS Oregon |
538adb5f6ccea83434be64b9e3b882 | ||||
2c47 | ||||
3206a93cd56dc0d983f67a994a648a | False | AWS | Pedro AWS Account | AWS Oregon |
9a7e2f47f8a1d8851f37433312c1bc | ||||
a3d5 |
RQL Query name: Find all permissions granted to Groups
RQL Query: config from iam where grantedby.cloud.entity.type = 'group'
id | sourcePublic | sourceCloudType | sourceCloudAccount | sourceCloudRegion |
---|---|---|---|---|
177bef83192f13a4e11f439fa8f7bb | False | AWS | pete-aws | AWS Global |
dc50ce83185092er44re4431d3cad0 | ||||
19ce | ||||
177bef83192f13aer11f4erfa8f7bb | False | AWS | pete-aws | AWS Global |
dc50ce831850928ddfeb9461d3cad0 | ||||
19ce |
RQL Query name: Show all INACTIVE identities and their allowed actions over the last specified number of days
RQL Query: config from iam where action.lastaccess.days > 90
New Contributors
- @jjchavanne made their first contribution in #111
Full Changelog: v0.6.10...v0.6.11