-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Prisma Policy Labels not working #3475
Comments
The fact that the Available options: shows empty makes me think there is something wrong with getting policies from prisma? |
Hey @MikkoMyllyniemi I haven't been able to reproduce this issue. I applied a similar label to the poicy and it worked as expected.
Can you please share debug logs? You can enable debug logging by setting the env var |
Never mind, I found the issue. It appears that |
Description
At the company I work at we are using Checkov together with Prisma Cloud Code Security, and I'm having trouble using the policy labels in Prisma to filter checks.
On Prisma's side, I've added a label to the "Default namespace is used" policy check called "mikko-testaa".
Filtering on Prisma via this label works, as it only shows the namespace policy check.
Execution and Results
With that in mind these are the checkov commands that I used both locally and on Jenkins;
checkov -d . --framework helm -o json --output-file-path . --prisma-api-url [PRISMAURL] --bc-api-key [PRISMAUSER::PRISMAKEY]] --policy-metadata-filter policy.label=mikko-testaa
I tried running as-is and also running via a config file, both returning the same result;
Have I misunderstood the policy-metadata-filter parameter? What am I doing wrong?
Version
Checkov version 2.1.179
The text was updated successfully, but these errors were encountered: