Hello Prisma Cloud users,
I'm sharing with you some research I did this morning that you may find interesting. We want to detect and prevent when a resource is created in an unauthorized region.
config from cloud.resource where cloud.type = 'azure' AND cloud.region NOT IN ( 'Azure France Central' , 'Azure France South' , 'Azure Germany Central' , 'Azure Germany Northeast' , 'Azure Germany North' , 'Azure Germany West Central' )
You can specify your cloud types, your cloud regions and you can add all variables you want.
For example I can use api.name if I want to check a specific type of resources.
api.name = 'azure-kubernetes-cluster' # If want want to test my AKS clusters
Have a good journey in the world of RQL queries 😉
... View more