New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
EXPANDR-3176 Prisma Cloud pack - Updating prisma cloud v2 playbooks #25747
EXPANDR-3176 Prisma Cloud pack - Updating prisma cloud v2 playbooks #25747
Conversation
Thank you for your contribution. Your generosity and caring are unrivaled! Make sure to register your contribution by filling the Contribution Registration form, so our content wizard @samuelFain will know the proposed changes are ready to be reviewed. |
You have successfully added a new CodeQL configuration |
You have successfully added a new CodeQL configuration |
Redlock deprecating PR: #25156 |
Hi @capanw, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @capanw Thank you for your contribution, I finished reviewing the PR and the content looks great! Just one question about the GCP playbook, I noticed that the tasks for searching the resource are using the redlock-search-config
command which I think is deprecated, while in the other playbooks these tasks use the prisma-cloud-config-search
command, please make sure the task is using the correct command and let me know
Hello @efelmandar, Thanks for reviewing the content. There seems to be a bug/issue regarding that playbook and we are tracking it here. The repo already has updated commands but its not being reflected in the marketplace pack and they are working on fixing it. Thanks |
Hello @efelmandar, Made changes to the GCP playbook. Should have updated commands. Let me know if you have any further questions. Thanks. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi,
Thank you for your contribution! I am deprecating RedLock now and did some changes there in order to be compliant with your contribution.
Please make sure to change the places in the repository where Prisma Cloud - Find Public Cloud Resource by Public IP
playbook is used by default, to use Prisma Cloud - Find Public Cloud Resource by Public IP v2
. I saw it only once in Expanse Enrich Cloud Assets
playbook.
task: | ||
id: ca4523b4-7f64-4c09-8c6e-a68a4b73094f | ||
version: -1 | ||
name: Prisma Cloud - Find GCP Resource by Public IP v2 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
name: Prisma Cloud - Find GCP Resource by Public IP v2 | |
name: Prisma Cloud - Find GCP Resource by Public IP |
No need to also change the name
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hello @BEAdi, are we just changing the name key? But leave the playbookName key as is?
Also, I see, you suggested changes for AWS/GCP. We are also using Azure as well. Should I update that too?
Thanks
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Right
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks
...PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_Public_Cloud_Resource_by_Public_IP_v2.yml
Outdated
Show resolved
Hide resolved
...PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_Public_Cloud_Resource_by_Public_IP_v2.yml
Outdated
Show resolved
Hide resolved
Hi @capanw, |
* deprecate v1 * deprecate playbooks * update RN * update regarding #25747 * fix validate * update versions * revert removal of incident fields * remove hidden: true
@BEAdi @efelmandar, Updated with recommended suggestions. |
For the Reviewer: Successfully created a pipeline in Gitlab with url: https://code.pan.run/xsoar/content/-/pipelines/5075834 |
da8c691
into
demisto:contrib/capanw_prisma-cloud-one
…25747) (#25994) * Updating prisma cloud v2 playbooks * Updated release notes * Delete 3_0_3.md * Update GCP playbooks with new commands * Updating release notes * Delete outdated release notes file * Updated Names * Rename 3_0_7.md to 4_0_1.md --------- Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: samuelFain <65926551+samuelFain@users.noreply.github.com>
Contributing to Cortex XSOAR Content
Make sure to register your contribution by filling the contribution registration form
The Pull Request will be reviewed only after the contribution registration form is filled.
Status
Related Issues
https://jira-hq.paloaltonetworks.local/browse/EXPANDR-3176
Description
Updating V2 playbook outputs for AWS, GCP and Azure. Also adding v2 playbook for cloud resource find by ip playbook.
Screenshots
Paste here any images that will help the reviewer
Minimum version of Cortex XSOAR
Does it break backward compatibility?
Must have