search

PaloAltoNetworks / terraform-provider-prismacloud

Terraform PrismaCloud provider
https://www.terraform.io/docs/providers/prismacloud/
Mozilla Public License 2.0
54 stars 65 forks source link

prismacloud_policy data source always returns null for remediation #256

Closed jpecora716 closed 1 year ago

jpecora716 commented 1 year ago

Describe the bug

When using the prismacloud_policy data source any policy that has remediable=true the remediation is alway null

Expected behavior

Based on the docs it should return:

template_type - Template type description - Description cli_script_template - CLI script template cli_script_json_schema_string - CLI script JSON schema

Current behavior

remediation is null

Possible solution

Return the same results as https://pan.dev/prisma-cloud/api/cspm/get-policy/

Steps to reproduce

Using the following hcl to re-recreate the issue: `terraform { required_providers { prismacloud = { source = "PaloAltoNetworks/prismacloud" version = "1.4.7" } } }

provider "prismacloud" { json_config_file = ".prismacloud_auth.json" }

data "prismacloud_policies" "custom_policies" { filters = { "policy.type": "config", "policy.remediable": "true", "policy.allowDeleted": "false" "policy.subtype": "run", "policy.policyMode": "custom", } }

locals { policy_ids = [ for x in data.prismacloud_policies.custom_policies.listing : x.policy_id ] }

data "prismacloud_policy" "custom_policy" { count = length(local.policy_ids) policy_id = local.policy_ids[count.index] }

output "custom_policy" { value = data.prismacloud_policy.custom_policy }`

$ terraform init && terraform apply $ terraform output -json custom_policy > custom_policies.json

All of the policies in custom_policies will have remediable=true and remediation is null. I took one of the policy id's and ran it against the get-policy api via https://pan.dev/prisma-cloud/api/cspm/get-policy/ and it returned the remediation results that I expected.

Context

I'm trying to export the custom policies as terraform so that they can be managed as IaC

Your Environment

welcome-to-palo-alto-networks[bot] commented 1 year ago

:tada: Thanks for opening your first issue here! Welcome to the community!

aadilpanw commented 1 year ago

Hey @jpecora716. This issue has been fixed in latest release (v1.4.9).

jpecora716 commented 1 year ago

Hi @aadilpanw I'm still seeing the same results after upgrading to 1.4.9: "remediable": true, "remediation": null,

AnushreeHS commented 1 year ago

Hi @jpecora716 We've tested it on our end, and it's working correctly. Would you mind trying it out with a valid policy to confirm its proper operation?

Screenshot 2023-09-26 at 8 52 45 AM
jpecora716 commented 1 year ago

Thanks. I removed the terraform state file and re-applied and now it's working as expected.