Create an Alert Rule for Build-Time Checks

Use alert rules to define which policies to use for continuous monitoring of your build pipelines or detecting issues in code earlier in your software release lifecycle.
Alert rules for build-time checks enable you to detect issues early in your production process. When you implement security practices and automated checks at the very beginning of the production cycle, you can reduce risk and compliance violations later in the asset or code management lifecycle.
When you create a
build
alert rule, you select the configuration policies to which the rule applies and the corresponding set of tags for which you want to detect issues. When you set up the Prisma Cloud plugins, and specify the same tags in the config.yml file, the alert rule is matched with the tags to determine which policies you want to scan against and detect violations.
Alert rules for build-time checks do not generate alerts on Prisma Cloud. You can view the scan results and trends for the IaC templates used in your processes and set up guardrails earlier in your business operations.
  1. Select
    Alerts
    Alert Rules
    and
    +Add New
    alert.
  2. Select
    Build
    .
    alerts-alert-rules-add-new-build.png
  3. Enter an
    Alert Rule Name
    and, optionally, a
    Description
    to communicate the purpose of the rule and then click
    Next
    .
  4. Select the
    Resource List
    to which you want this alert rule to apply and then click
    Next
    .
    The tags (key: value pairs) that you have defined within the resource list display.The policies that you select in this alert rule are used to scan IaC templates that match the tags listed in the attached resource list. To set one up, see Add a Resource List on Prisma Cloud.
    resource-list.png
    • When the IaC templates match the tags attached with the rule, the templates are scanned against the policies you select in the next step. Otherwise, the templates are scanned against all Prisma Cloud Configuration Policies of Subtype Build to detect any security issues. The scan used the failure criteria you defined when setting up the respective Prisma Cloud plugin, app, or extension to determine the scan result.
    • If you add multiple resource lists to an alert rule, each IaC template must match on all the tags includes in the resource lists.
      If you have multiple alert rules that match on the tags in an IaC template, the templates are scanned against all policies included in the rules.
  5. Select the policies you want this alert rule to scan.
    Either
    Select All Policies
    or select the specific policies that you want to scan.To help you find the specific group of policies for which you want this rule to alert
    • Filter Results
      —Enter a search term to filter the list of policies to those with specific keywords.
    • Column Picker
      —Select ( column-picker.png ) to modify which columns to display.
    • Sort
      —Click the corresponding
      Sort
      icon ( sort-column.png ) to sort on a specific column.
    alerts-alert-rules-add-new-build-select-policies.png
  6. Save
    the alert rule.
  7. To view the scan results for policy violations on IaC templates that are scanned against these rules, select
    Inventory
    DevOps
    .

Recommended For You