Create an IAM Policy

Create custom iam policies in Prisma Cloud to monitor your AWS environment to enforce identity management best practices.
You have the ability to create custom IAM policies to satisfy your organization’s requirements. Build a new IAM policy based on the
config from iam
RQL query so that you can monitor the identities across your cloud environment.
  1. Select
    Policies
    New Policy
    IAM
    .
  2. Enter your policy details.
    The required information is
    Policy Name
    and
    Severity
    while the optional information is
    Description
    and
    Tags
    .
  3. Click
    Next
    and enter your RQL query.
    The default option of
    New Search
    enables you to build a new RQL query from scratch while
    Saved Search
    enables you to use a RQL query that you previously saved. The following RQL query returns the net effective permissions of a user in your cloud account named
    my-user
    :
    config from iam where source.cloud.service.name = 'iam' and source.cloud.resource.type = 'user' and source.cloud.resource.name = 'my-user'
    A green check mark appears if you entered a valid query.
  4. Save
    the policy.
    After you successfully created your new policy it shows up in the
    Policies
    table.
    Refer to the iam query reference to learn about IAM Query attributes and to see examples.

Recommended For You