>
    Strata Copilot
    Remove Deleted SaaS Policy Rule Recommendations on Strata Cloud Manager
    Focus
    Download PDF
    Focus
    1. Home
    2. SaaS Security
    3. Manage Policy for Unsanctioned SaaS Apps
    4. Manage Enforcement of Rule Recommendations on Strata Cloud Manager
    5. Remove Deleted SaaS Policy Rule Recommendations on Strata Cloud Manager
    Download PDF
    SaaS Security

    Remove Deleted SaaS Policy Rule Recommendations on Strata Cloud Manager

    Table of Contents

    Remove Deleted SaaS Policy Rule Recommendations on Strata Cloud Manager

    Manage your rulebase on Strata Cloud Manager by removing deleted SaaS policy rule recommendations.
    When a SaaS Security administrator authors and submits SaaS policy rule recommendations, the Web Security or Data Security administrator imports those rule recommendations and the Security administrator pushes those rule recommendations to gain visibility into and control of the applications in the SaaS policy recommendation. Before you begin, learn about the Hub roles that enable administrators to collaborate on SaaS Security.
    As the guidelines outline, if the SaaS Security administrator deletes the rule recommendation, you also need to delete that rule recommendation. When you delete an imported rule recommendation:
    • The policy is deleted from the rulebase.
    • The HIP Profile and all associated objects are deleted from the configuration if you'ren’t using them in other policy rules.
    • Application Group is deleted from the configuration.
    1. Log in to Strata Cloud Manager.
    2. If you have not already, associate the predefined SAAS-Inline-Pol-Recommendations snippet with one or more folders, NGFW, and Prisma Access tenants.
      Use snippets to standardize a common base configuration for a set of NGFW, and Prisma Access tenants. This allows you to quickly onboard new devices with a known good configuration and reduces the time required to onboard a new device. Additionally, this also allows you to quickly apply the same SaaS app security enforcement to multiple NGFW, and Prisma Access tenants.
      Use the predefined SAAS-Inline-Pol-Recommendations snippet to simplify management of your SaaS Security Inline Policy Recommendations.
    3. Select ConfigurationNGFW and Prisma AccessSecurity ServicesInternet SecurityPolicy Recommendations.
    4. Click the Configuration Scope and select SnippetsSAAS-Inline-Pol-Recommendations.
    5. In Imported SaaS Rule Recommendations, locate the rule recommendations that the SaaS administrator deleted as indicated by the Removed Status, then click ActionsDelete icon.
      • Update available—SaaS administrator updated the rule recommendation and is pending your approval.
      • Update available (This rule will be removed)—SaaS administrator deleted the rule recommendation and is pending your approval.
      The policy recommendation that you deleted no longer displays in Imported SaaS Rule Recommendations. If your deletion fails, click the Last import failed link to understand why the import failed, then resolve the failure.
    6. Click Push Config.

    © 2026 Palo Alto Networks, Inc. All rights reserved.