forked from panther-labs/panther_analysis_tool
-
Notifications
You must be signed in to change notification settings - Fork 0
/
example_panther_config.yml
63 lines (63 loc) · 2.02 KB
/
example_panther_config.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
# Example configuration file for panther_analysis_tool.
# Copy this file into the root of your test repository and name it .panther_settings.yml
# Note that options in this file will be overridden by options passed on the command line
#
# The API token to use when making changes to Panther
# api_token: "token"
#
# The URL where Panther is hosted
# api_host: "test.runpanther.xyz"
#
# The AWS profile to use when updating the AWS Panther deployment.
# aws_profile: "aws_profile"
#
# The key id to use to sign the release asset
# kms_key: "kms-key"
#
# The branch to base the release on
# github_branch: "main"
#
# The github owner of the repository
# github_owner: "Bob Ownerson"
#
# The github repository name
# github_repository: "panther-labs/panther-analysis"
#
# The tag name for this release
# github_tag: "v.1.0.0"
#
# Skip tests for disabled rules
# skip_disabled_tests: True
#
# The relative path to Panther policies and rules.
# path: "."
#
# The path to store output files.
# out: "."
#
# The minimum number of tests in order for a detection to be considered passing.
# If a number greater than 1 is specified, at least one True and one False test is required.
# minimum_tests: 0
#
# Relative path to files in this project to be ignored by panther-analysis tool
# ignore_files:
# - "example.yml"
#
# A destination name that may be returned by the destinations function.
# available_destination: "test_destination"
#
# Filter tests by RuleID and other parameters. This must be passed as a dict with lists as values.
# filter: {"RuleID":["Standard.UnusualLogin"]}
#
# Allows skipping of table name validation from schema validation. Useful when querying
# non-Panther or non-Snowflake tables
# ignore-table-names: False
#
# Provide additional fully qualified table names that should be considered valid during schema validation
# (in addition to standard Panther/Snowflake tables). Accepts '*' as wildcard character matching 0 or more characters.
# valid_table_names:
# - "foo.bar.baz"
# - "bar.baz.*"
# - "foo.*bar.baz"
# - "baz.*"
# - "*.foo.*"