{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "title": "DSPMPolicy",
  "description": "DSPMPolicy schema from Palo Alto Networks Prisma Cloud DSPM API",
  "$id": "https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/prisma-cloud-dspm-api-dspm-policy-schema.json",
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "description": "Unique DSPM policy identifier."
    },
    "name": {
      "type": "string",
      "description": "Policy name."
    },
    "description": {
      "type": "string",
      "description": "Policy description."
    },
    "enabled": {
      "type": "boolean",
      "description": "Whether the policy is currently active."
    },
    "severity": {
      "type": "string",
      "enum": [
        "critical",
        "high",
        "medium",
        "low"
      ],
      "description": "Severity level of violations detected by this policy."
    },
    "classification": {
      "type": "string",
      "description": "Classification label this policy governs."
    },
    "requiredControls": {
      "type": "array",
      "items": {
        "type": "string",
        "enum": [
          "encryption",
          "accessRestriction",
          "auditLogging",
          "backup",
          "networkIsolation"
        ]
      },
      "description": "Security controls required for data matching this policy."
    },
    "cloudProviders": {
      "type": "array",
      "items": {
        "type": "string",
        "enum": [
          "aws",
          "azure",
          "gcp"
        ]
      },
      "description": "Cloud providers this policy applies to."
    },
    "createdAt": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "updatedAt": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    }
  }
}