The Carbon Black Cloud console provides some optional steps for creating and validating JSONPath criteria.

To build a correct JSONPath selector, you can enter a sample resource configuration or import the configuration of an already deployed resource in your Kubernetes environment. Based on this configuration, the Carbon Black Cloud console displays a preview of the selector's result; you can then build the selector.

Prerequisites

See Basic JSONPath Rules.

Procedure

  1. On the left navigation pane, click Enforce > K8s Policies.
  2. Click the Rules tab.
  3. Click Add Rule.
  4. Define the rule.
    1. Enter a unique custom rule name and a description.
    2. Select JSONPath, methods, values as the rule criteria.
    3. Click Next.
  5. Optionally enter the Resource kind from the dropdown menu. The default value is Any.
  6. Click Import to open an existing resource file from your Kubernetes environment. You can also copy/paste your content into the Sample resource JSON text box.
    The resource file or copied content displays in the Sample resource JSON text box to the left of the page.
  7. In JSONPath, enter a string (that you can copy from the displayed JSON file), and click the Search icon to the right of the text box.
  8. Enter a Method from the dropdown menu and type in a Value.
  9. Preview your selection in the Results for JSONPath area on the right of the page. If the string you entered is not returning any resources, a message displays to that effect. If you see a number, for example, [1], there is one matching resource.
    The rule configuration page where you can add a custom rule
  10. Click Next.
  11. On the Confirm Rule page, review the summary of the rule criteria and the matching Kubernetes resources and click Save.
    The custom rule is added to the Rules page. To review its details, click the arrow Arrow (>) icon icon at the right of the rule.