https://live.paloaltonetworks.com/t5/prisma-cloud-discussions/pcc-manage-defenders-deploy-defender-single-defender-container/m-p/519916#M771 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/183942">@CloudEngineer</a>&nbsp; dude, you were correct the whole time.&nbsp; <SPAN>The Prisma Cloud Compute SecurityHub Alert Provider works perfectly fine.</SPAN></P> <P>I got misinformation from support case <SPAN>02326773</SPAN>.&nbsp; Here is how I determined that the Registry Scanned CVEs and Compliance vulnerabilities were generating Alerts and propogating them to AWS SecurityHub/Findings Console.&nbsp; I entered this Filter criteria and then I could see the CVE-Alerts.&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TommyHunt_0-1667330936544.png" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/45063i2BA15E06AE615FAB/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="TommyHunt_0-1667330936544.png" alt="TommyHunt_0-1667330936544.png" /></span></P> <P>&nbsp;</P> <P>I still have NO explanation for those errors that I cited at the beginning of this</P> Tue, 01 Nov 2022 19:29:14 GMT TommyHunt 2022-11-01T19:29:14Z https://live.paloaltonetworks.com/t5/prisma-cloud-discussions/pcc-manage-defenders-deploy-defender-single-defender-container/m-p/517703#M732 <P><STRONG>Given</STRONG> that I navigate to PCCConsole/Manage/Defenders/Deploy/Defender/Single Defender/Container Defender - App Embedded/Fargate task</P> <P><STRONG>And</STRONG> I paste the Fargate Task Definition JSON produced by AWS ECS</P> <P><STRONG>When</STRONG> I push the 'Generate protected task' button</P> <P><STRONG>And</STRONG> Copy Prisma's generated JSON</P> <P><STRONG>And</STRONG> Paste it into the new revision of an existing Task Definition</P> <P><STRONG>Then</STRONG> I get many error, <EM>'Should only contain 'family', 'containerDefinitions', 'volumes', 'taskRoleArn', 'networkMode', 'requiresCompatibilities', 'cpu', 'memory', 'inferenceAccelerators', 'executionRoleArn', 'pidMode', 'ipcMode', 'proxyConfiguration', 'tags', 'runtimePlatform', 'placementConstraints'.'</EM></P> <P><SPAN><STRONG>And</STRONG> I have to eliminate json objects in order for AWS to accept the definition.</SPAN></P> <P>&nbsp;</P> <P>JSON zipped and attached; you can use a diff tool to see what JSON had to be deleted.</P> <P>&nbsp;</P> <P>Why isn't Prisma's generated JSON acceptable to AWS?</P> <P>What am I doing wrong?</P> <P>Are the modifications that I made accpetable?</P> <P>After making the modifications, is my Task protected?</P> <P>&nbsp;</P><BR /><BR />Please note you are posting a public message where community members and experts can provide assistance. Sharing private information such as serial numbers or company information is not recommended. Wed, 12 Oct 2022 21:27:12 GMT https://live.paloaltonetworks.com/t5/prisma-cloud-discussions/pcc-manage-defenders-deploy-defender-single-defender-container/m-p/517703#M732 TommyHunt 2022-10-12T21:27:12Z https://live.paloaltonetworks.com/t5/prisma-cloud-discussions/pcc-manage-defenders-deploy-defender-single-defender-container/m-p/517785#M734 <P>Hi Tommy,</P> <P>This happens when a task definition is exported / copied from AWS and then pasted into Compute's protected task generation field. If you copy solely the original Fargate task and use that in Compute's protected task generator, and then use the result in a new Fargate task definition, you won't receive those errors.</P> <P>&nbsp;</P> <P>Regards,</P> Thu, 13 Oct 2022 13:51:33 GMT https://live.paloaltonetworks.com/t5/prisma-cloud-discussions/pcc-manage-defenders-deploy-defender-single-defender-container/m-p/517785#M734 CloudEngineer 2022-10-13T13:51:33Z https://live.paloaltonetworks.com/t5/prisma-cloud-discussions/pcc-manage-defenders-deploy-defender-single-defender-container/m-p/517855#M741 <P>Thanks Brandon;&nbsp; choosing that version of a task definition was a poor choice. Given the dynamic nature of task definitions, the task definition is always a template where fields are populated with values and the transformed json is submitted via automation, for example&nbsp;terraform modules or CloudFormationTemplates.&nbsp; Thus the original JSON Task Definition is never seen by the developer, it is neither handled by a developer nor checked into a version-control-system. Bottom-line: unless the developer manually codes it, they can't submit the version of JSON that the API was made to consume.</P> Thu, 13 Oct 2022 18:50:49 GMT https://live.paloaltonetworks.com/t5/prisma-cloud-discussions/pcc-manage-defenders-deploy-defender-single-defender-container/m-p/517855#M741 TommyHunt 2022-10-13T18:50:49Z https://live.paloaltonetworks.com/t5/prisma-cloud-discussions/pcc-manage-defenders-deploy-defender-single-defender-container/m-p/517857#M742 <P>Thanks again, I am grateful for your help.</P> Thu, 13 Oct 2022 18:52:31 GMT https://live.paloaltonetworks.com/t5/prisma-cloud-discussions/pcc-manage-defenders-deploy-defender-single-defender-container/m-p/517857#M742 TommyHunt 2022-10-13T18:52:31Z https://live.paloaltonetworks.com/t5/prisma-cloud-discussions/pcc-manage-defenders-deploy-defender-single-defender-container/m-p/517954#M752 <P>You're welcome! I'm happy to help. I understand your feedback and I just wanted to inform you that we do have an RFE (Request for Enhancement) process. I believe that you will just need an account in our customer support portal to submit this, The more unique company votes it receives, the more visibility it will receive.<BR /><BR /><A href="https://prismacloud.ideas.aha.io/ideas/new" target="_blank">https://prismacloud.ideas.aha.io/ideas/new</A></P> <P>&nbsp;</P> <P>Regards,</P> Fri, 14 Oct 2022 14:42:13 GMT https://live.paloaltonetworks.com/t5/prisma-cloud-discussions/pcc-manage-defenders-deploy-defender-single-defender-container/m-p/517954#M752 CloudEngineer 2022-10-14T14:42:13Z https://live.paloaltonetworks.com/t5/prisma-cloud-discussions/pcc-manage-defenders-deploy-defender-single-defender-container/m-p/519916#M771 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/183942">@CloudEngineer</a>&nbsp; dude, you were correct the whole time.&nbsp; <SPAN>The Prisma Cloud Compute SecurityHub Alert Provider works perfectly fine.</SPAN></P> <P>I got misinformation from support case <SPAN>02326773</SPAN>.&nbsp; Here is how I determined that the Registry Scanned CVEs and Compliance vulnerabilities were generating Alerts and propogating them to AWS SecurityHub/Findings Console.&nbsp; I entered this Filter criteria and then I could see the CVE-Alerts.&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TommyHunt_0-1667330936544.png" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/45063i2BA15E06AE615FAB/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="TommyHunt_0-1667330936544.png" alt="TommyHunt_0-1667330936544.png" /></span></P> <P>&nbsp;</P> <P>I still have NO explanation for those errors that I cited at the beginning of this</P> Tue, 01 Nov 2022 19:29:14 GMT https://live.paloaltonetworks.com/t5/prisma-cloud-discussions/pcc-manage-defenders-deploy-defender-single-defender-container/m-p/519916#M771 TommyHunt 2022-11-01T19:29:14Z https://live.paloaltonetworks.com/t5/prisma-cloud-discussions/pcc-manage-defenders-deploy-defender-single-defender-container/m-p/519919#M772 <P>please delete, disregard that comment above; it is intended for another conversation.</P> Tue, 01 Nov 2022 19:33:26 GMT https://live.paloaltonetworks.com/t5/prisma-cloud-discussions/pcc-manage-defenders-deploy-defender-single-defender-container/m-p/519919#M772 TommyHunt 2022-11-01T19:33:26Z