Prisma Cloud Release Notes For February 12, 2020

Printer Friendly Page

Features Introduced on February 12, 2020

 

 

New Features

FEATURE DESCRIPTION
Streamlined Cloud Account Onboarding

Onboard your cloud accounts on AWS, Azure, and GCP and simplify the first step for cloud monitoring and governance. The guided experience automates some of the configuration options for quicker onboarding with Terraform templates and CloudFormation template, and reduces user error. 

Prisma Cloud Add Cloud AccountPrisma Cloud Add Cloud Account

 

Upgrade Notification for Prisma Cloud Compute

You can upgrade the Prisma Cloud Compute Console using the new Upgrade Button in the Prisma Cloud administrative console. After you complete the upgrade, you must update the Prisma Cloud Defenders to stay in sync with the Console version you just installed.

 

License Usage Details for Prisma Cloud Compute Workloads

Each Prisma Cloud Compute Defender deployed on an AWS EC2, Azure VM, or GCP GCE instance is counted as one Prisma Cloud Enterprise Edition workload license, and you can view the number of licenses on the Settings > Licensing > Compute.

 

API Ingestion Update

Azure

  • azure-locations
  • azure-storage-account-list is updated to retrieve Storage service encryption and the keyvaultproperties
  • azure-mysql-server

 

AWS

aws-ec2-key-pair

To ingest the resources associated with this API, you must update the CFT and enable permission for ec2:DescribeKeyPairs

 

GCP

  • gcloud-logging-metric
  • gcloud-cloud-function

 

 

 

Policy Updates and New Policies

POLICY</strong DESCRIPTION
AWS RDS snapshot is encrypted using default KMS key instead of CMK

Identifies RDS snapshots that are encrypted with a default KMS key. As a best practice, you should use a Customer Managed Key (CMK) for better key management including the ability to rotate and delete keys, and control access using IAM policies.

 

AWS RDS DB snapshot is not encrypted

Identifies RDS snapshots that are not encrypted. This is a risk because your data at rest is not encrypted and at risk of unauthorized access.

 

AWS RDS cluster is encrypted using default KMS key instead of CMK

Identifies RDS clusters that are encrypted with a default KMS key. As a best practice, you should use a Customer Managed Key (CMK) for better key management including the ability to rotate and delete keys, and control access using IAM policies.

 

 

For more information, please review the new features in the Prisma Cloud February 12, 2020 Release Notes in TechDocs.

Tags (2)
Ask Questions Get Answers Join the Live Community
Version history
Revision #:
4 of 4
Last update:
yesterday
Updated by:
 
Contributors