Prisma Public Cloud (formerly RedLock) setting warning

L1 Bithead

Prisma Public Cloud (formerly RedLock) setting warning

I am running Prisma Public Cloud with trial version.

I had configured Prisma Public Cloud and AWS.

I found status is orrange following as;

What is mean 3 warring messages and how could I fix it on AWS or Prisma Public Cloud.

Please help me....

 

RedLock _ Cloud Accounts 2019-04-28 00-02-41.png

L4 Transporter

Re: Prisma Public Cloud (formerly RedLock) setting warning

Did you use Prisma Public Cloud's CloudFormation template to create the Prisma Public Cloud role?  If so, then it looks like the CloudFormation may be out of date.  Please manually add those permissions to the Prisma Public Cloud role's inline policy.  I'll run some tests too

L4 Transporter

Re: Prisma Public Cloud (formerly RedLock) setting warning

This appears to be a bug.  Prisma Public Cloud is not correctly checking against Describe* permissions that are given within the role.  So even though the specific permission is covered, Prisma Public Cloud is still inaccurately reporting it as missing.  Engineering is looking into this already.

L1 Bithead

Re: Prisma Public Cloud (formerly RedLock) setting warning

The Prisma Public Cloud role in the AWS console (IAM services) needs these specific permissions added in the inline policy. Prisma Public Cloud checks for these permissions for access and data ingestion.

You can log into AWS console-->IAM-->Role-->RedLock Role-->Permissions-->Check the Inline Policy JSON file.

 

Add the permissions mentioned in the Config status message, such as 

ssm:DescribeParameters, etc.

Once done, the warning message will disappear.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!