Receiving false positive alert for AWS config recording is disabled in Prisma cloud

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Receiving false positive alert for AWS config recording is disabled in Prisma cloud

L3 Networker

We tried with the mentioned steps and enabled the recording following below recommendation:

1. Sign in to the AWS Management Console
2. Select the specific region from the top down, for which the alert is generated
3. Navigate to service 'Config' from the 'Services' dropdown.
If AWS Config set up exists,
a. Go to Settings
b. Click on 'Turn On' button under 'Recording is Off' section,
c. provide required information for bucket and role with proper permission
If AWS Config set up doesn't exist
a. Click on 'Get Started'
b. For Step 1, Tick the check box for 'Record all resources supported in this region' under section 'Resource types to record'
c. Under section 'Amazon S3 bucket', select bucket with permission to Config services
d. Under section 'AWS Config role', select a role with permission to Config services
e. Click on 'Next'
f. For Step 2, Select required rule and click on 'Next' otherwise click on 'Skip'
g. For Step 3, Review the created 'Settings' and click on 'Confirm'
 
 
 

AWS.PNG

 Anyone facing this issue ?

3 REPLIES 3

L0 Member

Receiving false positive alert for AWS config recording is disabled in Prisma cloud. We tried with the mentioned steps and enabled

 

Are you receiving the same alerts ?

L0 Member

Recently experienced this (false positive?) alert as well -- triggered for a region that is disabled / not even capable of being used. Weird that it didn't also trigger for any of the other regions that we also have disabled.  Would be great if we could get an explaination of why/how this happened, and just for a single disabled region, and not any of the others?

  • 3145 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!