prisma cloud integrate with jenkins server

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

prisma cloud integrate with jenkins server

L2 Linker

connect the Jenkins server:
  From the documentation 
   https://docs.prismacloud.io/en/enterprise-edition/content-collections/application-security/get-start...
       In the step:2 what should i do
       my Jenkins integration are in pending state

  

BSuriya_0-1729149882356.png

 

 

12 REPLIES 12

L1 Bithead

@B.Suriya  Thanks for reaching out. 

The integration is added in the UI but integration is pending only and will only be completed after completing step 3 below.

You can retrieve your Jenkins instance identifier by accessing the integrated Jenkins Server (see step 1 above) > selecting the Actions menu of an integration in the wizard > Copy instance identifier.

 

So, Please go-ahead and Complete remaining steps.

https://docs.prismacloud.io/en/enterprise-edition/content-collections/application-security/get-start...

 

i have followed a offical documentation in the
step:1
      1. created a  service account 
      2.  what to do in the allow list ?
I have completed a step 3 
   

 

BSuriya_1-1729226534365.png

 Plugin setup are done in the Jenkins server, but still is in pending state.
is there is any additional network configuration need to do?

  

@B.Suriya  

  1. Add the Prisma Cloud IP addresses and hostname for Application Security to an allow list to enable access to the Prisma Cloud Console. This is Part of Step1, number:2

  2. In Jenkins.

    1. If your Jenkins server has limited outgoing connections, make sure to permit an outgoing connection from the Jenkins server to Prisma IP addresses - see step 1 above.

 

  1. Add the Prisma Cloud IP addresses and hostname for Application Security to an allow list to enable access to the Prisma Cloud Console. This is Part of Step1, number:2
          where to do these changes i cannot able to find a allow list in the Prisma console, can you explain it in detail.

  2. In Jenkins: its allow for all.

@B.Suriya If you are on app.prismacloud.io  stack. Please add the related IPs . Plugin is doing a POST request to api.prismacloud.io with metadata. Jenkins server should be able to resolve and reach api.prismacloud.io. The IPs should be generally allowed on the firewall if you are using Prisma Cloud Enterprise edition.

Note: if you are on app2 api would be api2.prismacloud.io. So, please change the url according to the stack(app,app2,app3,app4 and app5)

SNimmagadda_0-1729528122463.png

 

 able to find the IPs for particular region and done a allow rule in the  Jenkins server,
my doubt:
    1. Having a IPs for that region of app.prismacloud.io from document.
     2. Where to configure those  region IPs.

 

@B.Suriya 

To add these IP addresses to an allow list, you may need to work with your network security team. The configuration for where you set up the allow list is dependent on your network architecture and it could be your firewall, proxy, or the server itself.

  • The Prisma Cloud URL indicates the region where your tenant is deployed. For example, your tenant is on app3 if your URL is https://app3.prismacloud.io/.

  • On the Runtime Security > Manage > System > Utilities, find the region in the URL for Path to Console. Use that region to identify the destination IP address, which you must allow or add as trusted to access the Prisma Cloud Compute console. For example, if the URL is https://us-west1.cloud.twistlock.com/us-xxxxxx, us-west1 indicates your Compute console region.

Use the table  to review the IP addresses to allow: Egress-From Defenders to Console; Ingress-From Console in to your environment.

Follow the documentation for integration.

1. How to configure these ip

2. Where can i find ip in my prisma cloud Console...

@B.Suriya 1.To add these IP addresses to an allow list, you may need to work with your network security team. The configuration for where you set up the allow list is dependent on your network architecture and it could be your firewall, proxy, or the server itself. If your instances are on Cloud service providers. please add those IPs to your firewall.

Detailed documentation is here https://docs.prismacloud.io/en/enterprise-edition/content-collections/get-started/console-prerequis...

2. Those IPs will not be in Prisma console. If your console is on App.prismacloud.io. Please add those IPs to your firewall.

SNimmagadda_0-1729625704446.png

 

 

1. It in allow all condition,
2. Stuck with the point point 2 allow list, where add those IPs..

@B.Suriya

Allow list is dependent on your network architecture and it could be your firewall, proxy, or the server itself. If your instances are on Cloud service providers. please add those IPs to your firewall. As Mentioned, Please discuss with your network team to add those IPs to your CSPs or On-premises depends on your environment.

 

L2 Linker

My Jenkins server are allow all IPs, no proxy, no any additional configuration.

Problem: Integration is in pending state
Followed a prisma cloud documentation for integration, stuck in allow list
Add the prisma cloud ip address and hostname for application security to an allow list to enable the access to prisma cloud console.
Where to find allow list settings

 

Doubt 

Need to do any configuration in network Tunnel 

  • 705 Views
  • 12 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!