prisma cloud integrate with jenkins server

i have followed a offical documentation in the
step:1
      1. created a  service account 
      2.  what to do in the allow list ?
I have completed a step 3 
   

 Plugin setup are done in the Jenkins server, but still is in pending state.
is there is any additional network configuration need to do?

  

@B.Suriya  

1. Add the Prisma Cloud IP addresses and hostname for Application Security to an allow list to enable access to the Prisma Cloud Console. This is Part of Step1, number:2

2. In Jenkins.

   1. If your Jenkins server has limited outgoing connections, make sure to permit an outgoing connection from the Jenkins server to Prisma IP addresses - see step 1 above.

1. Add the Prisma Cloud IP addresses and hostname for Application Security to an allow list to enable access to the Prisma Cloud Console. This is Part of Step1, number:2
         where to do these changes i cannot able to find a allow list in the Prisma console, can you explain it in detail.

2. In Jenkins: its allow for all.

@B.Suriya If you are on app.prismacloud.io  stack. Please add the related IPs . Plugin is doing a POST request to api.prismacloud.io with metadata. Jenkins server should be able to resolve and reach api.prismacloud.io. The IPs should be generally allowed on the firewall if you are using Prisma Cloud Enterprise edition.

Note: if you are on app2 api would be api2.prismacloud.io. So, please change the url according to the stack(app,app2,app3,app4 and app5)

 able to find the IPs for particular region and done a allow rule in the  Jenkins server,
my doubt:
    1. Having a IPs for that region of app.prismacloud.io from document.
     2. Where to configure those  region IPs.

@B.Suriya 

To add these IP addresses to an allow list, you may need to work with your network security team. The configuration for where you set up the allow list is dependent on your network architecture and it could be your firewall, proxy, or the server itself.

• The Prisma Cloud URL indicates the region where your tenant is deployed. For example, your tenant is on app3 if your URL is https://app3.prismacloud.io/.

• On the Runtime Security > Manage > System > Utilities, find the region in the URL for Path to Console. Use that region to identify the destination IP address, which you must allow or add as trusted to access the Prisma Cloud Compute console. For example, if the URL is https://us-west1.cloud.twistlock.com/us-xxxxxx, us-west1 indicates your Compute console region.

Use the table  to review the IP addresses to allow: Egress-From Defenders to Console; Ingress-From Console in to your environment.

Follow the documentation for integration.

1. How to configure these ip

2. Where can i find ip in my prisma cloud Console...

@B.Suriya 1.To add these IP addresses to an allow list, you may need to work with your network security team. The configuration for where you set up the allow list is dependent on your network architecture and it could be your firewall, proxy, or the server itself. If your instances are on Cloud service providers. please add those IPs to your firewall.

Detailed documentation is here https://docs.prismacloud.io/en/enterprise-edition/content-collections/get-started/console-prerequis...

2. Those IPs will not be in Prisma console. If your console is on App.prismacloud.io. Please add those IPs to your firewall.

1. It in allow all condition,
2. Stuck with the point point 2 allow list, where add those IPs..

@B.Suriya

Allow list is dependent on your network architecture and it could be your firewall, proxy, or the server itself. If your instances are on Cloud service providers. please add those IPs to your firewall. As Mentioned, Please discuss with your network team to add those IPs to your CSPs or On-premises depends on your environment.