06-06-2024 12:30 AM
Hi Folks,
I am trying to onboard AWS org to Prisma cloud..
When uploading CFT template in the AWS CloudFormation portal under StackSets, I am getting an error (attached a file).
I have executed the above steps within mgmt. account as a root user!
Do I need to upload the CFT template for org-level under StackSets or Stacks?
what could be the reason for that error?
what are the required permissions for uploading and creating the stack in AWS Console?
Will the stack gets deployed in all the member account? If yes, how will those policies/ data report back to Prisma cloud?
Thanks in advance! cheers 🙂
06-28-2024 07:52 AM
Have you managed to onboard your AWS Org successfully?
Once the org is onboarded, all member accounts already onboarded in Prisma Cloud will be moved under the org. Any other accounts in the Org will automatically be onboarded.
Prisma Cloud will have the data about all onboarded accounts, which would include the AWS Org and all the Org sub-accounts, as well as the OU hierarchy which can be used in custom RQLs to write policies that depend on accounts in a specific parent OU.
For policies to generate alerts, you will need to add the appropriate cloud accounts in the ORG to the respective appropriate cloud account group and add the cloud account group to an alert rule.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
