This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Prisma Public Cloud (formerly RedLock) setting warning

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Prisma Public Cloud (formerly RedLock) setting warning

Go to solution
LeeJuWon
L1 Bithead

‎04-27-2019 08:07 AM - last edited on ‎09-02-2020 10:16 AM by

I am running Prisma Public Cloud with trial version.

I had configured Prisma Public Cloud and AWS.

I found status is orrange following as;

What is mean 3 warring messages and how could I fix it on AWS or Prisma Public Cloud.

Please help me....

 

RedLock _ Cloud Accounts 2019-04-28 00-02-41.png

0 Likes Likes
1 accepted solution

Accepted Solutions

Go to solution
lpingali
L3 Networker

‎05-30-2019 01:45 PM - last edited on ‎06-12-2019 05:43 PM by

The Prisma Public Cloud role in the AWS console (IAM services) needs these specific permissions added in the inline policy. Prisma Public Cloud checks for these permissions for access and data ingestion.

You can log into AWS console-->IAM-->Role-->RedLock Role-->Permissions-->Check the Inline Policy JSON file.

 

Add the permissions mentioned in the Config status message, such as 

ssm:DescribeParameters, etc.

Once done, the warning message will disappear.

View solution in original post

Preview file
237 KB
3 REPLIES 3

Go to solution
kchen
L4 Transporter

‎04-29-2019 02:27 PM - last edited on ‎06-12-2019 05:36 PM by

Did you use Prisma Public Cloud's CloudFormation template to create the Prisma Public Cloud role?  If so, then it looks like the CloudFormation may be out of date.  Please manually add those permissions to the Prisma Public Cloud role's inline policy.  I'll run some tests too

0 Likes Likes

Go to solution
kchen
L4 Transporter
In response to kchen

‎04-30-2019 09:53 AM - last edited on ‎06-12-2019 05:37 PM by

This appears to be a bug.  Prisma Public Cloud is not correctly checking against Describe* permissions that are given within the role.  So even though the specific permission is covered, Prisma Public Cloud is still inaccurately reporting it as missing.  Engineering is looking into this already.

0 Likes Likes

Go to solution
lpingali
L3 Networker

‎05-30-2019 01:45 PM - last edited on ‎06-12-2019 05:43 PM by

The Prisma Public Cloud role in the AWS console (IAM services) needs these specific permissions added in the inline policy. Prisma Public Cloud checks for these permissions for access and data ingestion.

You can log into AWS console-->IAM-->Role-->RedLock Role-->Permissions-->Check the Inline Policy JSON file.

 

Add the permissions mentioned in the Config status message, such as 

ssm:DescribeParameters, etc.

Once done, the warning message will disappear.

Preview file
237 KB
  • 1 accepted solution
  • 8263 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks