Prisma AIRS
Onboard Enterprise AI Agents
Table of Contents
Onboard Enterprise AI Agents
Learn how to onboard AI agents for use with Agent Discovery.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
After configuring the prerequisites for AI Agent Discovery, you’ll need to
onboard a cloud account, a process that includes:
- Onboarding a cloud account.
- Ensure that the proper permissions for agent discovery are obtained during the onboarding process.
Onboard an Azure Cloud Account in Strata Cloud Manager
This section describes how to onboard an Azure cloud account in Strata Cloud
Manager. It includes information you'll use to create and download an onboarding
Terraform template. When you apply this template in your cloud environment, it
generates a service account with sufficient permissions. These permissions
enable discovery within your cloud environment, granting access to network flow
logs, asset inventory details, and other essential cloud resources.
See the page Onboard Azure Cloud Account in Strata Cloud
Manager for instructions on setting up a new cloud account for AI
Agent Discovery.
When you onboard an Azure cloud account, consider the following:
- For new accounts, you'll need to onboard a cloud account if one is not present in the tenant.
- For existing accounts in an enabled state, you need to re-apply the
Terraform to provide AI Agent Discovery access for existing onboarded
accounts. This process updates the inline discovery permissions. To re-apply
the onboarding Terraform, refer to Step 10 (Download
Terraform) in Onboard Azure Cloud Account in Strata
Cloud Manager:
![]()
- For existing accounts in a disabled state (that is, cloud accounts that are disabled), attempts to re-enable the account results in failed validation. To resolve this issue, download the onboarding Terraform before enabling the account again.
Onboard an AWS Cloud Account in Strata Cloud Manager
This section describes how to onboard an AWS cloud account in Strata Cloud
Manager. It includes information you'll use to create and download an
onboarding Terraform template. When you apply this template in your cloud
environment, it generates a service account with sufficient permissions.
These permissions enable discovery within your cloud environment, granting
access to network flow logs, asset inventory details, and other essential
cloud resources.
See the page Onboard AWS Cloud Account in Strata Cloud
Manager for instructions on setting up a new cloud account for AI
Agent Discovery.
When you onboard an AWS cloud account, consider the following:
- For new accounts, you'll need to onboard a cloud account if one is not present in the tenant.
- For existing accounts in an enabled state, you need to re-apply
the Terraform to provide AI Agent Discovery access for existing
onboarded accounts. This process updates the inline discovery
permissions. To re-apply the onboarding Terraform, refer to
Step 10 (Download Terraform) in Onboard AWS Cloud Account in Strata
Cloud Manager:
![]()
- For existing accounts in a disabled state (that is, cloud accounts that are disabled), attempts to re-enable the account results in failed validation. To resolve this issue, download the onboarding Terraform before enabling the account again.