AWS Secrets Manager

You can integrate Prisma Cloud with AWS Secrets Manager. First, configure Prisma Cloud to access AWS Secrets Manager, then create rules to inject the relevant secrets into the relevant containers.
Prerequisites:
  • The service account Prisma Cloud uses to access the secrets store must have the following permissions:
    • secretsmanager:GetSecretValue
    • secretsmanager:ListSecrets
  • You have created a secret in AWS Secrets Manager. Automatic rotation must be disabled. Prisma Cloud supports the key-value secret type only. When storing a new secret, select
    Other type of secrets
    , then
    Secret key/value
    .
  1. Open Prisma Cloud Console.
  2. Integrate Prisma Cloud with the secrets store.
    1. Go to
      Manage > Authentication > Secrets
      , and click
      Add store
      .
    2. Enter a name for the store. This name is used when you create rules to inject secrets into specific containers.
    3. For
      Type
      , select
      AWS Secrets Manager
      , then fill out the rest of the form, including your credentials.
    4. Fill out the rest of the form, specifying how to connect to the Secrets Manager.
    5. Click
      Add
      .
      After clicking
      Add
      , Prisma Cloud tries connecting to your secrets manager. If successful, the dialog closes, and an entry is added to the table. Otherwise, connection errors are displayed directly in the configuration dialog.

Recommended For You