Welcome to Prisma Cloud Compute Edition version 21-04. The Prisma Cloud Compute Edition Administrator's Guide is for self-hosted deployment of your cloud workload protection platform (CWPP) for holistic protection for hosts, containers, and serverless infrastructure.
To understand the differences between the Prisma Cloud Compute Edition and Prisma Cloud Enterprise Edition, read this.
Prisma Cloud Compute Edition Administrator’s Guide
Version Self.Hosted 21.04 (EoL)
Last Updated:
Thu Jun 16 20:01:10 UTC 2022
Current Version:
Self.Hosted 21.04 (EoL)
- Version Prisma Cloud Enterprise Edition
- Version Self-Hosted 30.xx
- Version Self-Hosted 22.12
- Version Self-Hosted 22.06
- Version Self-Hosted 22.01
- Version Self-Hosted 21.08 (EoL)
- Version Self-Hosted 21.04 (EoL)
- Version Self-Hosted 20.12 (EoL)
- Version Self-Hosted 20.09 (EoL)
- Version Self-Hosted 20.04 (EoL)
- Version Self-Hosted 19.11 (EoL)
Table of Contents
-
- Getting started
- System requirements
- Prisma Cloud container images
- Onebox
- Kubernetes
- OpenShift
- OpenShift
- Console on Fargate
- VMware Tanzu Kubernetes Grid (TKG)
- Docker Swarm
- Amazon ECS
- Windows
- Defender types
-
- Install a single Container Defender
- Install Container Defender in a cluster
- App-Embedded Defender
- App-Embedded Defender for Fargate
- VMware Tanzu Application Service (TAS) Defender
- Serverless Defender
- Serverless Defender as a Lambda layer
- Auto-defend serverless functions
- Install a single Host Defender
- Auto-defend hosts
- Deploy Prisma Cloud Defender from the GCP Marketplace
- Decommission Defenders
-
- Rule ordering and pattern matching
- Backup and restore
- Custom feeds
- Configuring Prisma Cloud proxy settings
- Custom certs for Console access
- Configure scanning
- User certificate validity period
- Enable HTTP access to Console
- Set different paths for Defender and Console (with DaemonSets)
- Authenticate to Console with certificates
- Customize terminal output
- Collections
- Tags
- Logon settings
- Reconfigure Prisma Cloud
- Subject Alternative Names
- WildFire settings
-
- Logging into Prisma Cloud
- Integrate with Active Directory
- Integrate with OpenLDAP
- Integrate Prisma Cloud with Open ID Connect
- Integrate with Okta via SAML 2.0 federation
- Integrate Google G Suite via SAML 2.0 federation
- Integrate with Azure Active Directory via SAML 2.0 federation
- Integrate with PingFederate via SAML 2.0 federation
- Integrate with Windows Server 2016 & 2012r2 Active Directory Federation Services (ADFS) via SAML 2.0 federation
- Integrate Prisma Cloud with GitHub
- Integrate Prisma Cloud with OpenShift
- Non-default UPN suffixes
- Compute user roles
- Assign roles
- Use custom certificates for authorization
- Credentials store
-
- Malware scanning
- Vulnerability Explorer
- Vulnerability management rules
- Search CVEs
- Scan reports
- Customize image scanning
- Configure registry scans
-
- Scan images in Alibaba Cloud Container Registry
- Amazon EC2 Container Registry (ECR)
- Azure Container Registry (ACR)
- Docker Registry v2
- Google Container Registry (GCR)
- Harbor
- IBM Cloud Container Registry
- Scan images on Artifactory Docker Registry
- OpenShift integrated Docker registry
- Trigger registry scans with webhooks
- Base images
- Configure VM image scanning
- Configure code repository scanning
- Malware scanning
- Vulnerability risk tree
- Detect vulnerabilities in unpackaged software
- CVSS scoring
- Google Cloud Container Builder
- Windows container image scanning
- Serverless function scanning
- VMware Tanzu blobstore scanning
- Scan Fargate tasks
-
- Compliance Explorer
- Enforce compliance checks
- CIS Benchmarks
- Prisma Cloud Labs compliance checks
- Serverless functions compliance checks
- Windows compliance checks
- Docker Enterprise DISA STIG
- Custom compliance checks
- Trusted images
- Host scanning
- VM image scanning
- Fargate scanning
- Detect secrets
- Cloud discovery
- OSS license management
- API
-
- Configure an AWS Classic Load Balancer for ECS
- Configure the load balancer type for AWS EKS
- Deploy Defenders outside an OpenShift Cluster
- Configure Prisma Cloud Console’s listening ports
- Provision tenant projects in OpenShift
- Configure Prisma Cloud to use Istio Ingress Gateway
- Disable automatic learning
- Performing a rolling upgrade of Defenders
- Debug data
