1. Home
    2. Prisma
    3. Prisma Cloud
    4. Prisma Cloud Compute Edition Administrator’s Guide
    5. Install
    6. Prisma Cloud container images
    End-of-Life (EoL)

    Prisma Cloud container images

    Prisma Cloud images can be retrieved from a cloud registry, and are available to all current customers. This option simplifies a lot of workflows, especially the install flow.
    All builds, including private builds, are published to the registry. Private builds temporarily address specific customer issues. Unless you’ve been asked to use a private build by a Prisma Cloud representative during the course of a support case, you should only pull officially published builds.
    You can optionally manage Prisma Cloud images in your own registry. You can push the Prisma Cloud images to your own private registry, and manage them from there as you see fit. The Console image is delivered as a .tar.gz file in the release tarball. The Defender image can be downloaded from Console, under
    Manage > System > Utilities
    , or from the Prisma Cloud API.
    There are two different methods for accessing images in the cloud registry:
    • Basic authorization.
    • URL authorization.
    The length of time that images are available on the cloud registry complies with our standard n-1 support lifecycle.

    Retrieving Prisma Cloud images using basic auth

    Authenticate using docker login or podman login, then retrieve the Prisma Cloud images using docker pull or podman pull. For basic authorization, the registry is accessible at registry.twistlock.com.
    Image names contain a version string. The version string must be formatted as X_Y_Z, where X is the major version, Y is the minor version, and Z is the patch number. For example, 19.07.363 should be formatted as 19_07_363. For example:
    registry.twistlock.com/twistlock/defender:defender_19_07_363.
    Prerequisites:
    • You have your Prisma Cloud access token.
    1. Authenticate with the registry.
      $ docker (or podman) login registry.twistlock.com
Username:
Password:
      Where
      Username
       can be any string, and
      Password
       must be your access token.
    2. Pull the Console image from the Prisma Cloud registry.
      $ docker (or podman) pull registry.twistlock.com/twistlock/console:console_<VERSION>
    3. Pull the Defender image from the Prisma Cloud registry.
      $ docker (or podman) pull registry.twistlock.com/twistlock/defender:defender_<VERSION>

    Retrieving Prisma Cloud images using URL auth

    Retrieve Prisma Cloud images with a single command by embedding your access token into the registry URL. For URL authorization, the registry is accessible at registry-auth.twistlock.com.
    By embedding your access token into the registry URL, you only need to run docker pull or podman pull. The docker login or podman login command isn’t required.
    Image names contain a version string. The version string must be formatted as X_Y_Z, where X is the major version, Y is the minor version, and Z is the patch number. For example, 19.07.363 should be formatted as 19_07_363. For example:
    registry.twistlock.com/twistlock/defender:defender_19_07_363.
    Prerequisites:
    • You have a Prisma Cloud access token.
    • The Docker or Podman client requires that repository names be lowercase. Therefore, all characters in your access token must be lowercase. To convert your access token to lowercase characters, use the following command:
      $ echo <ACCESS-TOKEN> | tr '[:upper:]' '[:lower:]'
    1. Pull the Console image from the Prisma Cloud registry.
      $ docker (or podman) pull \
  registry-auth.twistlock.com/tw_<ACCESS-TOKEN>/twistlock/console:console_<VERION>
    2. Pull the Defender image from the Prisma Cloud registry.
      $ docker (or podman) pull \
  registry-auth.twistlock.com/tw_<ACCESS-TOKEN>/twistlock/defender:defender_<VERSION>