AWS Systems Manager Parameters Store

You can integrate Prisma Cloud with AWS Systems Manager Parameters Store. First configure Prisma Cloud to access the Parameters Store, then create rules to inject the relevant secrets into the relevant containers.
Prerequisites:
  • The service account Prisma Cloud uses to access the Parameters Store must have the following permissions. These permissions are part of pre-existing policy named AmazonSSMReadOnlyAccess. For more information, see Configure User Access for Systems Manager.
    • ssm:Get*
    • ssm:List*
  • You have created a secret in your Parameters Store. Prisma Cloud supports all parameter types. Note, however, that StringList is injected "as-is". For example, if the value you specify for parameter of type StringList is twistlock,test,value, then the injected environment variable would look like this:
    ENV_VAR=twistlock,test,value
    Code copied to clipboard
    Unable to copy due to lack of browser support.
  1. Open Prisma Cloud Console.
  2. Integrate Prisma Cloud with the store.
    1. Go to
      Manage > Authentication > Secrets
      , and click
      Add store
      .
    2. Enter a name for the store. This name is used when you create rules to inject secrets into specific containers.
    3. For
      Type
      , select
      AWS Systems Manager Parameters Store
      .
    4. Fill out the rest of the form, specifying how to connect to the store.
    5. Click
      Add
      .
      After clicking
      Add
      , Prisma Cloud tries conecting to your store. If it is successful, the dialog closes, and an entry is added to the table. Otherwise, any connection errors are displayed directly in the configuration dialog.

Recommended For You