Prisma Cloud container images
Prisma Cloud images are built from the RedHat Universal Base Image 8 Minimal (UBI8-minimal) which is designed for applications that contain their own dependencies. With an active subscription or a valid license key, you can retrieve the images from a cloud registry. This option simplifies a lot of workflows, especially the install flow.
All builds, including private builds, are published to the registry. Private builds temporarily address specific customer issues. Unless you’ve been asked to use a private build by a Prisma Cloud representative during the course of a support case, you should only pull officially published builds.
You can optionally manage Prisma Cloud images in your own registry. You can push the Prisma Cloud images to your own private registry, and manage them from there as you see fit. The Console image is delivered as a .tar.gz file in the release tarball. The Defender image can be downloaded from Console, under
Manage > System > Utilities, or from the Prisma Cloud API.
There are two different methods for accessing images in the cloud registry:
- Basic authorization.
- URL authorization.
The length of time that images are available on the cloud registry complies with our standard n-1 support lifecycle.
Retrieving Prisma Cloud images using basic auth
Authenticate using docker login or podman login, then retrieve the Prisma Cloud images using docker pull or podman pull. For basic authorization, the registry is accessible at registry.twistlock.com.
Image names contain a version string. The version string must be formatted as X_Y_Z, where X is the major version, Y is the minor version, and Z is the patch number. For example, 19.07.363 should be formatted as 19_07_363. For example:
- You have your Prisma Cloud access token.
- Authenticate with the registry.$ docker (or podman) login registry.twistlock.com Username: Password:WhereUsernamecan be any string, andPasswordmust be your access token.Pull the Console image from the Prisma Cloud registry.$ docker (or podman) pull registry.twistlock.com/twistlock/console:console_<VERSION>Pull the Defender image from the Prisma Cloud registry.$ docker (or podman) pull registry.twistlock.com/twistlock/defender:defender_<VERSION>Retrieving Prisma Cloud images using URL auth