Kubernetes

Upgrade Prisma Cloud running in your Kubernetes cluster.
First upgrade Console. Console will then automatically upgrade all deployed Defenders for you.
If you’ve disabled Defender auto-upgrade or if Console fails to upgrade one or more Defenders, manually upgrade your Defenders.
You must manaully upgrade App-Embedded Defenders.

Upgrading Console

Since Prisma Cloud objects can be specified with configuration files, we recommend declarative object management for both install and upgrade.
You should have kept good notes when initially installing Prisma Cloud. The configuration options set in twistlock.cfg and the parameters passed to twistcli in the initial install are used to generate working configurations for the upgrade.
Prerequisites:
You know how you initially installed Prisma Cloud, including all options set in twistcli.cfg and parameters passed to twistcli.
  1. Download the latest recommended release to the host where you manage your cluster with kubectl.
  2. If you customized twistlock.cfg, port those changes forward to twistlock.cfg in the latest release. Otherwise, proceed to the next step.
  3. Generate new YAML configuration file for the latest version of Prisma Cloud. Pass the same options to twistcli as you did in the original install. The following example command generates a YAML configuration file for the default basic install.
    $ <PLATFORM>/twistcli console export kubernetes --service-type LoadBalancer
  4. Update the Prisma Cloud objects.
    $ kubectl apply -f twistlock_console.yaml
  5. Go to
    Manage > Defenders > Manage
    and validate that Console has upgraded your Defenders.

Recommended For You