Configure VM image scanning

Prisma Cloud supports scanning VM images on AWS, Azure and GCP.
On AWS, Prisma Cloud can scan Linux Amazon Machine Images (AMIs). On Azure, Prisma Cloud supports Managed, Gallery and Marketplace images. On GCP, Prisma Cloud supports Public and Custom images (including Premium images).


The following AMIs aren’t supported:
  • Images that don’t use cloud-init for bootstrapping, such as Red Hat Enterprise Linux CoreOS (CoreOS for OpenShift). RHCOS uses Ignition.
  • Images that use paravirtualization.
  • Images that only support old TLS protocols (less than TLS 1.1) for utilities such as curl. For example, Ubuntu 12.10.


  • The service account Prisma Cloud uses to scan AMIs must have at least the following policy:
    { "Version": "2012-10-17", "Statement": [ { "Sid": "PrismaCloudComputeAMIScanning", "Effect": "Allow", "Action": [ "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateSecurityGroup", "ec2:CreateTags", "ec2:DeleteSecurityGroup", "ec2:DescribeImages", "ec2:DescribeInstances", "ec2:DescribeSecurityGroups", "ec2:RevokeSecurityGroupEgress", "ec2:RunInstances", "ec2:TerminateInstances" ], "Resource": "*" } ] }
    Prisma Cloud requires the permissions listed above for VM image scanning. To restrict permissions for creating and deleting resources, you can use conditional clauses in AWS IAM policy for the security groups and instances that have the prefix "twistlock-scan".
  • Access from the VPC to the Prisma Cloud Compute Console.
    For the VMs to send scan results back to the Console, the default port used for communication is 8084. If you use a different port for enabling Defender to Console communication, make sure that the port is allowed access. Note that this port is used for communication although Defenders are not used for VM image scanning.


Prisma Cloud supports the following image types:
  • Marketplace images (publicly available images)
  • Managed (custom) images
  • Shared image galleries
  • Encrypted images
Prisma Cloud doesn’t support the following image types:
  • Azure paid images


  • The service account Prisma Cloud uses to scan Azure images must have at least the following policy:
    Microsoft.Compute/locations/publishers/artifacttypes/offers/skus/versions/read Microsoft.Compute/images/read Microsoft.Compute/galleries/read Microsoft.Compute/galleries/images/read Microsoft.Compute/galleries/images/versions/read Microsoft.Resources/subscriptions/resourceGroups/read Microsoft.Resources/subscriptions/resourceGroups/write Microsoft.Resources/subscriptions/resourceGroups/delete Microsoft.Network/networkSecurityGroups/read Microsoft.Network/networkSecurityGroups/write Microsoft.Network/networkSecurityGroups/join/action Microsoft.Network/networkSecurityGroups/delete Microsoft.Network/networkInterfaces/read Microsoft.Network/networkInterfaces/write Microsoft.Network/networkInterfaces/join/action Microsoft.Network/networkInterfaces/delete Microsoft.Compute/disks/write Microsoft.Compute/disks/delete Microsoft.Network/virtualNetworks/subnets/read Microsoft.Network/virtualNetworks/subnets/join/action Microsoft.Compute/virtualMachines/read Microsoft.Compute/virtualMachines/write Microsoft.Compute/virtualMachines/start/action Microsoft.Compute/virtualMachines/delete Microsoft.KeyVault/vaults/keys/read Microsoft.KeyVault/vaults/keys/wrap/action Microsoft.KeyVault/vaults/keys/unwrap/action
Use Azure’s Key Vault Crypto Service Encryption User built-in role to scan encrypted images.


Prisma Cloud supports the following image types:
  • Public images (including Premium images)
  • Custom images
  • Encrypted images


You can only scan encrypted images that use a customer-managed encryption key (CMEK). Customer-supplied encryption keys (CSEK) are not supported.
  • The service account Prisma Cloud uses to scan GCP VM images must have at least the following policy:
    compute.disks.create compute.images.get compute.images.list compute.images.useReadOnly compute.instances.create compute.instances.delete compute.instances.get compute.instances.list compute.instances.setMetadata compute.instances.setTags compute.networks.get compute.networks.updatePolicy compute.networks.use compute.networks.useExternalIp compute.subnetworks.use compute.subnetworks.useExternalIp
  • Verify that the Compute Engine Service Agent service account in the target image project has the Cloud KMS CryptoKey Decrypter role or equivalent.
    This built-in service account ends with The service agent has these permissions by default since it used these permissions to encrypt the images.


VM image scanning is handled by the Console and it does not require Defenders. The Prisma Cloud Console scans a VM image by creating a VM instance which is running the VM image to be scanned. When you configure Prisma Cloud to scan VM images, you can define the number of scanners to use. Defining more than one scanner means that the Console will create a number of VM instances to scan multiple VM images simultaneously. For scanning large numbers of VM images, increase the number of scanners to improve throughput and reduce scan time.
If you remove a VM image, or it becomes unavailable, Prisma Cloud maintains the scan results for 30 days. After 30 days, the scan results are purged.

VM images scan settings

  1. Open Console.
  2. Go to
    Defend > Vulnerabilities/Compliance > Hosts > VM Images
  3. Click
    Add Scope
    Each scope has the following parameters.
    Specify the cloud provider. The current supported providers are AWS, Azure and GCP.
    Specify the credential required to access the VM images. If the credential has already been created in the Prisma Cloud credential store, select it. If not, click
    Add New
    Project ID (only GCP)
    If unspecified, the project ID where the service account was created is used.
    Image type (only Azure)
    Specify the relevant image type. Prisma Cloud supports three image types: Managed, Gallery and Marketplace.
    Specify the the VM images to scan. To scan all images, use the
    When the image field in the reference collection contains a string and a wildcard (e.g. Amazo*), only private AMIs are scanned. When using explicit image names, AWS Marketplace and community AMIs are scanned as well.
    Only the AMI names are permitted in the image field of the collection. AMI IDs are not supported.
    Use the label field in the referenced collection to restrain the scan by AWS tag. Use the key-value pattern 'key:value'.
    All supported resource fileds support pattern matching.
    Excluded VM images
    Specify VM images to exclude from the scan. This field supports pattern matching.
    Specify the region to scan.
    Console address
    Specify the Console URL for the scanner VM instance to use.
    API communication port
    If your Console listens on a port other