Add AWS Code Build to Prisma Cloud Code Security

Integrate Prisma Cloud Code Security with AWS Code Build to scan your Infrastructure-as-Code (IaC) files, view incidents on the console, and configure whether or not a build fails based on the severity of the violation. As a prerequisite you are required to add the Prisma Cloud IP addresses and hostname for Code Security to an allow list, to enable access to the Prisma Cloud Console.
  1. Select
    Settings > Repositories > Add Repository > AWS Code Build
    .
  2. Enter the command in to the CLI, then select
    Next
    .
    Copy and the paste the command that displays on-screen.
  3. Set up the
    buildspec.yaml
    configuration, then select
    Done
    .
    Use the on-screen sample as a reference to configure the buildspec file for AWS CodeBuild. A buildspec is a collection of build commands and related settings, in YAML format, that CodeBuild uses to run a build. Save this file in the root (top level) directory.
    The AWS CodeBuild repositories configured with the buildspec file display on the
    Repositories
    page. On your next AWS CodeBuild scan, the scan results will include the newly configured repositories. You can view the scan results on
    Code Security
    .

Recommended For You