Add AWS Code Build to Prisma Cloud Code Security

Integrate Prisma Cloud Code Security with AWS Code Build to scan your Infrastructure-as-Code (IaC) files, view incidents on the console, and configure whether or not a build fails based on the severity of the violation. As a prerequisite you are required to add the Prisma Cloud IP addresses and hostname for Code Security to an allow list, to enable access to the Prisma Cloud Console.
  1. Select
    Settings > Repositories > Add Repository > AWS Code Build
  2. Enter the command in to the CLI, then select
    Copy and the paste the command that displays on-screen.
  3. Set up the
    configuration, then select
    Use the on-screen sample as a reference to configure the buildspec file for AWS CodeBuild. A buildspec is a collection of build commands and related settings, in YAML format, that CodeBuild uses to run a build. Save this file in the root (top level) directory.
    You can see the AWS CodeBuild repositories configured with the buildspec file on
    Settings > Repositories
    Code Repositories
    . On your next AWS CodeBuild scan, the scan results will include the newly configured repositories. You can view the scan results on
    Code Security > Projects

Recommended For You