Add Bitbucket to Prisma Cloud Code Security

Integrating Prisma Cloud with Bitbucket makes it possible for Prisma Cloud Code Security to scan your Infrastructure-as-code files (Terraform and CloudFormation) and monitor configuration issues in development.
  • Setup access to specific Bitbucket repositories.
    As a best practice, enable access to all your Bitbucket repositories to ensure your Terraform and CloudFormation files can be scanned for adherence to security and compliance checks. If you want to enable access to the whole workspace. However, if you want to restrict access to only a set of specified repositories in your Bitbucket Workspace, complete the following setup on Bitbucket.
Choose a Bitbucket user.
  • The user can be an existing user or a new user you created for this purpose. For example, PrismaCloudCodeSecurity@mycompany.com.
  • In
    Bitbucket> Repository Settings
    give the user
    Write access
    to the relevant repositories. Bitbucket sends a confirmation email to the user. Access the email and confirm authorize access.
  • Log in to Bitbucket with the relevant user credentials before you add Bitbucket to Prisma Cloud. Prisma Cloud uses OAuth for authorizing access,you must log in to Bitbucket with the relevant user credentials to ensure that the authentication is successful.
As a prerequisite you are required to add the Prisma Cloud IP addresses and hostname for Code Security to an allow list, to enable access to the Prisma Cloud Console.
  1. Configure Bitbucket account on Prisma Cloud.
    1. Select
      Settings > Repositories > Add Repository> Bitbucket
      .
    2. Select
      Bitbucket Organization
      to configure your account.
      You will access Bitbucket login page.
    3. Enter you Bitbucket account details and then select
      Continue
      .
    4. Review the permissions and then select
      Grant access
      to confirm access of Prisma Cloud Code Security on
      Bitbucket
      .
    5. Select
      Next
      to select repositories for Bitbucket account.
  2. Select Bitbucket repositories for code security scan.
    1. Select repositories and then select
      Next
      .
  3. Validate the status of Bitbucket account integration.
    1. A
      New account successfully configured
      message appears when you have successfully set up the configurations and then select
      Done
      to complete integrating Bitbucket to Prisma Cloud Code Security.
      Your configured Bitbucket repositories will appear on the
      Repositories
      page. On your next Bitbucket scan, the scan results will include the new configured repositories. Access
      Code Security
      to view the scanned results.

Recommended For You