Add Bitbucket Server to Prisma Cloud Code Security
Integrating Prisma Cloud with Bitbucket Server makes it possible for Prisma Cloud Code Security to scan your Infrastructure-as-code files like Terraform and CloudFormation and monitor configuration issues in development.
Bitbucket Server is combination of Git server and a web interface built with Apache Maven. The usage of Bitbucket Server is similar to Git however, you can use the Bitbucket Server web application to control the read-and-write permissions to your code on Git.
To ensure network reachability between your Bitbucket Server environment and Prisma Cloud Code Security as a prerequisite you must add the Prisma Cloud IP addresses and hostname for Code Security to an allow list, to enable access to the Prisma Cloud Console.
The hostname or IP address you provide must also be resolvable on the public DNS.
The Bitbucket Server integration on Prisma Cloud supports Bitbucket Data Center and Server version 6.7 and above.
- Access Bitbucket Server on Prisma Cloud Code Security.
- SelectSettings > Repositories > Add Repositories.
- SelectBitbucket Server.
- AddBase URLto integrate Bitbucket Server with Prisma Cloud and then selectNext.
Ensure theBase URLincludesHTTPS:// - Create a Personal Access Token on Bitbucket Server.
- Access Bitbucket Server web interface and selectProfile > Manage account > Personal access tokens.
- SelectCreate Token.
- AddToken name.
- AddPermissions.By default, the access token’s permissions are set similar to your current level of access. You need to define two levels of permissions -Project permissionsandRepository permission. Repository permission inherits the Project permissions; thus, Repository permission should be as high as the Project permission. For example, if you have a Project write permission, you should also have a Repository write permission. You can always modify or revoke token permissions. If you need to know more about the Project and Repository permissions, see here.Required Permissions:
- For Projects - Read
- For Repositories - Admin
- AddExpiry.For additional security set the token to automatically expire. Once a token has been created, it’s expiry date cannot be changed. You can see the expiry dates for all your tokens onProfile picture > Manage account > Personal access tokens.
- SelectCreate.
- Access Prisma Cloud console to add the newBitbucket Access Tokenand then selectRegister.
- Select repositories to scan and selectNext.You can choose the repositories Prisma Cloud should scan.
- Permit all existing repositories.This permits all current repositories in your project for a scan.
- Permit all existing and future repositories.This permits all current repositories and future repositories within the same project for a scan.
- Choose from the repository list.This permits you to select specific repositories from the project for a scan.
- Verify Bitbucket Server integration with Prisma Cloud.
- Access the Prisma Cloud console and then selectDone.
You can view the integrated Bitbucket Server repositories onSettings > Repositories.The scan results will include the new integrated repositories on your next Bitbucket Server scan. AccessCode Securityto view the scanned results.
