Add Checkov to Prisma Cloud Code Security

Integrating Prisma Cloud with Checkov makes it possible for Prisma Cloud Code Security to scan your infrastructure as code files (Terraform and CloudFormation), display Incidents on the Console and, optionally, cause a build to fail. For more details, see Checkov As a prerequisite, you must add the Prisma Cloud IP addresses and hostname for Code Security to an allow list, to enable access to the Prisma Cloud Console.
  1. Select
    Settings > Repositories > Add repository > Checkov
    .
  2. Install Checkov by choosing Python (pip) or Python3 (pip3) and copy the corresponding command to your command line, then select
    Next
    .
  3. Enter details of
    Directory
    , and
    Repository ID
    to scan, and select
    Next
    .
    You can optionally choose to add the Branch details. If a target branch is not specified, the Code Security scans the master branch.
    You can use the wizard to generate a command to run in your CLI tool for Checkov’s most common use-case.
  4. Copy the provided command to your command line and trigger Checkov, then select
    Done
    .
    Your configured Checkov repositories will appear on the
    Repositories
    page. On your next Checkov scan, the scan results will include the new configured repositories. Access
    Code Security
    to view the scanned results.

Recommended For You