Add CircleCI to Prisma Cloud Code Security

Integrate Prisma Cloud Code Security with CircleCI to scan your infrastructure-as-Code(IaC) files (Terraform and CloudFormation), view incidents on the console, and configure whether or not a build fails based on the severity of the violation. As a prerequisite you are required to add the Prisma Cloud IP addresses and hostname for Code Security to an allow list, to enable access to the Prisma Cloud Console.
  1. Select
    Settings > Repositories > Add repository > CircleCI
    .
  2. Enter a
    Name
    and
    Value
    to CircleCI Environment Variable, then select
    Next
    .
    Prisma Cloud requires Prisma access key and secret key for integration with CircleCI. The values are auto-populated, you can choose to generate a new access key and secret key for this integration and for further details refer too Generate Access Key.
  3. Configure subscription by updating
    .circleci/config.yaml
    using the example provided, and then select
    Done
    .
    The configured CircleCI repositories display on the
    Repositories
    page. On your next CircleCI scan, the scan results will include the new configured repositories, and you can view the scan results on the
    Code Security
    page.

Recommended For You