Add GitHub to Prisma Cloud Application Security
Table of Contents
Add GitHub to Prisma Cloud Application Security
Integrating GitHub allows Prisma Cloud to:
- Include your Infrastructure-as-Code files in daily scans.
- Scan changed resources in Infrastructure-as-Code files for every new build generated, (before the branch is merged into the main branch) and provide an actionable view of the results via GitHub checks.
- Open Pull Requests to Fix build-time issues detected in your branch.
As a prerequisite you are required to add the Prisma Cloud IP addresses and hostname for Application Security to an allow list, to enable access to the Prisma Cloud Console.
Best Practice
: The Prisma User responsible for integrating GitHub should also possess GitHub User credentials with Admin permissions on the relevant GitHub Organization.- Access GitHub on Prisma Cloud Application Security.
- SelectSettings > Repositories > Add Repository
- SelectGitHub
- Add your GitHub repository to Application Security.
- Configure your GitHub account on Prisma Cloud Application Security and then selectNext.
- Review the permissions and authorize Prisma Cloud to access your GitHub organization.
- Select the repositories to scan and then selectNext.
- ANew account successfully configuredmessage appears after you have successfully set up the configurations and then selectDone.
Your configured GitHub repositories will appear on theRepositoriespage. On your next GitHub scan, the scan results will include the new configured repositories. AccessApplication Security > Projectsto view the scanned results. See Suppress or Fix to resolve remediation.