Enable access to the Prisma Cloud APIs for non-human
entities.
Service Accounts can be created for automation
use cases to enable a nonhuman entity to interact programmatically
with the Prisma Cloud APIs. Service accounts differ from user accounts
in that they do not need an email address associated with them and
do not need to be validated or activated in an external system before
they can be used.
Navigate to
Settings
Access Control
and select
Add
Service Account
.
You must have the System Administrator role on Prisma Cloud
to add a service account; a maximum of 250 service accounts are
supported.
Enter the Service Account details and click
Next
.
Think about the data you will enter carefully because the
information that’s associated with the service account cannot be
modified afterwards.
Service Account Name
—A descriptive name for
your service account. You can enter a maximum of 300 characters
in the
Service Account Name
field.
Role
—The role for your service account.
Create an Access Key.
Enter a descriptive name for your access
key. You can enter a maximum of 300 characters in the
Access
Key Name
field.
Enable Expiration
. Select a
date, adjust the time based on your requirements, and click
Apply
.
As a best practice, set an expiration date that meets your
compliance requirements and rotate your keys frequently.
Save & Create (1 of 2)
to
generate the key.
Download your Access Key.
Access keys are not stored on Prisma Cloud, so this will
be the only opportunity that you’ll have to download it. Click
Download
.csv file
to download your access key as a csv file
and store it in a secure location.
Done
.
View the service accounts.
To verify that the service accounts is created successfully,
select
Settings
Users
,
and enter the name of the service account in the search box.
You cannot
edit the
Name
or
Roles
for
a service account. To modify any of these values, you must delete
it and create a new one. Each service account can have a maximum
of two access keys; you must create one key when you add the service
account, and can add an additional key later.