Use the Prisma Cloud Extension for Visual Studio Code
With the Prisma Cloud Enterprise edition license, you can install the Prisma Cloud extension for Visual Studio (VS) Code to detect issues in your Infrastructure-as-Code (IaC) templates and deployment files against Prisma Cloud security policies early in the software development process, directly within your VS Code editor. The following steps show how simple it is to install and check your templates and files for potential security misconfigurations.
Install Prisma Cloud Extension for Visual Studio Code
The Prisma Cloud extension supports VS Code version 1.36.0 and later.
- In VS Code, navigate toExtensions.
- EnterPrisma Cloudin search.
- Installthe extension.
Configure the Prisma Cloud Extension for VS Code
Before you can use the Prisma Cloud extension for VS Code, you’ll need to configure the extension to include your API access key, secret key, and Prisma Cloud API URL. If your access keys change, you must update the details in the extension settings.
- In VS Code, navigate to.SettingsExtensionsPrisma Cloud
- Enter the following information for the Prisma Cloud extension:
- Prisma Cloud API URL.The URL for Prisma Cloud varies depending on the region and cluster on which your tenant is deployed. The tenant provisioned for you is, for example, https://app2.prismacloud.io or https://app.eu.prismacloud.io. Replaceappin the URL withapiand enter it here. Refer to the Prisma Cloud REST API Reference, which is accessible from the Help Center within the Prisma Cloud web interface for more details.
- Access Key.The access key enables programmatic access. If you do not have a key, you must Create and Manage Access Keys.
- Secret Key.You should have saved this key when you generated it. You cannot view it on the Prisma Cloud web interface.
Scan Using the Prisma Cloud VS Code Extension
Now, you are ready to scan your templates and view the results within the VS Code editor.
- Scan files.Right-click on your template file in the VS Code Explorer and selectPrisma Scanto check your template against Prisma Cloud IaC policies.
- View the scan results.Select thePrisma Cloudicon on the Activity Bar.The results of the check will appear in thePrisma Cloud Resultwindow. If the extension discovers any policy violations, thePrisma Cloud Resultwindow sorts the results by severity and displays the following details for each violation including the name of file scanned and timestamp of the scan:
- Name of the violated policy
- Severity of the violation