Prisma™ Cloud Known Issues

Review the list of known issues and deprecation notice on Prisma Cloud.
The following table lists the known issues on Prisma Cloud:
Issue ID
Description
April 21, 2020—Deprecation Notice
The ability to view all the alert rules associated with alerts aggregated by policy name on
Alerts
Overview
using
View Alert Rules
will be deprecated in an upcoming release. The ability to view the alert rules for each alert will continue to be available.
May 19, 2020—Jira Cloud API deprecation
RLP-19056
Jira Cloud has deprecated some APIs to improve user privacy, and this causes an error if your notification template on Prisma Cloud uses fields that invoke these deprecated APIs. When the error occurs, Prisma Cloud is unable to send alert notifications to Jira.
Resolution
: To fix this issue, you must add a new notification template on Prisma Cloud and attach the new template to your alert rule.
April 21, 2020—Fix that causes a change in existing behavior.
RLP—15517
When you add a cloud account using the API, it is in a disabled state by default. To enable the cloud account you must set the
enabled
parameter in the API to
true
.
Dashboard widgets don't load for a large data set where the time window is also large.
The
aws-ecs-describe-task-definition
and
aws-emr-describe-cluster
APIs now run once every 24 hours to generate alerts. If you have cloud accounts with a significant amount of ECS/EMR resources, the resource status is updated once a day.
RLP—20459
Fixed in the May 19, 2020 release
On
Alerts
Overview
if your permissions restrict your ability to dismiss alerts, an internal error message displays when you access the page.
With this fix, the error message no longer displays.
RLP—20314
Fixed in the May 19, 2020 release
Azure cloud accounts are not getting ingested completely as REST API calls fail ingestion.
This fix ensures that azure cloud accounts do not fail because of a client connection pool shutdown error.
RLP-20009
Fixed in the May 5, 2020 release
A system administrator can update/enable
Allow Compute Access Only
for his own role even when he is the only system administrator on Prisma Cloud. This locks the administrator out from accessing the full features and capabilities available on Prisma Cloud.
With this fix, there is a check to ensure that at least one system administrator on Prisma Cloud has access to all the available features and capabilities.
RLP-19918
On the
Policies
page, the
Policy Subtype
filter does not work as expected, and the results for the build and run policies are not filtered properly.
RLP—19763
Fixed in the May 19, 2020 release
Renamed the column header in the network metadata widget from
Accepted
to
Host has Responded
.
RLP—19467
If you create a custom policy where the Config RQL query uses the attribute
json.rule = "" as x
such as
config where api.name = 'aws-ec2-describe-vpcs' AND json.rule = shared is false as X;
, the alerts generated against this policy do not match the results when you enter the same query on the
Investigate
page.
Workaround
—Use filters in RQL when creating a custom policy. For example, if you have
config where api.name = 'aws-ec2-describe-vpcs' AND json.rule = shared is false as X; config where api.name = 'aws-ec2-describe-flow-logs' as Y; filter '($.X.vpcId equals $.Y.resourceId)'; show X
you must replace it with
config where api.name = 'aws-ec2-describe-vpcs' as X; config where api.name = 'aws-ec2-describe-flow-logs' as Y; filter '($.X.vpcId equals $.Y.resourceId) and ($.X.shared equals false)'; show X
RLP-19368
Fixed in the May 5, 2020 release
The list of CLI Variables that are displayed as available for creating or cloning a policy is incorrect.
With this fix, the list displays only the variables that are available for use.
RLP—19312
Fixed in the May 5, 2020 release
When a policy is associated with a custom compliance, the customAssigned flag in the response from /policy API is not correct.
With this fix, the customAssigned flag for /policy API is correct.
RLP—19296
Fixed in the May 5, 2020 release
On app.prismacloud.io, if you add a GCP Organization and then disable it on the administrator console, when you enable it again the exception
Organization viewer permission required
displays.
RLP-19094
Fixed in the May 19, 2020 release
When you add the same display name as the name of the ServiceNow field name, the Prisma Cloud administrative console did not display the field name.
With this fix, if the display names and fieldname are identical, it is displayed in the format displayname (fieldname).
RLP-18984
Fixed in the May 5, 2020 release
A security issue related to password reset functionality in Prisma cloud has been addressed in this release
RLP—18902
Fixed in the May 5, 2020 release
Weekly notification alert emails are not generated consistently.
With this fix, the exceptions are addressed to ensure that scheduled weekly alerts emails are generated.
RLP—18873
Fixed in the May 5, 2020 release
Addressed a security issue related to cloud account access keys.
RLP—18746
Fixed in the May 19, 2020 release
When onboarding or modifying a Cloud Account, filtering cloud accounts in the Account Groups section does not work properly.
With this fix, the filtering works to include or exclude all child nodes.
RLP—18699
Fixed in the May 19, 2020 release
The
aws-ec2-describe-images
API reports duplicates for shared AMIs.
With this fix, a shared AMI is reported only once and it adds a new metadata attribute
“share"”: true/false
to indicate whether the AMI is shared from other AWS account and is not a public AMI.
RLP—18411
Fixed in the May 5, 2020 release
When you snooze an alert triggered against configuration policies on Prisma Cloud, the issue remains open after the snooze period even if the underlying issue is addressed on the cloud resource.
With this fix, when the snooze period expires for an alert, the resource will be rescanned to determine if the underlying issue that triggered the alert is addressed. It the issue is addressed, the alert is resolved.
RLP—17845
Fixed in the May 19, 2020 release
The Network policy
Internet exposed instances
generates false positive alerts because it includes Azure NAT/ELB and GCP NAT/ELB workloads that are internet-facing workloads, by design.
With this fix, the policy is modified for AWS only and is renamed as
AWS Internet exposed instances
. The policy now identifies AWS workloads that are exposed to the internet and are a potential misconfiguration, and it excludes AWS workloads that are designed to be internet- facing workloads such as load balancers, web servers, and bastion hosts.
RLP—17774
Fixed in the May 5, 2020 release
The
Enabled
column header is renamed as
Ingestion Enabled
on
Settings
Cloud Accounts
.
RLP—16929
The 24 New Policies that were added with the February 26, 2020 release have been disabled because of false positives and are being investigated.
RLP—16734
Fixed in the May 19, 2020 release
After you remove an account from an alert rule, alerts remain in an open state for the account.
With the fix, when you remove an account from an alert rule, Prisma Cloud stops generating alerts for the account your removed.
RLP—15800
The edit workflow for updating a cloud account that you have onboarded to Prisma Cloud (
Settings
Cloud Accounts
), does not work as expected.
RLP—14469
When you enable Dataflow compression for a cloud account, the subnetwork creation status may display a failure message on the onboarding status page. This error displays because the time threshold to create the subnetwork and report completion exceeds the response time threshold on Prisma Cloud.
Workaround
—Click to the previous page and click next to load the status page again.
RLP—13709
Fixed in the May 19, 2020 release
After 24 hours, deleted cloud account resources are still visible on
Investigate
page.With this fix, deleted cloud account resources do not display on the
Investigate
page after 24 hours.
RLP—13485
If you have the maximum number of VPCs (5) already created in the project and then you enable flowlog compression, the onboarding fails because Prisma Cloud is unable to add the network needed to enable Dataflow compression. When this happens the remediation steps in the message that displays is incorrect.
RLP—10950
Fixed in the May 5, 2020 release
Flow log status message is updated to include the reason when it reports a warning, and you need to check the status on the AWS console.
RLP—9723
The integration status check for Jira displays as yellow instead of red even if the integration is misconfigured.

Recommended For You