Prisma™ Cloud Known Issues
Review the list of known issues and deprecation notice on Prisma Cloud.
The following table lists the known issues on Prisma Cloud:
April 21, 2020—Deprecation Notice
The ability to view all the alert rules associated with alerts aggregated by policy name on
View Alert Ruleswill be deprecated in an upcoming release. The ability to view the alert rules for each alert will continue to be available.
May 19, 2020—Jira Cloud API deprecation
Jira Cloud has deprecated some APIs to improve user privacy, and this causes an error if your notification template on Prisma Cloud uses fields that invoke these deprecated APIs. When the error occurs, Prisma Cloud is unable to send alert notifications to Jira.
Resolution: To fix this issue, you must add a new notification template on Prisma Cloud and attach the new template to your alert rule.
April 21, 2020—Fix that causes a change in existing behavior.
When you add a cloud account using the API, it is in a disabled state by default. To enable the cloud account you must set the
enabledparameter in the API to
Dashboard widgets don't load for a large data set where the time window is also large.
aws-emr-describe-clusterAPIs now run once every 24 hours to generate alerts. If you have cloud accounts with a significant amount of ECS/EMR resources, the resource status is updated once a day.
Fixed in the May 19, 2020 releaseOn
if your permissions restrict your ability to dismiss alerts, an internal error message displays when you access the page.
With this fix, the error message no longer displays.
Fixed in the May 19, 2020 releaseAzure cloud accounts are not getting ingested completely as REST API calls fail ingestion.
This fix ensures that azure cloud accounts do not fail because of a client connection pool shutdown error.
Fixed in the May 5, 2020 releaseA system administrator can update/enable
Allow Compute Access Onlyfor his own role even when he is the only system administrator on Prisma Cloud. This locks the administrator out from accessing the full features and capabilities available on Prisma Cloud.
With this fix, there is a check to ensure that at least one system administrator on Prisma Cloud has access to all the available features and capabilities.
Policy Subtypefilter does not work as expected, and the results for the build and run policies are not filtered properly.
Fixed in the May 19, 2020 releaseRenamed the column header in the network metadata widget from
Host has Responded.
If you create a custom policy where the Config RQL query uses the attribute
json.rule = "" as xsuch as
config where api.name = 'aws-ec2-describe-vpcs' AND json.rule = shared is false as X;, the alerts generated against this policy do not match the results when you enter the same query on the
Workaround—Use filters in RQL when creating a custom policy. For example, if you have
config where api.name = 'aws-ec2-describe-vpcs' AND json.rule = shared is false as X; config where api.name = 'aws-ec2-describe-flow-logs' as Y; filter '($.X.vpcId equals $.Y.resourceId)'; show X
you must replace it with
config where api.name = 'aws-ec2-describe-vpcs' as X; config where api.name = 'aws-ec2-describe-flow-logs' as Y; filter '($.X.vpcId equals $.Y.resourceId) and ($.X.shared equals false)'; show X
Fixed in the May 5, 2020 releaseThe list of CLI Variables that are displayed as available for creating or cloning a policy is incorrect.
With this fix, the list displays only the variables that are available for use.
Fixed in the May 5, 2020 releaseWhen a policy is associated with a custom compliance, the customAssigned flag in the response from /policy API is not correct.
With this fix, the customAssigned flag for /policy API is correct.
Fixed in the May 5, 2020 releaseOn app.prismacloud.io, if you add a GCP Organization and then disable it on the administrator console, when you enable it again the exception
Organization viewer permission requireddisplays.
Fixed in the May 19, 2020 releaseWhen you add the same display name as the name of the ServiceNow field name, the Prisma Cloud administrative console did not display the field name.
With this fix, if the display names and fieldname are identical, it is displayed in the format displayname (fieldname).
Fixed in the May 5, 2020 releaseA security issue related to password reset functionality in Prisma cloud has been addressed in this release
Fixed in the May 5, 2020 releaseWeekly notification alert emails are not generated consistently.
With this fix, the exceptions are addressed to ensure that scheduled weekly alerts emails are generated.
Fixed in the May 5, 2020 releaseAddressed a security issue related to cloud account access keys.
Fixed in the May 19, 2020 releaseWhen onboarding or modifying a Cloud Account, filtering cloud accounts in the Account Groups section does not work properly.
With this fix, the filtering works to include or exclude all child nodes.
Fixed in the May 19, 2020 releaseThe
aws-ec2-describe-imagesAPI reports duplicates for shared AMIs.
With this fix, a shared AMI is reported only once and it adds a new metadata attribute
“share"”: true/falseto indicate whether the AMI is shared from other AWS account and is not a public AMI.
Fixed in the May 5, 2020 releaseWhen you snooze an alert triggered against configuration policies on Prisma Cloud, the issue remains open after the snooze period even if the underlying issue is addressed on the cloud resource.
With this fix, when the snooze period expires for an alert, the resource will be rescanned to determine if the underlying issue that triggered the alert is addressed. It the issue is addressed, the alert is resolved.
Fixed in the May 19, 2020 releaseThe Network policy
Internet exposed instancesgenerates false positive alerts because it includes Azure NAT/ELB and GCP NAT/ELB workloads that are internet-facing workloads, by design.
With this fix, the policy is modified for AWS only and is renamed as
AWS Internet exposed instances. The policy now identifies AWS workloads that are exposed to the internet and are a potential misconfiguration, and it excludes AWS workloads that are designed to be internet- facing workloads such as load balancers, web servers, and bastion hosts.
Fixed in the May 5, 2020 releaseThe
Enabledcolumn header is renamed as
Fixed in the May 19, 2020 releaseAfter you remove an account from an alert rule, alerts remain in an open state for the account.
With the fix, when you remove an account from an alert rule, Prisma Cloud stops generating alerts for the account your removed.
The edit workflow for updating a cloud account that you have onboarded to Prisma Cloud (
), does not work as expected.
When you enable Dataflow compression for a cloud account, the subnetwork creation status may display a failure message on the onboarding status page. This error displays because the time threshold to create the subnetwork and report completion exceeds the response time threshold on Prisma Cloud.
Workaround—Click to the previous page and click next to load the status page again.
Fixed in the May 19, 2020 releaseAfter 24 hours, deleted cloud account resources are still visible on
Investigatepage.With this fix, deleted cloud account resources do not display on the
Investigatepage after 24 hours.
If you have the maximum number of VPCs (5) already created in the project and then you enable flowlog compression, the onboarding fails because Prisma Cloud is unable to add the network needed to enable Dataflow compression. When this happens the remediation steps in the message that displays is incorrect.
Fixed in the May 5, 2020 releaseFlow log status message is updated to include the reason when it reports a warning, and you need to check the status on the AWS console.
The integration status check for Jira displays as yellow instead of red even if the integration is misconfigured.
Recommended For You
Recommended videos not found.