Prisma Cloud Compute: Users with Read Only group permissions are not able to view clusters in the Radar

Prisma Cloud Compute: Users with Read Only group permissions are not able to view clusters in the Radar

5522
Created On 04/29/22 19:00 PM - Last Modified 07/01/25 21:30 PM


Symptom


  • Users with the role Account Group Read Only can't view clusters in Runtime Security>Radars>Containers or are missing some clusters 
  • Users with read only roles are unable to view Audit and/or incident data
  • Users with read only roles are unable to view vulnerability and/or compliance reports
Unable to view clusters
 
 

Environment


  • Prisma Cloud Compute (SaaS)
  • User Roles

Cause


  • The clusters are not viewable because the Cloud account they are hosted in is not onboarded into Prisma Cloud and so the Cloud account is not included in the cloud account group associated with the Account Group Read Only role.
  • Another possible cause is the cluster is hosted on premises or hosted by a provider other than AWS, GCP, or Azure. 
 

Resolution


  1. Navigate to Settings>Account Groups>Select Account group or Add Account Group> Modify the Non-Onboarded Account IDs section with the desired IDs or enter a wildcard (*) to include all > Save Screenshot 2024-04-03 at 1.29.42 PM.png
  2. ​​​​​​Click on Access Control>Roles>Add the newly created or modified account group to the desired role with permissions for Account Group Read OnlyScreenshot 2024-04-03 at 1.38.25 PM.png
  3. For users who also need access to On-Prem clusters or clusters hosted by Cloud providers other than AWS, GCP, and Azure please also check the box labeled On Prem/Other cloud providers.
 
 

Additional Information
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000004ORZCA2&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language