Prisma Cloud Compute: Agentless Scanning Not In Sync for Accounts Within Organization
610
Created On 12/12/23 18:16 PM - Last Modified 08/06/25 17:27 PM
Symptom
Agentless scanning is enabled for the Organization:
One or more member accounts reflect Agentless scan as off in Runtime Security (Manage > Cloud Accounts):
Environment
- Prisma Cloud Compute SaaS version
- Cloud Accounts
- Agentless Scanning
Cause
The account(s) may have previously been onboarded as a stand-alone account in CSPM. When onboarding an organization, users must remove the previous Cloud Account(s) before onboarding.
Resolution
Disable and re-enable Agentless Workload Scanning for the Organization. Make sure to select "Save and Close" on the Review Status page each time.
Additional Information
Another option is enabling the agentless scanning for the account(s) via API:
1. Generate token:
curl -X POST \
https://<api>.prismacloud.io/login \
-H 'Content-Type: application/json' \
-d '{"username":"<access_key>,"password":"<secret_key>"}'
2. Enable or Disable Agentless scanning for specific account(s) within an organization:
curl --location --request PUT 'https://<api>.prismacloud.io/cas/api/v1/org/<org_account_id>/features' \
--header 'x-redlock-auth: <token_generated_from_above>' \
--header 'Content-Type: application/json' \
--data '{
"memberIds": ["<member_account>"],
"features":
[
{
"name": "Agentless Scanning",
"state": "<disabled_or_enabled>"
}
]
}'
We should see a response like the below and Agentless should be enabled for the account(s) under Runtime Security > Manage > Cloud Accounts:
{"code":200,"message":"Successfully updated cloud account features for the given member accounts"}