[Prisma Cloud Compute] 即使防御者已成功连接,ECS Fargate 集群也不会显示在“监控”->“漏洞”->“已部署映像”下

[Prisma Cloud Compute] 即使防御者已成功连接,ECS Fargate 集群也不会显示在“监控”->“漏洞”->“已部署映像”下

3365
Created On 08/09/24 20:07 PM - Last Modified 05/21/25 08:11 AM


Symptom


-> 您已在 ECS Fargate 集群上安装了防御者。
-> 防守方在管理-> 防守方-> 防守方:已部署下显示为已连接
-> 但是,当您转到“监控”->“漏洞”->“图像”->“已部署”并搜索集群或主机名时,您找不到任何结果。




Environment


Prisma Cloud Compute SaaS版本
  • Prisma Cloud Compute 自托管版本
  • AWS ECS Fargate

Cause


  • 如果您的任务定义缺少下面提到的一些必要的环境变量(包括 TW_IMAGE_NAME 和 TW_CONTAINER_NAME),则可能会发生这种情况。
"environment": [
                {
                    "name": "FIPS_ENABLED",
                    "value": "false"
                },
                {
                    "name": "FILESYSTEM_MONITORING",
                    "value": "false"
                },
                {
                    "name": "TW_CONTAINER_NAME",
                    "value": "xxx"
                },
                {
                    "name": "TW_DEBUG",
                    "value": "true"
                },
                {
                    "name": "TW_IMAGE_NAME",
                    "value": ""
                },
                {
                    "name": "DEFENDER_TYPE",
                    "value": "fargate"
                },
                {
                    "name": "FARGATE_TASK",
                    "value": "xxxx
                }
            ],

You could be using Terraform to generate task definitions and some of the above environment variables might be missing.

Resolution


  • 如果您使用 terraform 生成任务定义,请确保将该任务定义与手动生成的受保护任务定义进行比较,并确保所有环境变量都存在且正确定义。
  • 一旦添加/更正了变量,集群就会显示在“部署映像”选项卡下。

Additional Information


参考案例:03150226
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000HDrxCAG&lang=zh_CN&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language