Prisma Cloud Application Security: Steps needed to reintegrate the repository with the correct PR functionality?

Prisma Cloud Application Security: Steps needed to reintegrate the repository with the correct PR functionality?

4074
Created On 04/27/23 09:02 AM - Last Modified 01/24/24 21:54 PM


Objective


  • You successfully integrated your repository, 
  • Enforcement rules for PR comments doesn't work
  • All repo's are added and visible within the IaC Misconfiguration tab within Prisma Cloud:
GUI Path: Application Security > Projects > IaC Misconfiguration 
image.png

Example of not working environment:
 
image.png
Example of working environment:
 
image.png
 
  • It seems that the integration between Prisma Cloud and Azure was done by a user who does not have sufficient permissions to perform the necessary tasks.

Environment


  • Prisma Cloud
  • Azure

Procedure


To resolve:
  1. Remove all the repo's from the affected DevOps project in Prisma,
  2. Assign the service principal the 'Project Administrator' role to the DevOps project,
  3. Re-add the repositories,
  4. Confirm the webhooks are created,
  5. Remove the Project Administrator role from the principal.
To confirm that Prisma Cloud is successfully subscribing to the webhook for each repository, the customer should navigate to the project view in Azure and click on the project settings located at the bottom left-hand corner.
Then, they can proceed to enter the service hooks section, where they should see two lines for both created and updated events for each integrated repository.
image.png

Repositories selection in Prisma modal, the subscription should be done within 1-2 min.

 

Additional Information


View our Prisma Cloud Application Security reportistories here
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000g1Y2CAI&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language