Prisma Cloud Defender showing Status Error "Failed to update admission control settings failed loading admission controller certificates: failed to decode key" under Features section
4700
Created On 10/31/22 04:28 AM - Last Modified 12/08/22 03:32 AM
Symptom
- Prisma Cloud Defender showing Status Error "Failed to update admission control settings failed loading admission controller certificates: failed to decode key" under Features section
Environment
- Prisma Cloud (Compute section)
Cause
- An admission controller is a piece of code that intercepts requests to the Kubernetes API server prior to persistence of the object, but after the request is authenticated and authorized.
- For the same, it observes requests to approve 'CertificateSigningRequest' resources and performs additional authorization checks to ensure the approving user has the permission.
- The Privilege Level set during the Defender Deployment may fail the requirement to load the admission controller certificates for authorization.
Resolution
- Enable the Privileged level (or change it to True) during the Defender Daemonset Deployment.
- This can be confirmed in the downloaded YAML file.
- Once this is done, redeploy the Defender.