Palo Alto Networks Prisma Cloud CPW

What is Prisma Cloud CWP?

Prisma Cloud - Cloud Workload Protection (CWP) provides protection across hosts, containers, and serverless functions in the applications lifecycle. Prisma Cloud is available in both self-hosted and SaaS versions:

Why Should You Use the Prisma Cloud CWP Connector?

The Prisma Cloud CWP connector provides visibility into the workload on your cloud assets. You can use this visibility to:

ensure workloads and data are managed per your security policies
find vulnerabilities quickly and remediate

How Does This Connector Work?

Lucidum executes read-only requests to the Prisma Cloud CWP API and ingests only meta-data about Prisma Cloud CWP assets. Lucidum does not retrieve any data stored on your assets.

Configuring the Connector in Lucidum

Field	Description	Example
URL	The URL of the Palo Alto Networks Prisma Cloud API	https://lucidum/api/v21.08.525
User name	User name of an account with access to the Palo Alto Prisma Cloud APIs.	8d875079-4f77-47d4-991f-5c30eef5733c
Password	Password for an account with access to the Palo Alto Prisma Cloud APIs.	*******************
Verify SSL	For future use.	N/A

Source Documentation

Required Permission

The account that Lucidum uses to access the API for Prisma Cloud - Cloud Workload Protection must have at least this role

Access User

https://docs.paloaltonetworks.com/prisma/prisma-cloud/30/prisma-cloud-compute-edition-admin/authentication/user_roles

Creating the Access Key and Access Key Secret

https://pan.dev/prisma-cloud/api/cwpp/access-api-saas/

https://pan.dev/prisma-cloud/api/cwpp/post-authenticate/

API Documentation

https://pan.dev/prisma-cloud/api/cwpp/