1. Overview

Configure an AWS Classic Load Balancer for accessing Prisma Cloud Console. Console serves its UI and API over HTTPS on port 8083, and Defender communicates with Console over a websocket on port 8084. You’ll set up a single load balancer to forward requests for both port 8083 and 8084 to Console, with the load balancer checking Console’s health using the /api/v1/_ping endpoint on port 8083.

For the complete install procedure for Prisma Cloud on Amazon ECS, see here.

  1. Log into the AWS Management Console.

  2. Go to Services > Compute > EC2.

  3. In the left menu, go to Load Balancing > Load Balancers.

  4. Create a load balancer.

    1. Click Create Load Balancer.

    2. In Classic Load Balancer, click Create.

    3. Give your load balancer a name, such as pc-ecs-lb.

    4. Leave default VPC.

    5. Create the following listener configuration:

      • Load Balancer Protocol: TCP

      • Load Balancer Port: 8083

      • Instance Protocol: TCP

      • Instance Port: 8083

    6. Click Add to add another listener using following listener configuration:

      • Load Balancer Protocol: TCP

      • Load Balancer Port: 8084

      • Instance Protocol: TCP

      • Instance Port: 8084

    7. Click Next: Assign Security Groups.

      • Select the pc-security-group

    8. Click Next Configure Security Settings.

      • Ignore the warning and click Next: Configure Health Check

    9. Use the following health check configuration:

      • Ping Protocol: HTTPS

      • Ping Port: 8083

      • Ping Path: /api/v1/_ping

      • For Advanced Details, accept the default settings.

    10. Click Next: Add EC2 Instances

      • Do not select any instances.

    11. Click Next: Add Tags.

      • Under Key, enter Name.

      • Under Value, enter pc-ecs-lb.

    12. Click Review and Create.

    13. Review your settings and select Create.

    14. Review the load balancer that was created and record its DNS Name.