1. Overview

This guide shows you how to configure a Classic Load Balancer in AWS for Prisma Cloud Console. Console serves its UI and API over HTTPS on port 8083, and Defender communicates with Console over a websocket on port 8084. You’ll set up a single load balancer to forward requests for both port 8083 and 8084 to Console, with the load balancer checking Console’s health using the /api/v1/_ping endpoint on port 8083.

  1. Log into the AWS Management Console.

  2. Go to Services > Compute > EC2.

  3. In the left menu, go to LOAD BALANCING > Load Balancers.

  4. Create a load balancer.

    1. Click Create Load Balancer.

    2. In Classic Load Balancer, click Create.

    3. Give your load balancer a name, such as pc-ecs-lb.

    4. Leave default VPC.

    5. Create the following listener configuration:

      • Load Balancer Protocol: TCP

      • Load Balancer Port: 8083

      • Instance Protocol: TCP

      • Instance Port: 8083

    6. Click Add to add another listener using following listener configuration:

      • Load Balancer Protocol: TCP

      • Load Balancer Port: 8084

      • Instance Protocol: TCP

      • Instance Port: 8084

    7. Click Next: Assign Security Groups.

      • Select the pc-security-group

    8. Click Next Configure Security Settings.

      • ignore the warning and click Next: Configure Health Check

    9. Use the following health check configuration:

      • Ping Protocol: HTTPS

      • Ping Port: 8083

      • Ping Path: /api/v1/_ping

      • Use default settings for Advanced Details

    10. Click Next: Add EC2 Instances

      • Do not select any instance

    11. Click Next: Add Tags.

      • Under Key, enter Name.

      • Under Value, enter pc-ecs-lb.

    12. Click Review and Create.

    13. Review your settings and select Create.

    14. Review created load balancer and record its DNS Name

      For the complete install procedure on Amazon ECS environment, follow the steps in Install Prisma Cloud on Amazon ECS.