Configure Console’s listening ports
1. Overview
This guide shows you how to configure Prisma Cloud to listen on different ports. Typically this type of configuration is made at the load balancer layer, but it can be done directly with Prisma Cloud.
By default Prisma Cloud listens on:
-
8083
HTTPS management port for access to Console. -
8084
WSS port for Defender to Console communication.
For more information, see the https://cdn.twistlock.com/docs/downloads/Prisma Cloud-Reference-Architecture.pdf[Reference Architecture].
If you are setting the port below 1024
then Prisma Cloud needs permission to access this privileged port.
You must also set RUN_CONSOLE_AS_ROOT=${RUN_CONSOLE_AS_ROOT:-false}
to true.
Prerequisite: You have downloaded and unpacked the Prisma Cloud software.
-
Go to the directory where you unpacked the Prisma Cloud software.
-
Open twistlock.cfg for editing.
-
MANAGEMENT_PORT_HTTP
sets the HTTP access port, leaving this blank disables HTTP access.Example:
MANAGEMENT_PORT_HTTP=${MANAGEMENT_PORT_HTTP-80}
configures Console to listen on port80
. -
MANAGEMENT_PORT_HTTPS
sets the HTTPS access port.Example:
MANAGEMENT_PORT_HTTPS=443
configures Console to to listen on port443
. -
COMMUNICATION_PORT
sets the WSS port used for Defender to Console communication.Example:
COMMUNICATION_PORT=9090
configures Console to listen on port9090
.
-
-
Run
twistlock.sh
to install Prisma Cloud Console with your settings.If you are setting the port below
1024
then Prisma Cloud needs permission to access this privileged port. You must also setRUN_CONSOLE_AS_ROOT=${RUN_CONSOLE_AS_ROOT:-false}
to true.