1. Overview

This guide shows you how to configure Prisma Cloud to listen on different ports. Typically this type of configuration is made at the load balancer layer, but it can be done directly with Prisma Cloud.

By default Prisma Cloud listens on:

  • 8083 HTTPS management port for access to Console.

  • 8084 WSS port for Defender to Console communication.

For more information, see the https://cdn.twistlock.com/docs/downloads/Prisma Cloud-Reference-Architecture.pdf[Reference Architecture].

If you are setting the port below 1024 then Prisma Cloud needs permission to access this privileged port. You must also set RUN_CONSOLE_AS_ROOT=${RUN_CONSOLE_AS_ROOT:-false} to true.

Prerequisite: You have downloaded and unpacked the Prisma Cloud software.

  1. Go to the directory where you unpacked the Prisma Cloud software.

  2. Open twistlock.cfg for editing.

    • MANAGEMENT_PORT_HTTP sets the HTTP access port, leaving this blank disables HTTP access.

      Example: MANAGEMENT_PORT_HTTP=${MANAGEMENT_PORT_HTTP-80} configures Console to listen on port 80.

    • MANAGEMENT_PORT_HTTPS sets the HTTPS access port.

      Example: MANAGEMENT_PORT_HTTPS=443 configures Console to to listen on port 443.

    • COMMUNICATION_PORT sets the WSS port used for Defender to Console communication.

      Example: COMMUNICATION_PORT=9090 configures Console to listen on port 9090.

  3. Run twistlock.sh to install Prisma Cloud Console with your settings.

    If you are setting the port below 1024 then Prisma Cloud needs permission to access this privileged port. You must also set RUN_CONSOLE_AS_ROOT=${RUN_CONSOLE_AS_ROOT:-false} to true.