1. Overview

You can integrate Prisma Cloud with HashiCorp Vault. Prisma Cloud supports the K/V Secrets Engine v2 in Vault 0.10.x, and K/V Secrets Engine v1 in Vault 0.9.x and older. Prisma Cloud does not support Secrets Engine v1 in Vault 0.10.x.

First configure Prisma Cloud to access HashiCorp Vault, then create rules to inject the relevant secrets into the relevant containers.

  1. In Console, go to Manage > Authentication > Secrets.

  2. Click Add store.

    1. Enter a name for the vault. This name is used when you create rules to inject secrets into specific containers.

    2. For Type, select HashiCorp Vault. Choose the version that matches the version of Vault installed in your environment.

    3. Fill out the rest of the form, specifying how to connect to your vault.

    4. Click Add.

      After clicking Add, Prisma Cloud tries conecting to your vault. If it is successful, the dialog closes, and an entry is added to the table. Otherwise, any connection errors are displayed directly in the configuration dialog.