Prisma Cloud Compute Console serves as the user interface within Prisma Cloud. The graphical user interface (GUI) lets you define policy, configure and control your Prisma Cloud deployment, and view the overall health (from a security perspective) of your container environment. Console also provides an API for customers that want to control Prisma Cloud programmatically to build out their own integrations or custom tooling. The API is thoroughly documented. Endpoints are provided for all features, functions, and controls offered in the GUI.
Prisma Cloud Compute Console is offered as an on premise deployment or as a Softeware as a Services (SaaS). Security capabilities are identical across the two options, however customers may opt for one deployment model or another based on their individual architecture needs.
For an on premise deployment, regardless of how Console is installed and where it operates, Console requires access to persistent storage. Console can be deployed using either your orchestrator’s native HA capabilities or Prisma Cloud’s built-in high availability (HA) capabilities.
When installing Prisma Cloud Compute, install Console first, then install Defender. Defender is the component of Prisma Cloud that runs on each host, more detail is provided below. Defender can be installed from the deployment tabs in Console’s graphical user interface. Defender, as the initiator of the connection, requires network connectivity to the Console.
Prisma Cloud provides automation in the product that generates the required artifacts for common orchestration platforms such as Kubernetes, Openshift and Swarm. Prisma Cloud can also generate Helm charts to ease deployment for organizations who have adopted Helm as their packaging standard.
In an on premise installation Console’s graphical user interface can be accessed using a web browser on ports 8081 (HTTP) or 8083 (HTTPS). We recommend that you access Console over HTTPS so that sensitive information, such as admin passwords, is encrypted while in transit. By default, self-signed certificates are used to secure access to Console but you can configure your own certificate to prove your server’s identity to browser clients. For more information on this topic, see our support article here.
When using Prisma Cloud Compute, the graphical interface is accessable directly from the left hand navigation within your Prisma Cloud tenant by selecting the Compute tab.
The Prisma Cloud API is REST-based and can be accessed over HTTP or HTTPS on ports 8081 and 8083 respectively. For more information about the Prisma Cloud API, see the support article here.