From f21e972b7eeab619ec928d90e08f0d3c7c25f930 Mon Sep 17 00:00:00 2001 From: Joshua Falgout <49874460+joshfalgout@users.noreply.github.com> Date: Tue, 16 Jun 2020 15:43:19 -0500 Subject: [PATCH 01/28] Create Authentication Page --- admin_guide/authentication/authentication.adoc | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 admin_guide/authentication/authentication.adoc diff --git a/admin_guide/authentication/authentication.adoc b/admin_guide/authentication/authentication.adoc new file mode 100644 index 00000000..616ef3f7 --- /dev/null +++ b/admin_guide/authentication/authentication.adoc @@ -0,0 +1,8 @@ +== Authentication + +Prisma Cloud provides broad enterprise identity support, integrating with Active Directory, OpenLDAP, Ping, Okta, Shibboleth, Azure AD, and G Suite, allowing you to implement central credential management in the Prisma Cloud Platform. +Define accounts and IAM roles to integrate with your cloud providers in one place and reuse them across the product. +Pluggable cryptography allows you to bring your own certificates, not just for TLS, but also for smart card authentication to Console. + +Prisma Cloud ships with prebuilt roles to provide least privilege access to your devops and security teams. +Use Assigned Collections to precisely control what data teams can view or use built-in multi-tenancy to securely isolate entire business units or geographies within the same Console. From 3e28eb4b1e359689731baac17b4f25b64a6cdd58 Mon Sep 17 00:00:00 2001 From: Joshua Falgout <49874460+joshfalgout@users.noreply.github.com> Date: Tue, 16 Jun 2020 15:44:04 -0500 Subject: [PATCH 02/28] Update access_control.adoc Removed Authentication Items --- admin_guide/access_control/access_control.adoc | 7 ------- 1 file changed, 7 deletions(-) diff --git a/admin_guide/access_control/access_control.adoc b/admin_guide/access_control/access_control.adoc index 58424eaf..c787cccc 100644 --- a/admin_guide/access_control/access_control.adoc +++ b/admin_guide/access_control/access_control.adoc @@ -1,10 +1,3 @@ == Access control Establish and monitor access control measures for cloud workloads and cloud native applications. - -Prisma Cloud provides broad enterprise identity support, integrating with Active Directory, OpenLDAP, Ping, Okta, Shibboleth, Azure AD, and G Suite, allowing you to implement central credential management in the Prisma Cloud Platform. -Define accounts and IAM roles to integrate with your cloud providers in one place and reuse them across the product. -Pluggable cryptography allows you to bring your own certificates, not just for TLS, but also for smart card authentication to Console. - -Prisma Cloud ships with prebuilt roles to provide least privilege access to your devops and security teams. -Use Assigned Collections to precisely control what data teams can view or use built-in multi-tenancy to securely isolate entire business units or geographies within the same Console. From 503b706b69d18d4abcd116a970a00f3090b0df56 Mon Sep 17 00:00:00 2001 From: Joshua Falgout <49874460+joshfalgout@users.noreply.github.com> Date: Tue, 16 Jun 2020 15:44:53 -0500 Subject: [PATCH 03/28] Rename admin_guide/access_control/access_keys.adoc to admin_guide/authentication/access_keys.adoc Moved --- admin_guide/{access_control => authentication}/access_keys.adoc | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename admin_guide/{access_control => authentication}/access_keys.adoc (100%) diff --git a/admin_guide/access_control/access_keys.adoc b/admin_guide/authentication/access_keys.adoc similarity index 100% rename from admin_guide/access_control/access_keys.adoc rename to admin_guide/authentication/access_keys.adoc From e747ba1de00bd86f922f367cb899f2b6fb34418f Mon Sep 17 00:00:00 2001 From: Joshua Falgout <49874460+joshfalgout@users.noreply.github.com> Date: Tue, 16 Jun 2020 15:45:38 -0500 Subject: [PATCH 04/28] Rename admin_guide/access_control/integrate_active_directory.adoc to admin_guide/authentication/integrate_active_directory.adoc Moved --- .../integrate_active_directory.adoc | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename admin_guide/{access_control => authentication}/integrate_active_directory.adoc (100%) diff --git a/admin_guide/access_control/integrate_active_directory.adoc b/admin_guide/authentication/integrate_active_directory.adoc similarity index 100% rename from admin_guide/access_control/integrate_active_directory.adoc rename to admin_guide/authentication/integrate_active_directory.adoc From d0b3546af3acef7fc2119b4a5acd4d31ca0a0162 Mon Sep 17 00:00:00 2001 From: Joshua Falgout <49874460+joshfalgout@users.noreply.github.com> Date: Tue, 16 Jun 2020 15:46:02 -0500 Subject: [PATCH 05/28] Delete assign_roles.adoc --- admin_guide/access_control/assign_roles.adoc | 145 ------------------- 1 file changed, 145 deletions(-) delete mode 100644 admin_guide/access_control/assign_roles.adoc diff --git a/admin_guide/access_control/assign_roles.adoc b/admin_guide/access_control/assign_roles.adoc deleted file mode 100644 index 6137978a..00000000 --- a/admin_guide/access_control/assign_roles.adoc +++ /dev/null @@ -1,145 +0,0 @@ -== Assign roles - -ifdef::compute_edition[] -After creating a user or group, you can assign a xref:../access_control/user_roles.adoc[role] to it. -Roles determine the level of access to Prisma Cloud’s data and settings. - -Prisma Cloud supports two types of users and groups: - -* Centrally managed users and groups, defined in your organization’s directory service. -With directory services such as Active Directory, OpenLDAP, and SAML providers, you can re-use the identities set up in these systems. -* Prisma Cloud users and groups, created and managed from Console. - -For centrally managed users groups, roles can be assigned after you integrate your directory service with Prisma Cloud. -Roles can be assigned to individual users or to groups. -When you assign a role to a group, all members of the group inherit the role. -Managing role assignments at the group level is considered a best practice. -Groups provide an easier way to manage a large user base, and simpler foundation for building your access control policies. - -For Prisma Cloud users and groups, roles are assigned at the user level when the user is created. -When you create a Prisma Cloud group, you add Prisma Cloud users to it. -Users in this type of group always retain the role they were assigned when they were created. - - -[.task] -=== Assigning roles to Prisma Cloud users - -If you do not have a directory service, such as Active Directory (AD) or Lightweight Directory Access Protocol (LDAP), Prisma Cloud lets you create and manage your own users and groups. -When you create a Prisma Cloud user, you can assign it a role, which determines its level of access. - -To create a user and assign it a role: - -[.procedure] -. Open Console, and log in with your admin credentials. - -. Go to *Manage > Authentication > Users*. - -. Click *Add user*. - -.. Enter a username. - -.. Enter a password. - -.. Assign a role. - -.. Click *Save*. - - -[.task] -=== Assigning roles to Prisma Cloud groups - -Collecting users into groups makes it easier to manage your access control rules. - -NOTE: Each user in the group retains his own role to prevent erroneous privilege escalation. - -To create a Prisma Cloud group and add users to it: - -[.procedure] -. Open Console and log in with your admin credentials. - -. Go to *Manage > Authentication > Groups*. - -. Click *Add group*. - -.. Enter a name for your group. - -.. In the drop down list, select a user. - -.. Click *+*. - -.. Repeat steps b to c until your group contains all the members you want. - -.. Click *Save: - - -[.task] -=== Assigning roles to AD/OpenLDAP/SAML users - -By default, AD/OpenLDAP/SAML users have user-level access to Console. -You can grant a user a different access level by assigning him a role. - -NOTE: If a user is a part of an AD, OpenLDAP, or SAML group, and you have assigned a role to the group, the user inherits the group's role. - -*Prerequisites:* - -You have integrated Prisma Cloud with Active Directory, OpenLDAP, or SAML. - -[.procedure] -. Open Console. - -. Log in with your admin credentials. - -. Go to *Manage > Authentication > Users*. - -. Click *Add user*. - -.. Enter the username for the user whose role you want to set. -For example, if you have integrated Prisma Cloud with Active Directory, enter a UPN. - -.. In the *Role* drop-down menu, select a role. - -.. Click *Save*. - - -[.task] -=== Assigning roles to AD/OpenLDAP/SAML groups - -You can assign an AD/OpenLDAP/SAML group a role. -Members of the group inherit the group’s role. -When a user from a group tries to access a resource protected by Prisma Cloud, Prisma Cloud resolves the member’s role on the fly. - -NOTE: If a user is assigned multiple roles, either directly or through group inheritance, then he is granted the rights of the highest role. -For example, assume Bruce is part of GroupA and GroupB in Active Directory. -In Console, you assign the Administrator role to GroupA and the Auditor role to GroupB. When Bruce logs into Prisma Cloud, he will have Administrator rights. - -The following procedure shows you how to assign a role to an existing AD/OpenLDAP/SAML group: - -*Prerequisites:* - -* You have integrated Prisma Cloud with Active Directory, OpenLDAP, or SAML. - -[.procedure] -. Open Console, and log in with your admin credentials. - -. Go to *Manage > Authentication > Groups*. - -. Click *Add group*. - -.. Specify the name of the group. It should match the group name specified in your directory service. - -.. Check LDAP group. - -.. Select a role. - -.. Click *Save*. - -endif::compute_edition[] - -ifdef::prisma_cloud[] - -To access the Compute Console UI, users must have the Prisma Cloud (outer management interface) System Admin role. -Access is denied to users with any other role. - -The Prisma Cloud System Admin role is mapped to Compute's (inner management interface) Administrator role. - -endif::prisma_cloud[] From 7ab1abdc36da62a1df7a3888027a1e0dcb63d9f7 Mon Sep 17 00:00:00 2001 From: Joshua Falgout <49874460+joshfalgout@users.noreply.github.com> Date: Tue, 16 Jun 2020 15:46:25 -0500 Subject: [PATCH 06/28] Rename admin_guide/access_control/integrate_openldap.adoc to admin_guide/authentication/integrate_openldap.adoc Moved --- .../{access_control => authentication}/integrate_openldap.adoc | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename admin_guide/{access_control => authentication}/integrate_openldap.adoc (100%) diff --git a/admin_guide/access_control/integrate_openldap.adoc b/admin_guide/authentication/integrate_openldap.adoc similarity index 100% rename from admin_guide/access_control/integrate_openldap.adoc rename to admin_guide/authentication/integrate_openldap.adoc From b3dd33f756070a8c846a67aba0a22c4451afc2aa Mon Sep 17 00:00:00 2001 From: Joshua Falgout <49874460+joshfalgout@users.noreply.github.com> Date: Tue, 16 Jun 2020 15:46:58 -0500 Subject: [PATCH 07/28] Rename admin_guide/access_control/integrate_saml.adoc to admin_guide/access_control/authentication/integrate_saml.adoc Moved --- .../access_control/{ => authentication}/integrate_saml.adoc | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename admin_guide/access_control/{ => authentication}/integrate_saml.adoc (100%) diff --git a/admin_guide/access_control/integrate_saml.adoc b/admin_guide/access_control/authentication/integrate_saml.adoc similarity index 100% rename from admin_guide/access_control/integrate_saml.adoc rename to admin_guide/access_control/authentication/integrate_saml.adoc From 0d0fef9b849cea26f9c79c61538c977077edd7b9 Mon Sep 17 00:00:00 2001 From: Joshua Falgout <49874460+joshfalgout@users.noreply.github.com> Date: Tue, 16 Jun 2020 15:47:26 -0500 Subject: [PATCH 08/28] Rename admin_guide/access_control/authentication/integrate_saml.adoc to admin_guide/authentication/integrate_saml.adoc Moved --- .../{access_control => }/authentication/integrate_saml.adoc | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename admin_guide/{access_control => }/authentication/integrate_saml.adoc (100%) diff --git a/admin_guide/access_control/authentication/integrate_saml.adoc b/admin_guide/authentication/integrate_saml.adoc similarity index 100% rename from admin_guide/access_control/authentication/integrate_saml.adoc rename to admin_guide/authentication/integrate_saml.adoc From 8a913b25f08962de89e6f3d44166e56223a89373 Mon Sep 17 00:00:00 2001 From: Joshua Falgout <49874460+joshfalgout@users.noreply.github.com> Date: Tue, 16 Jun 2020 15:47:57 -0500 Subject: [PATCH 09/28] Rename admin_guide/access_control/integrate_saml_active_directory_federation_services.adoc to admin_guide/authentication/integrate_saml_active_directory_federation_services.adoc Moved --- .../integrate_saml_active_directory_federation_services.adoc | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename admin_guide/{access_control => authentication}/integrate_saml_active_directory_federation_services.adoc (100%) diff --git a/admin_guide/access_control/integrate_saml_active_directory_federation_services.adoc b/admin_guide/authentication/integrate_saml_active_directory_federation_services.adoc similarity index 100% rename from admin_guide/access_control/integrate_saml_active_directory_federation_services.adoc rename to admin_guide/authentication/integrate_saml_active_directory_federation_services.adoc From b46baefe0ac7548b64e4b39c365648dc57a31f6b Mon Sep 17 00:00:00 2001 From: Joshua Falgout <49874460+joshfalgout@users.noreply.github.com> Date: Tue, 16 Jun 2020 15:50:03 -0500 Subject: [PATCH 10/28] Rename integrate_saml_active_directory_federation_services.adoc to integrate_saml_azure_active_directory.adoc Moved --- .../integrate_saml_azure_active_directory.adoc | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename admin_guide/{access_control => authentication}/integrate_saml_azure_active_directory.adoc (100%) diff --git a/admin_guide/access_control/integrate_saml_azure_active_directory.adoc b/admin_guide/authentication/integrate_saml_azure_active_directory.adoc similarity index 100% rename from admin_guide/access_control/integrate_saml_azure_active_directory.adoc rename to admin_guide/authentication/integrate_saml_azure_active_directory.adoc From bfc58366c04395cb34dfd09cb150b5cb7bee9727 Mon Sep 17 00:00:00 2001 From: Joshua Falgout <49874460+joshfalgout@users.noreply.github.com> Date: Tue, 16 Jun 2020 15:50:29 -0500 Subject: [PATCH 11/28] Rename admin_guide/access_control/integrate_saml_google_g_suite.adoc to admin_guideintegrate_saml_google_g_suite.adoc Moved --- ..._g_suite.adoc => admin_guideintegrate_saml_google_g_suite.adoc | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename admin_guide/access_control/integrate_saml_google_g_suite.adoc => admin_guideintegrate_saml_google_g_suite.adoc (100%) diff --git a/admin_guide/access_control/integrate_saml_google_g_suite.adoc b/admin_guideintegrate_saml_google_g_suite.adoc similarity index 100% rename from admin_guide/access_control/integrate_saml_google_g_suite.adoc rename to admin_guideintegrate_saml_google_g_suite.adoc From d618c8b4a5569960ccd0e78bad9d6882128dada9 Mon Sep 17 00:00:00 2001 From: Joshua Falgout <49874460+joshfalgout@users.noreply.github.com> Date: Tue, 16 Jun 2020 15:50:51 -0500 Subject: [PATCH 12/28] Rename admin_guideintegrate_saml_google_g_suite.adoc to admin_guide/aauthentication/integrate_saml_google_g_suite.adoc Moved --- .../aauthentication/integrate_saml_google_g_suite.adoc | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename admin_guideintegrate_saml_google_g_suite.adoc => admin_guide/aauthentication/integrate_saml_google_g_suite.adoc (100%) diff --git a/admin_guideintegrate_saml_google_g_suite.adoc b/admin_guide/aauthentication/integrate_saml_google_g_suite.adoc similarity index 100% rename from admin_guideintegrate_saml_google_g_suite.adoc rename to admin_guide/aauthentication/integrate_saml_google_g_suite.adoc From 932c185428858bea7db33a5689d2411bb6d3fa26 Mon Sep 17 00:00:00 2001 From: Joshua Falgout <49874460+joshfalgout@users.noreply.github.com> Date: Tue, 16 Jun 2020 15:51:22 -0500 Subject: [PATCH 13/28] Rename admin_guide/aauthentication/integrate_saml_google_g_suite.adoc to admin_guide/authentication/integrate_saml_google_g_suite.adoc Moved --- .../integrate_saml_google_g_suite.adoc | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename admin_guide/{aauthentication => authentication}/integrate_saml_google_g_suite.adoc (100%) diff --git a/admin_guide/aauthentication/integrate_saml_google_g_suite.adoc b/admin_guide/authentication/integrate_saml_google_g_suite.adoc similarity index 100% rename from admin_guide/aauthentication/integrate_saml_google_g_suite.adoc rename to admin_guide/authentication/integrate_saml_google_g_suite.adoc From 439265088e9596823bcb50d7dc407ba2fcc580a7 Mon Sep 17 00:00:00 2001 From: Joshua Falgout <49874460+joshfalgout@users.noreply.github.com> Date: Tue, 16 Jun 2020 15:51:50 -0500 Subject: [PATCH 14/28] Rename admin_guide/access_control/integrate_saml_ping_federate.adoc to admin_guide/authentication/integrate_saml_ping_federate.adoc Moved --- .../integrate_saml_ping_federate.adoc | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename admin_guide/{access_control => authentication}/integrate_saml_ping_federate.adoc (100%) diff --git a/admin_guide/access_control/integrate_saml_ping_federate.adoc b/admin_guide/authentication/integrate_saml_ping_federate.adoc similarity index 100% rename from admin_guide/access_control/integrate_saml_ping_federate.adoc rename to admin_guide/authentication/integrate_saml_ping_federate.adoc From 8a1def06f75cad29e31bb50737b40e06e49d90f1 Mon Sep 17 00:00:00 2001 From: Joshua Falgout <49874460+joshfalgout@users.noreply.github.com> Date: Tue, 16 Jun 2020 15:53:03 -0500 Subject: [PATCH 15/28] Rename admin_guide/access_control/non_default_upn_suffixes.adoc to admin_guide/authentication/active_directory_non_default_upn_suffixes.adoc Moved --- .../active_directory_non_default_upn_suffixes.adoc} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename admin_guide/{access_control/non_default_upn_suffixes.adoc => authentication/active_directory_non_default_upn_suffixes.adoc} (100%) diff --git a/admin_guide/access_control/non_default_upn_suffixes.adoc b/admin_guide/authentication/active_directory_non_default_upn_suffixes.adoc similarity index 100% rename from admin_guide/access_control/non_default_upn_suffixes.adoc rename to admin_guide/authentication/active_directory_non_default_upn_suffixes.adoc From 1a59b17bb1d186744ea819c1286807c6dc9d8c74 Mon Sep 17 00:00:00 2001 From: Joshua Falgout <49874460+joshfalgout@users.noreply.github.com> Date: Tue, 16 Jun 2020 15:53:30 -0500 Subject: [PATCH 16/28] Rename admin_guide/access_control/prisma_cloud_user_roles.adoc to admin_guide/authentication/prisma_cloud_user_roles.adoc Moved --- .../prisma_cloud_user_roles.adoc | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename admin_guide/{access_control => authentication}/prisma_cloud_user_roles.adoc (100%) diff --git a/admin_guide/access_control/prisma_cloud_user_roles.adoc b/admin_guide/authentication/prisma_cloud_user_roles.adoc similarity index 100% rename from admin_guide/access_control/prisma_cloud_user_roles.adoc rename to admin_guide/authentication/prisma_cloud_user_roles.adoc From 65f8e59e3b1bc4074d0c83ca012b5fe37fb83055 Mon Sep 17 00:00:00 2001 From: Joshua Falgout <49874460+joshfalgout@users.noreply.github.com> Date: Tue, 16 Jun 2020 15:53:52 -0500 Subject: [PATCH 17/28] Rename admin_guide/access_control/rbac.adoc to admin_guide/authentication/rbac.adoc Moved --- admin_guide/{access_control => authentication}/rbac.adoc | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename admin_guide/{access_control => authentication}/rbac.adoc (100%) diff --git a/admin_guide/access_control/rbac.adoc b/admin_guide/authentication/rbac.adoc similarity index 100% rename from admin_guide/access_control/rbac.adoc rename to admin_guide/authentication/rbac.adoc From 6d79a5e53e627fb5ebe50674764f775a207708fe Mon Sep 17 00:00:00 2001 From: Joshua Falgout <49874460+joshfalgout@users.noreply.github.com> Date: Tue, 16 Jun 2020 15:54:13 -0500 Subject: [PATCH 18/28] Rename admin_guide/access_control/use_custom_certs_for_auth.adoc to admin_guide/authentication/use_custom_certs_for_auth.adoc Moved --- .../use_custom_certs_for_auth.adoc | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename admin_guide/{access_control => authentication}/use_custom_certs_for_auth.adoc (100%) diff --git a/admin_guide/access_control/use_custom_certs_for_auth.adoc b/admin_guide/authentication/use_custom_certs_for_auth.adoc similarity index 100% rename from admin_guide/access_control/use_custom_certs_for_auth.adoc rename to admin_guide/authentication/use_custom_certs_for_auth.adoc From 87430e12d50fc03846fe6c0f6649f80c8fac9980 Mon Sep 17 00:00:00 2001 From: Joshua Falgout <49874460+joshfalgout@users.noreply.github.com> Date: Tue, 16 Jun 2020 15:54:34 -0500 Subject: [PATCH 19/28] Rename admin_guide/access_control/user_roles.adoc to admin_guide/authentication/user_roles.adoc Moved --- admin_guide/{access_control => authentication}/user_roles.adoc | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename admin_guide/{access_control => authentication}/user_roles.adoc (100%) diff --git a/admin_guide/access_control/user_roles.adoc b/admin_guide/authentication/user_roles.adoc similarity index 100% rename from admin_guide/access_control/user_roles.adoc rename to admin_guide/authentication/user_roles.adoc From bb153f3249447d1be3090cf049a86105f756c56f Mon Sep 17 00:00:00 2001 From: Joshua Falgout Date: Tue, 16 Jun 2020 16:05:21 -0500 Subject: [PATCH 20/28] Moved Images Moved Images --- .DS_Store | Bin 8196 -> 8196 bytes .../images/aad_saml_20180912_1.png | Bin .../images/aad_saml_20200305_1.png | Bin .../images/aad_saml_20200305_10.png | Bin .../images/aad_saml_20200305_11.png | Bin .../images/aad_saml_20200305_12.png | Bin .../images/aad_saml_20200305_2.png | Bin .../images/aad_saml_20200305_3.png | Bin .../images/aad_saml_20200305_4.png | Bin .../images/aad_saml_20200305_5.png | Bin .../images/aad_saml_20200305_6.png | Bin .../images/aad_saml_20200305_7.png | Bin .../images/aad_saml_20200305_8.png | Bin .../images/aad_saml_20200305_9.png | Bin .../access_control_docker_engine_565449.png | Bin .../access_control_docker_engine_565451.png | Bin .../images/access_keys_list.png | Bin .../images/access_keys_path_to_console.png | Bin .../images/adfs_saml_1.png | Bin .../images/adfs_saml_10.png | Bin .../images/adfs_saml_11.png | Bin .../images/adfs_saml_12.png | Bin .../images/adfs_saml_13.png | Bin .../images/adfs_saml_2.png | Bin .../images/adfs_saml_3.png | Bin .../images/adfs_saml_4.png | Bin .../images/adfs_saml_5.png | Bin .../images/adfs_saml_6.png | Bin .../images/adfs_saml_7.png | Bin .../images/adfs_saml_8.png | Bin .../images/adfs_saml_9.png | Bin .../defender_listening_modes_791687.png | Bin .../integrate_active_directory_555634.png | Bin .../integrate_active_directory_555634.png.1 | Bin .../integrate_active_directory_555634.png.2 | Bin .../images/integrate_g_suite_791235.png | Bin .../images/integrate_g_suite_791236.png | Bin .../images/integrate_g_suite_791240.png | Bin .../images/integrate_g_suite_791241.png | Bin .../images/integrate_g_suite_791242.png | Bin .../images/integrate_g_suite_791271.png | Bin .../images/integrate_saml_610130.png | Bin .../images/integrate_saml_610131.png | Bin .../images/integrate_saml_610135.png | Bin .../images/integrate_saml_610136.png | Bin .../images/integrate_saml_610140.png | Bin .../images/integrate_saml_610146.png | Bin .../images/integrate_saml_610150.png | Bin .../images/integrate_saml_610156.png | Bin .../images/integrate_saml_610160.png | Bin .../images/integrate_saml_610163.png | Bin .../images/ldap_group.PNG | Bin .../images/ping_saml_step10.png | Bin .../images/ping_saml_step11.png | Bin .../images/ping_saml_step12.png | Bin .../images/ping_saml_step13.png | Bin .../images/ping_saml_step2.png | Bin .../images/ping_saml_step3.png | Bin .../images/ping_saml_step5.png | Bin .../images/ping_saml_step6.png | Bin .../images/ping_saml_step7.png | Bin .../images/ping_saml_step8.png | Bin .../images/ping_saml_step9.png | Bin .../images/prisma_cloud_mgmt_interfaces.png | Bin .../images/prisma_cloud_role_mapping.png | Bin .../images/secrets_manager_790254.png | Bin .../images/secrets_manager_790256.png | Bin .../images/secrets_manager_791688.png | Bin .../images/use_custom_certs_auth_793632.png | Bin .../images/use_custom_certs_auth_795121.png | Bin .../images/use_custom_certs_auth_795123.png | Bin .../images/use_custom_certs_auth_banner.png | Bin .../images/user_roles_admin.png | Bin .../images/user_roles_user.png | Bin 74 files changed, 0 insertions(+), 0 deletions(-) rename admin_guide/{access_control => authentication}/images/aad_saml_20180912_1.png (100%) rename admin_guide/{access_control => authentication}/images/aad_saml_20200305_1.png (100%) rename admin_guide/{access_control => authentication}/images/aad_saml_20200305_10.png (100%) rename admin_guide/{access_control => authentication}/images/aad_saml_20200305_11.png (100%) rename admin_guide/{access_control => authentication}/images/aad_saml_20200305_12.png (100%) rename admin_guide/{access_control => authentication}/images/aad_saml_20200305_2.png (100%) rename admin_guide/{access_control => authentication}/images/aad_saml_20200305_3.png (100%) rename admin_guide/{access_control => authentication}/images/aad_saml_20200305_4.png (100%) rename admin_guide/{access_control => authentication}/images/aad_saml_20200305_5.png (100%) rename admin_guide/{access_control => authentication}/images/aad_saml_20200305_6.png (100%) rename admin_guide/{access_control => authentication}/images/aad_saml_20200305_7.png (100%) rename admin_guide/{access_control => authentication}/images/aad_saml_20200305_8.png (100%) rename admin_guide/{access_control => authentication}/images/aad_saml_20200305_9.png (100%) rename admin_guide/{access_control => authentication}/images/access_control_docker_engine_565449.png (100%) rename admin_guide/{access_control => authentication}/images/access_control_docker_engine_565451.png (100%) rename admin_guide/{access_control => authentication}/images/access_keys_list.png (100%) rename admin_guide/{access_control => authentication}/images/access_keys_path_to_console.png (100%) rename admin_guide/{access_control => authentication}/images/adfs_saml_1.png (100%) rename admin_guide/{access_control => authentication}/images/adfs_saml_10.png (100%) rename admin_guide/{access_control => authentication}/images/adfs_saml_11.png (100%) rename admin_guide/{access_control => authentication}/images/adfs_saml_12.png (100%) rename admin_guide/{access_control => authentication}/images/adfs_saml_13.png (100%) rename admin_guide/{access_control => authentication}/images/adfs_saml_2.png (100%) rename admin_guide/{access_control => authentication}/images/adfs_saml_3.png (100%) rename admin_guide/{access_control => authentication}/images/adfs_saml_4.png (100%) rename admin_guide/{access_control => authentication}/images/adfs_saml_5.png (100%) rename admin_guide/{access_control => authentication}/images/adfs_saml_6.png (100%) rename admin_guide/{access_control => authentication}/images/adfs_saml_7.png (100%) rename admin_guide/{access_control => authentication}/images/adfs_saml_8.png (100%) rename admin_guide/{access_control => authentication}/images/adfs_saml_9.png (100%) rename admin_guide/{access_control => authentication}/images/defender_listening_modes_791687.png (100%) rename admin_guide/{access_control => authentication}/images/integrate_active_directory_555634.png (100%) rename admin_guide/{access_control => authentication}/images/integrate_active_directory_555634.png.1 (100%) rename admin_guide/{access_control => authentication}/images/integrate_active_directory_555634.png.2 (100%) rename admin_guide/{access_control => authentication}/images/integrate_g_suite_791235.png (100%) rename admin_guide/{access_control => authentication}/images/integrate_g_suite_791236.png (100%) rename admin_guide/{access_control => authentication}/images/integrate_g_suite_791240.png (100%) rename admin_guide/{access_control => authentication}/images/integrate_g_suite_791241.png (100%) rename admin_guide/{access_control => authentication}/images/integrate_g_suite_791242.png (100%) rename admin_guide/{access_control => authentication}/images/integrate_g_suite_791271.png (100%) rename admin_guide/{access_control => authentication}/images/integrate_saml_610130.png (100%) rename admin_guide/{access_control => authentication}/images/integrate_saml_610131.png (100%) rename admin_guide/{access_control => authentication}/images/integrate_saml_610135.png (100%) rename admin_guide/{access_control => authentication}/images/integrate_saml_610136.png (100%) rename admin_guide/{access_control => authentication}/images/integrate_saml_610140.png (100%) rename admin_guide/{access_control => authentication}/images/integrate_saml_610146.png (100%) rename admin_guide/{access_control => authentication}/images/integrate_saml_610150.png (100%) rename admin_guide/{access_control => authentication}/images/integrate_saml_610156.png (100%) rename admin_guide/{access_control => authentication}/images/integrate_saml_610160.png (100%) rename admin_guide/{access_control => authentication}/images/integrate_saml_610163.png (100%) rename admin_guide/{access_control => authentication}/images/ldap_group.PNG (100%) rename admin_guide/{access_control => authentication}/images/ping_saml_step10.png (100%) rename admin_guide/{access_control => authentication}/images/ping_saml_step11.png (100%) rename admin_guide/{access_control => authentication}/images/ping_saml_step12.png (100%) rename admin_guide/{access_control => authentication}/images/ping_saml_step13.png (100%) rename admin_guide/{access_control => authentication}/images/ping_saml_step2.png (100%) rename admin_guide/{access_control => authentication}/images/ping_saml_step3.png (100%) rename admin_guide/{access_control => authentication}/images/ping_saml_step5.png (100%) rename admin_guide/{access_control => authentication}/images/ping_saml_step6.png (100%) rename admin_guide/{access_control => authentication}/images/ping_saml_step7.png (100%) rename admin_guide/{access_control => authentication}/images/ping_saml_step8.png (100%) rename admin_guide/{access_control => authentication}/images/ping_saml_step9.png (100%) rename admin_guide/{access_control => authentication}/images/prisma_cloud_mgmt_interfaces.png (100%) rename admin_guide/{access_control => authentication}/images/prisma_cloud_role_mapping.png (100%) rename admin_guide/{access_control => authentication}/images/secrets_manager_790254.png (100%) rename admin_guide/{access_control => authentication}/images/secrets_manager_790256.png (100%) rename admin_guide/{access_control => authentication}/images/secrets_manager_791688.png (100%) rename admin_guide/{access_control => authentication}/images/use_custom_certs_auth_793632.png (100%) rename admin_guide/{access_control => authentication}/images/use_custom_certs_auth_795121.png (100%) rename admin_guide/{access_control => authentication}/images/use_custom_certs_auth_795123.png (100%) rename admin_guide/{access_control => authentication}/images/use_custom_certs_auth_banner.png (100%) rename admin_guide/{access_control => authentication}/images/user_roles_admin.png (100%) rename admin_guide/{access_control => authentication}/images/user_roles_user.png (100%) diff --git a/.DS_Store b/.DS_Store index 1c1fd7e43fef8491717706179334515460745516..0ceb59bcc704f53670a0d06970d16ece14a74d1c 100644 GIT binary patch delta 51 zcmZp1XmOa}&&awlU^hP_>tuT|smW>rpEy&BlXH^t^K%$MBAX=y&#-M~m-xoA`IZPf FGXSmE5Ptvw delta 43 zcmZp1XmOa}&&aYdU^hP_%Vb4CsmW>rpEg?yo?)BVpuCw~;v36m1<~hB6B`r&IP?yx diff --git a/admin_guide/access_control/images/aad_saml_20180912_1.png b/admin_guide/authentication/images/aad_saml_20180912_1.png similarity index 100% rename from admin_guide/access_control/images/aad_saml_20180912_1.png rename to admin_guide/authentication/images/aad_saml_20180912_1.png diff --git a/admin_guide/access_control/images/aad_saml_20200305_1.png b/admin_guide/authentication/images/aad_saml_20200305_1.png similarity index 100% rename from admin_guide/access_control/images/aad_saml_20200305_1.png rename to admin_guide/authentication/images/aad_saml_20200305_1.png diff --git a/admin_guide/access_control/images/aad_saml_20200305_10.png b/admin_guide/authentication/images/aad_saml_20200305_10.png similarity index 100% rename from admin_guide/access_control/images/aad_saml_20200305_10.png rename to admin_guide/authentication/images/aad_saml_20200305_10.png diff --git a/admin_guide/access_control/images/aad_saml_20200305_11.png b/admin_guide/authentication/images/aad_saml_20200305_11.png similarity index 100% rename from admin_guide/access_control/images/aad_saml_20200305_11.png rename to admin_guide/authentication/images/aad_saml_20200305_11.png diff --git a/admin_guide/access_control/images/aad_saml_20200305_12.png b/admin_guide/authentication/images/aad_saml_20200305_12.png similarity index 100% rename from admin_guide/access_control/images/aad_saml_20200305_12.png rename to admin_guide/authentication/images/aad_saml_20200305_12.png diff --git a/admin_guide/access_control/images/aad_saml_20200305_2.png b/admin_guide/authentication/images/aad_saml_20200305_2.png similarity index 100% rename from admin_guide/access_control/images/aad_saml_20200305_2.png rename to admin_guide/authentication/images/aad_saml_20200305_2.png diff --git a/admin_guide/access_control/images/aad_saml_20200305_3.png b/admin_guide/authentication/images/aad_saml_20200305_3.png similarity index 100% rename from admin_guide/access_control/images/aad_saml_20200305_3.png rename to admin_guide/authentication/images/aad_saml_20200305_3.png diff --git a/admin_guide/access_control/images/aad_saml_20200305_4.png b/admin_guide/authentication/images/aad_saml_20200305_4.png similarity index 100% rename from admin_guide/access_control/images/aad_saml_20200305_4.png rename to admin_guide/authentication/images/aad_saml_20200305_4.png diff --git a/admin_guide/access_control/images/aad_saml_20200305_5.png b/admin_guide/authentication/images/aad_saml_20200305_5.png similarity index 100% rename from admin_guide/access_control/images/aad_saml_20200305_5.png rename to admin_guide/authentication/images/aad_saml_20200305_5.png diff --git a/admin_guide/access_control/images/aad_saml_20200305_6.png b/admin_guide/authentication/images/aad_saml_20200305_6.png similarity index 100% rename from admin_guide/access_control/images/aad_saml_20200305_6.png rename to admin_guide/authentication/images/aad_saml_20200305_6.png diff --git a/admin_guide/access_control/images/aad_saml_20200305_7.png b/admin_guide/authentication/images/aad_saml_20200305_7.png similarity index 100% rename from admin_guide/access_control/images/aad_saml_20200305_7.png rename to admin_guide/authentication/images/aad_saml_20200305_7.png diff --git a/admin_guide/access_control/images/aad_saml_20200305_8.png b/admin_guide/authentication/images/aad_saml_20200305_8.png similarity index 100% rename from admin_guide/access_control/images/aad_saml_20200305_8.png rename to admin_guide/authentication/images/aad_saml_20200305_8.png diff --git a/admin_guide/access_control/images/aad_saml_20200305_9.png b/admin_guide/authentication/images/aad_saml_20200305_9.png similarity index 100% rename from admin_guide/access_control/images/aad_saml_20200305_9.png rename to admin_guide/authentication/images/aad_saml_20200305_9.png diff --git a/admin_guide/access_control/images/access_control_docker_engine_565449.png b/admin_guide/authentication/images/access_control_docker_engine_565449.png similarity index 100% rename from admin_guide/access_control/images/access_control_docker_engine_565449.png rename to admin_guide/authentication/images/access_control_docker_engine_565449.png diff --git a/admin_guide/access_control/images/access_control_docker_engine_565451.png b/admin_guide/authentication/images/access_control_docker_engine_565451.png similarity index 100% rename from admin_guide/access_control/images/access_control_docker_engine_565451.png rename to admin_guide/authentication/images/access_control_docker_engine_565451.png diff --git a/admin_guide/access_control/images/access_keys_list.png b/admin_guide/authentication/images/access_keys_list.png similarity index 100% rename from admin_guide/access_control/images/access_keys_list.png rename to admin_guide/authentication/images/access_keys_list.png diff --git a/admin_guide/access_control/images/access_keys_path_to_console.png b/admin_guide/authentication/images/access_keys_path_to_console.png similarity index 100% rename from admin_guide/access_control/images/access_keys_path_to_console.png rename to admin_guide/authentication/images/access_keys_path_to_console.png diff --git a/admin_guide/access_control/images/adfs_saml_1.png b/admin_guide/authentication/images/adfs_saml_1.png similarity index 100% rename from admin_guide/access_control/images/adfs_saml_1.png rename to admin_guide/authentication/images/adfs_saml_1.png diff --git a/admin_guide/access_control/images/adfs_saml_10.png b/admin_guide/authentication/images/adfs_saml_10.png similarity index 100% rename from admin_guide/access_control/images/adfs_saml_10.png rename to admin_guide/authentication/images/adfs_saml_10.png diff --git a/admin_guide/access_control/images/adfs_saml_11.png b/admin_guide/authentication/images/adfs_saml_11.png similarity index 100% rename from admin_guide/access_control/images/adfs_saml_11.png rename to admin_guide/authentication/images/adfs_saml_11.png diff --git a/admin_guide/access_control/images/adfs_saml_12.png b/admin_guide/authentication/images/adfs_saml_12.png similarity index 100% rename from admin_guide/access_control/images/adfs_saml_12.png rename to admin_guide/authentication/images/adfs_saml_12.png diff --git a/admin_guide/access_control/images/adfs_saml_13.png b/admin_guide/authentication/images/adfs_saml_13.png similarity index 100% rename from admin_guide/access_control/images/adfs_saml_13.png rename to admin_guide/authentication/images/adfs_saml_13.png diff --git a/admin_guide/access_control/images/adfs_saml_2.png b/admin_guide/authentication/images/adfs_saml_2.png similarity index 100% rename from admin_guide/access_control/images/adfs_saml_2.png rename to admin_guide/authentication/images/adfs_saml_2.png diff --git a/admin_guide/access_control/images/adfs_saml_3.png b/admin_guide/authentication/images/adfs_saml_3.png similarity index 100% rename from admin_guide/access_control/images/adfs_saml_3.png rename to admin_guide/authentication/images/adfs_saml_3.png diff --git a/admin_guide/access_control/images/adfs_saml_4.png b/admin_guide/authentication/images/adfs_saml_4.png similarity index 100% rename from admin_guide/access_control/images/adfs_saml_4.png rename to admin_guide/authentication/images/adfs_saml_4.png diff --git a/admin_guide/access_control/images/adfs_saml_5.png b/admin_guide/authentication/images/adfs_saml_5.png similarity index 100% rename from admin_guide/access_control/images/adfs_saml_5.png rename to admin_guide/authentication/images/adfs_saml_5.png diff --git a/admin_guide/access_control/images/adfs_saml_6.png b/admin_guide/authentication/images/adfs_saml_6.png similarity index 100% rename from admin_guide/access_control/images/adfs_saml_6.png rename to admin_guide/authentication/images/adfs_saml_6.png diff --git a/admin_guide/access_control/images/adfs_saml_7.png b/admin_guide/authentication/images/adfs_saml_7.png similarity index 100% rename from admin_guide/access_control/images/adfs_saml_7.png rename to admin_guide/authentication/images/adfs_saml_7.png diff --git a/admin_guide/access_control/images/adfs_saml_8.png b/admin_guide/authentication/images/adfs_saml_8.png similarity index 100% rename from admin_guide/access_control/images/adfs_saml_8.png rename to admin_guide/authentication/images/adfs_saml_8.png diff --git a/admin_guide/access_control/images/adfs_saml_9.png b/admin_guide/authentication/images/adfs_saml_9.png similarity index 100% rename from admin_guide/access_control/images/adfs_saml_9.png rename to admin_guide/authentication/images/adfs_saml_9.png diff --git a/admin_guide/access_control/images/defender_listening_modes_791687.png b/admin_guide/authentication/images/defender_listening_modes_791687.png similarity index 100% rename from admin_guide/access_control/images/defender_listening_modes_791687.png rename to admin_guide/authentication/images/defender_listening_modes_791687.png diff --git a/admin_guide/access_control/images/integrate_active_directory_555634.png b/admin_guide/authentication/images/integrate_active_directory_555634.png similarity index 100% rename from admin_guide/access_control/images/integrate_active_directory_555634.png rename to admin_guide/authentication/images/integrate_active_directory_555634.png diff --git a/admin_guide/access_control/images/integrate_active_directory_555634.png.1 b/admin_guide/authentication/images/integrate_active_directory_555634.png.1 similarity index 100% rename from admin_guide/access_control/images/integrate_active_directory_555634.png.1 rename to admin_guide/authentication/images/integrate_active_directory_555634.png.1 diff --git a/admin_guide/access_control/images/integrate_active_directory_555634.png.2 b/admin_guide/authentication/images/integrate_active_directory_555634.png.2 similarity index 100% rename from admin_guide/access_control/images/integrate_active_directory_555634.png.2 rename to admin_guide/authentication/images/integrate_active_directory_555634.png.2 diff --git a/admin_guide/access_control/images/integrate_g_suite_791235.png b/admin_guide/authentication/images/integrate_g_suite_791235.png similarity index 100% rename from admin_guide/access_control/images/integrate_g_suite_791235.png rename to admin_guide/authentication/images/integrate_g_suite_791235.png diff --git a/admin_guide/access_control/images/integrate_g_suite_791236.png b/admin_guide/authentication/images/integrate_g_suite_791236.png similarity index 100% rename from admin_guide/access_control/images/integrate_g_suite_791236.png rename to admin_guide/authentication/images/integrate_g_suite_791236.png diff --git a/admin_guide/access_control/images/integrate_g_suite_791240.png b/admin_guide/authentication/images/integrate_g_suite_791240.png similarity index 100% rename from admin_guide/access_control/images/integrate_g_suite_791240.png rename to admin_guide/authentication/images/integrate_g_suite_791240.png diff --git a/admin_guide/access_control/images/integrate_g_suite_791241.png b/admin_guide/authentication/images/integrate_g_suite_791241.png similarity index 100% rename from admin_guide/access_control/images/integrate_g_suite_791241.png rename to admin_guide/authentication/images/integrate_g_suite_791241.png diff --git a/admin_guide/access_control/images/integrate_g_suite_791242.png b/admin_guide/authentication/images/integrate_g_suite_791242.png similarity index 100% rename from admin_guide/access_control/images/integrate_g_suite_791242.png rename to admin_guide/authentication/images/integrate_g_suite_791242.png diff --git a/admin_guide/access_control/images/integrate_g_suite_791271.png b/admin_guide/authentication/images/integrate_g_suite_791271.png similarity index 100% rename from admin_guide/access_control/images/integrate_g_suite_791271.png rename to admin_guide/authentication/images/integrate_g_suite_791271.png diff --git a/admin_guide/access_control/images/integrate_saml_610130.png b/admin_guide/authentication/images/integrate_saml_610130.png similarity index 100% rename from admin_guide/access_control/images/integrate_saml_610130.png rename to admin_guide/authentication/images/integrate_saml_610130.png diff --git a/admin_guide/access_control/images/integrate_saml_610131.png b/admin_guide/authentication/images/integrate_saml_610131.png similarity index 100% rename from admin_guide/access_control/images/integrate_saml_610131.png rename to admin_guide/authentication/images/integrate_saml_610131.png diff --git a/admin_guide/access_control/images/integrate_saml_610135.png b/admin_guide/authentication/images/integrate_saml_610135.png similarity index 100% rename from admin_guide/access_control/images/integrate_saml_610135.png rename to admin_guide/authentication/images/integrate_saml_610135.png diff --git a/admin_guide/access_control/images/integrate_saml_610136.png b/admin_guide/authentication/images/integrate_saml_610136.png similarity index 100% rename from admin_guide/access_control/images/integrate_saml_610136.png rename to admin_guide/authentication/images/integrate_saml_610136.png diff --git a/admin_guide/access_control/images/integrate_saml_610140.png b/admin_guide/authentication/images/integrate_saml_610140.png similarity index 100% rename from admin_guide/access_control/images/integrate_saml_610140.png rename to admin_guide/authentication/images/integrate_saml_610140.png diff --git a/admin_guide/access_control/images/integrate_saml_610146.png b/admin_guide/authentication/images/integrate_saml_610146.png similarity index 100% rename from admin_guide/access_control/images/integrate_saml_610146.png rename to admin_guide/authentication/images/integrate_saml_610146.png diff --git a/admin_guide/access_control/images/integrate_saml_610150.png b/admin_guide/authentication/images/integrate_saml_610150.png similarity index 100% rename from admin_guide/access_control/images/integrate_saml_610150.png rename to admin_guide/authentication/images/integrate_saml_610150.png diff --git a/admin_guide/access_control/images/integrate_saml_610156.png b/admin_guide/authentication/images/integrate_saml_610156.png similarity index 100% rename from admin_guide/access_control/images/integrate_saml_610156.png rename to admin_guide/authentication/images/integrate_saml_610156.png diff --git a/admin_guide/access_control/images/integrate_saml_610160.png b/admin_guide/authentication/images/integrate_saml_610160.png similarity index 100% rename from admin_guide/access_control/images/integrate_saml_610160.png rename to admin_guide/authentication/images/integrate_saml_610160.png diff --git a/admin_guide/access_control/images/integrate_saml_610163.png b/admin_guide/authentication/images/integrate_saml_610163.png similarity index 100% rename from admin_guide/access_control/images/integrate_saml_610163.png rename to admin_guide/authentication/images/integrate_saml_610163.png diff --git a/admin_guide/access_control/images/ldap_group.PNG b/admin_guide/authentication/images/ldap_group.PNG similarity index 100% rename from admin_guide/access_control/images/ldap_group.PNG rename to admin_guide/authentication/images/ldap_group.PNG diff --git a/admin_guide/access_control/images/ping_saml_step10.png b/admin_guide/authentication/images/ping_saml_step10.png similarity index 100% rename from admin_guide/access_control/images/ping_saml_step10.png rename to admin_guide/authentication/images/ping_saml_step10.png diff --git a/admin_guide/access_control/images/ping_saml_step11.png b/admin_guide/authentication/images/ping_saml_step11.png similarity index 100% rename from admin_guide/access_control/images/ping_saml_step11.png rename to admin_guide/authentication/images/ping_saml_step11.png diff --git a/admin_guide/access_control/images/ping_saml_step12.png b/admin_guide/authentication/images/ping_saml_step12.png similarity index 100% rename from admin_guide/access_control/images/ping_saml_step12.png rename to admin_guide/authentication/images/ping_saml_step12.png diff --git a/admin_guide/access_control/images/ping_saml_step13.png b/admin_guide/authentication/images/ping_saml_step13.png similarity index 100% rename from admin_guide/access_control/images/ping_saml_step13.png rename to admin_guide/authentication/images/ping_saml_step13.png diff --git a/admin_guide/access_control/images/ping_saml_step2.png b/admin_guide/authentication/images/ping_saml_step2.png similarity index 100% rename from admin_guide/access_control/images/ping_saml_step2.png rename to admin_guide/authentication/images/ping_saml_step2.png diff --git a/admin_guide/access_control/images/ping_saml_step3.png b/admin_guide/authentication/images/ping_saml_step3.png similarity index 100% rename from admin_guide/access_control/images/ping_saml_step3.png rename to admin_guide/authentication/images/ping_saml_step3.png diff --git a/admin_guide/access_control/images/ping_saml_step5.png b/admin_guide/authentication/images/ping_saml_step5.png similarity index 100% rename from admin_guide/access_control/images/ping_saml_step5.png rename to admin_guide/authentication/images/ping_saml_step5.png diff --git a/admin_guide/access_control/images/ping_saml_step6.png b/admin_guide/authentication/images/ping_saml_step6.png similarity index 100% rename from admin_guide/access_control/images/ping_saml_step6.png rename to admin_guide/authentication/images/ping_saml_step6.png diff --git a/admin_guide/access_control/images/ping_saml_step7.png b/admin_guide/authentication/images/ping_saml_step7.png similarity index 100% rename from admin_guide/access_control/images/ping_saml_step7.png rename to admin_guide/authentication/images/ping_saml_step7.png diff --git a/admin_guide/access_control/images/ping_saml_step8.png b/admin_guide/authentication/images/ping_saml_step8.png similarity index 100% rename from admin_guide/access_control/images/ping_saml_step8.png rename to admin_guide/authentication/images/ping_saml_step8.png diff --git a/admin_guide/access_control/images/ping_saml_step9.png b/admin_guide/authentication/images/ping_saml_step9.png similarity index 100% rename from admin_guide/access_control/images/ping_saml_step9.png rename to admin_guide/authentication/images/ping_saml_step9.png diff --git a/admin_guide/access_control/images/prisma_cloud_mgmt_interfaces.png b/admin_guide/authentication/images/prisma_cloud_mgmt_interfaces.png similarity index 100% rename from admin_guide/access_control/images/prisma_cloud_mgmt_interfaces.png rename to admin_guide/authentication/images/prisma_cloud_mgmt_interfaces.png diff --git a/admin_guide/access_control/images/prisma_cloud_role_mapping.png b/admin_guide/authentication/images/prisma_cloud_role_mapping.png similarity index 100% rename from admin_guide/access_control/images/prisma_cloud_role_mapping.png rename to admin_guide/authentication/images/prisma_cloud_role_mapping.png diff --git a/admin_guide/access_control/images/secrets_manager_790254.png b/admin_guide/authentication/images/secrets_manager_790254.png similarity index 100% rename from admin_guide/access_control/images/secrets_manager_790254.png rename to admin_guide/authentication/images/secrets_manager_790254.png diff --git a/admin_guide/access_control/images/secrets_manager_790256.png b/admin_guide/authentication/images/secrets_manager_790256.png similarity index 100% rename from admin_guide/access_control/images/secrets_manager_790256.png rename to admin_guide/authentication/images/secrets_manager_790256.png diff --git a/admin_guide/access_control/images/secrets_manager_791688.png b/admin_guide/authentication/images/secrets_manager_791688.png similarity index 100% rename from admin_guide/access_control/images/secrets_manager_791688.png rename to admin_guide/authentication/images/secrets_manager_791688.png diff --git a/admin_guide/access_control/images/use_custom_certs_auth_793632.png b/admin_guide/authentication/images/use_custom_certs_auth_793632.png similarity index 100% rename from admin_guide/access_control/images/use_custom_certs_auth_793632.png rename to admin_guide/authentication/images/use_custom_certs_auth_793632.png diff --git a/admin_guide/access_control/images/use_custom_certs_auth_795121.png b/admin_guide/authentication/images/use_custom_certs_auth_795121.png similarity index 100% rename from admin_guide/access_control/images/use_custom_certs_auth_795121.png rename to admin_guide/authentication/images/use_custom_certs_auth_795121.png diff --git a/admin_guide/access_control/images/use_custom_certs_auth_795123.png b/admin_guide/authentication/images/use_custom_certs_auth_795123.png similarity index 100% rename from admin_guide/access_control/images/use_custom_certs_auth_795123.png rename to admin_guide/authentication/images/use_custom_certs_auth_795123.png diff --git a/admin_guide/access_control/images/use_custom_certs_auth_banner.png b/admin_guide/authentication/images/use_custom_certs_auth_banner.png similarity index 100% rename from admin_guide/access_control/images/use_custom_certs_auth_banner.png rename to admin_guide/authentication/images/use_custom_certs_auth_banner.png diff --git a/admin_guide/access_control/images/user_roles_admin.png b/admin_guide/authentication/images/user_roles_admin.png similarity index 100% rename from admin_guide/access_control/images/user_roles_admin.png rename to admin_guide/authentication/images/user_roles_admin.png diff --git a/admin_guide/access_control/images/user_roles_user.png b/admin_guide/authentication/images/user_roles_user.png similarity index 100% rename from admin_guide/access_control/images/user_roles_user.png rename to admin_guide/authentication/images/user_roles_user.png From e82a0f897da6993167fbde46381b7b64c3b9975d Mon Sep 17 00:00:00 2001 From: Joshua Falgout Date: Tue, 16 Jun 2020 16:10:54 -0500 Subject: [PATCH 21/28] Moved Images Moved Images and Docker RBAC --- admin_guide/access_control/.DS_Store | Bin 0 -> 6148 bytes .../docker_rbac.adoc} | 0 .../access_control_docker_engine_565449.png | Bin .../access_control_docker_engine_565451.png | Bin .../images/defender_listening_modes_791687.png | Bin admin_guide/authentication/.DS_Store | Bin 0 -> 6148 bytes admin_guide/authentication/images/.DS_Store | Bin 0 -> 6148 bytes 7 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 admin_guide/access_control/.DS_Store rename admin_guide/{authentication/rbac.adoc => access_control/docker_rbac.adoc} (100%) rename admin_guide/{authentication => access_control}/images/access_control_docker_engine_565449.png (100%) rename admin_guide/{authentication => access_control}/images/access_control_docker_engine_565451.png (100%) rename admin_guide/{authentication => access_control}/images/defender_listening_modes_791687.png (100%) create mode 100644 admin_guide/authentication/.DS_Store create mode 100644 admin_guide/authentication/images/.DS_Store diff --git a/admin_guide/access_control/.DS_Store b/admin_guide/access_control/.DS_Store new file mode 100644 index 0000000000000000000000000000000000000000..8d3166354f97c6633fe68f64a8f87abfed8f5b63 GIT binary patch literal 6148 zcmeHK%}N6?5T4N@3toEkm^YBV!CKavx86KytyH1Q7Q}m=st-_n72m_}%Z$QmK=2?{ zW+3?{nV-#m%O)8S(fRXgCNdR~292mxD#Gci>ByZYKrK1$U%pabM+2j!Q2{DI1*iZOpaKt9AWLlX_VAN=AQhkj&#r)d9}3*CCXRvr>A>JE0C0}58|L0i z0E-2HHE|3?1g1d+2351g(4Zq;GOs3%fk79|=0o#l%??HVcAQ^4U9<*rqykjnUV)cb zwpRaF@L&4>dlFYvfC~I81$5rO_Z^;;wRQ41tF;BbhFi`RZicy2FnBozdO60z%JIUJ bBCpsS`!#V4bUNZr2l8jYbfHm!zgFM|YL^v< literal 0 HcmV?d00001 diff --git a/admin_guide/authentication/images/.DS_Store b/admin_guide/authentication/images/.DS_Store new file mode 100644 index 0000000000000000000000000000000000000000..5008ddfcf53c02e82d7eee2e57c38e5672ef89f6 GIT binary patch literal 6148 zcmeH~Jr2S!425mzP>H1@V-^m;4Wg<&0T*E43hX&L&p$$qDprKhvt+--jT7}7np#A3 zem<@ulZcFPQ@L2!n>{z**++&mCkOWA81W14cNZlEfg7;MkzE(HCqgga^y>{tEnwC%0;vJ&^%eQ zLs35+`xjp>T0 Date: Tue, 16 Jun 2020 16:13:44 -0500 Subject: [PATCH 22/28] reverted rbac rename reverted rename --- admin_guide/access_control/{docker_rbac.adoc => rbac.adoc} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename admin_guide/access_control/{docker_rbac.adoc => rbac.adoc} (100%) diff --git a/admin_guide/access_control/docker_rbac.adoc b/admin_guide/access_control/rbac.adoc similarity index 100% rename from admin_guide/access_control/docker_rbac.adoc rename to admin_guide/access_control/rbac.adoc From 7321a2f318763371beb3271400a1bfd597420221 Mon Sep 17 00:00:00 2001 From: Joshua Falgout Date: Tue, 16 Jun 2020 16:18:21 -0500 Subject: [PATCH 23/28] Revert rename reverted rename of upn file --- admin_guide/authentication/.DS_Store | Bin 6148 -> 6148 bytes ...xes.adoc => non_default_upn_suffixes.adoc} | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename admin_guide/authentication/{active_directory_non_default_upn_suffixes.adoc => non_default_upn_suffixes.adoc} (100%) diff --git a/admin_guide/authentication/.DS_Store b/admin_guide/authentication/.DS_Store index 10f526f8e4dd7b7acd1ba2e1d98b71aa58834ebe..50c27e7d42157bcfb77412dd29282b4ae01178b3 100644 GIT binary patch delta 18 acmZoMXfc?uWMYc?#sfC&o7p-3@&f=!F9$mS delta 20 ccmZoMXfc?ugpqOM#xVAY2Y5EKbNuB808nuUi2wiq diff --git a/admin_guide/authentication/active_directory_non_default_upn_suffixes.adoc b/admin_guide/authentication/non_default_upn_suffixes.adoc similarity index 100% rename from admin_guide/authentication/active_directory_non_default_upn_suffixes.adoc rename to admin_guide/authentication/non_default_upn_suffixes.adoc From d7bbe26f6155dd5f2663d0e4a3337d2093df0f9d Mon Sep 17 00:00:00 2001 From: Joshua Falgout Date: Tue, 16 Jun 2020 16:23:07 -0500 Subject: [PATCH 24/28] revert delete revert delete --- admin_guide/authentication/assign_roles.adoc | 143 +++++++++++++++++++ 1 file changed, 143 insertions(+) create mode 100644 admin_guide/authentication/assign_roles.adoc diff --git a/admin_guide/authentication/assign_roles.adoc b/admin_guide/authentication/assign_roles.adoc new file mode 100644 index 00000000..72f04df4 --- /dev/null +++ b/admin_guide/authentication/assign_roles.adoc @@ -0,0 +1,143 @@ +== Assign roles + +ifdef::compute_edition[] +After creating a user or group, you can assign a xref:../access_control/user_roles.adoc[role] to it. +Roles determine the level of access to Prisma Cloud’s data and settings. + +Prisma Cloud supports two types of users and groups: + +* Centrally managed users and groups, defined in your organization’s directory service. +With directory services such as Active Directory, OpenLDAP, and SAML providers, you can re-use the identities set up in these systems. +* Prisma Cloud users and groups, created and managed from Console. +For centrally managed users groups, roles can be assigned after you integrate your directory service with Prisma Cloud. +Roles can be assigned to individual users or to groups. +When you assign a role to a group, all members of the group inherit the role. +Managing role assignments at the group level is considered a best practice. +Groups provide an easier way to manage a large user base, and simpler foundation for building your access control policies. + +For Prisma Cloud users and groups, roles are assigned at the user level when the user is created. +When you create a Prisma Cloud group, you add Prisma Cloud users to it. +Users in this type of group always retain the role they were assigned when they were created. + + +[.task] +=== Assigning roles to Prisma Cloud users + +If you do not have a directory service, such as Active Directory (AD) or Lightweight Directory Access Protocol (LDAP), Prisma Cloud lets you create and manage your own users and groups. +When you create a Prisma Cloud user, you can assign it a role, which determines its level of access. + +To create a user and assign it a role: + +[.procedure] +. Open Console, and log in with your admin credentials. + +. Go to *Manage > Authentication > Users*. + +. Click *Add user*. + +.. Enter a username. + +.. Enter a password. + +.. Assign a role. + +.. Click *Save*. + + +[.task] +=== Assigning roles to Prisma Cloud groups + +Collecting users into groups makes it easier to manage your access control rules. + +NOTE: Each user in the group retains his own role to prevent erroneous privilege escalation. + +To create a Prisma Cloud group and add users to it: + +[.procedure] +. Open Console and log in with your admin credentials. + +. Go to *Manage > Authentication > Groups*. + +. Click *Add group*. + +.. Enter a name for your group. + +.. In the drop down list, select a user. + +.. Click *+*. + +.. Repeat steps b to c until your group contains all the members you want. + +.. Click *Save: + + +[.task] +=== Assigning roles to AD/OpenLDAP/SAML users + +By default, AD/OpenLDAP/SAML users have user-level access to Console. +You can grant a user a different access level by assigning him a role. + +NOTE: If a user is a part of an AD, OpenLDAP, or SAML group, and you have assigned a role to the group, the user inherits the group's role. + +*Prerequisites:* + +You have integrated Prisma Cloud with Active Directory, OpenLDAP, or SAML. + +[.procedure] +. Open Console. + +. Log in with your admin credentials. + +. Go to *Manage > Authentication > Users*. + +. Click *Add user*. + +.. Enter the username for the user whose role you want to set. +For example, if you have integrated Prisma Cloud with Active Directory, enter a UPN. + +.. In the *Role* drop-down menu, select a role. + +.. Click *Save*. + + +[.task] +=== Assigning roles to AD/OpenLDAP/SAML groups + +You can assign an AD/OpenLDAP/SAML group a role. +Members of the group inherit the group’s role. +When a user from a group tries to access a resource protected by Prisma Cloud, Prisma Cloud resolves the member’s role on the fly. + +NOTE: If a user is assigned multiple roles, either directly or through group inheritance, then he is granted the rights of the highest role. +For example, assume Bruce is part of GroupA and GroupB in Active Directory. +In Console, you assign the Administrator role to GroupA and the Auditor role to GroupB. When Bruce logs into Prisma Cloud, he will have Administrator rights. + +The following procedure shows you how to assign a role to an existing AD/OpenLDAP/SAML group: + +*Prerequisites:* + +* You have integrated Prisma Cloud with Active Directory, OpenLDAP, or SAML. +[.procedure] +. Open Console, and log in with your admin credentials. + +. Go to *Manage > Authentication > Groups*. + +. Click *Add group*. + +.. Specify the name of the group. It should match the group name specified in your directory service. + +.. Check LDAP group. + +.. Select a role. + +.. Click *Save*. + +endif::compute_edition[] + +ifdef::prisma_cloud[] + +To access the Compute Console UI, users must have the Prisma Cloud (outer management interface) System Admin role. +Access is denied to users with any other role. + +The Prisma Cloud System Admin role is mapped to Compute's (inner management interface) Administrator role. + +endif::prisma_cloud[] \ No newline at end of file From cf75da03cab3e36cd7a3ff09ba336e6c355460ca Mon Sep 17 00:00:00 2001 From: Joshua Falgout <49874460+joshfalgout@users.noreply.github.com> Date: Tue, 16 Jun 2020 16:26:14 -0500 Subject: [PATCH 25/28] Update _topic_map_compute_edition.yml Updated new sections --- admin_guide/_topic_map_compute_edition.yml | 92 ++++++++++++++-------- 1 file changed, 60 insertions(+), 32 deletions(-) diff --git a/admin_guide/_topic_map_compute_edition.yml b/admin_guide/_topic_map_compute_edition.yml index 3adf97aa..1fecb1d3 100644 --- a/admin_guide/_topic_map_compute_edition.yml +++ b/admin_guide/_topic_map_compute_edition.yml @@ -251,38 +251,6 @@ Topics: - Name: PCF blobstore scanning File: pcf_blobstore --- -Name: Access control -Dir: access_control -Topics: -- Name: Access control - File: access_control -- Name: Role-based access control - File: rbac -- Name: Integrate with Active Directory - File: integrate_active_directory -- Name: Integrate with OpenLDAP - File: integrate_openldap -- Name: Integrate with SAML - File: integrate_saml -- Name: Integrate Google G Suite (SAML) - File: integrate_saml_google_g_suite -- Name: Integrate with Azure Active Directory via SAML 2.0 Federation - File: integrate_saml_azure_active_directory -- Name: Integrate with PingFederate via SAML 2.0 Federation - File: integrate_saml_ping_federate -- Name: Integrate with Active Directory Federation Services (ADFS) via SAML 2.0 Federation - File: integrate_saml_active_directory_federation_services -- Name: Non-default UPN suffixes - File: non_default_upn_suffixes -- Name: Compute user roles - File: user_roles -- Name: Assign roles - File: assign_roles -- Name: Use custom certificates for authorization - File: use_custom_certs_for_auth -- Name: Open Policy Agent - File: open_policy_agent ---- Name: Compliance Dir: compliance Topics: @@ -372,6 +340,16 @@ Topics: - Name: Service violation File: service_violation --- +Name: Access control +Dir: access_control +Topics: +- Name: Access control + File: access_control +- Name: Docker Role-based access control + File: rbac +- Name: Open Policy Agent + File: open_policy_agent +--- Name: Continuous integration Dir: continuous_integration Topics: @@ -491,6 +469,56 @@ Topics: - Name: Kubernetes auditing File: kubernetes_auditing --- +Name: Authentication +Dir: authentication +Topics: +- Name: Authentication + File: authentication +- Name: Integrate with Active Directory + File: integrate_active_directory +- Name: Integrate with OpenLDAP + File: integrate_openldap +- Name: Integrate with SAML + File: integrate_saml +- Name: Integrate Google G Suite (SAML) + File: integrate_saml_google_g_suite +- Name: Integrate with Azure Active Directory via SAML 2.0 Federation + File: integrate_saml_azure_active_directory +- Name: Integrate with PingFederate via SAML 2.0 Federation + File: integrate_saml_ping_federate +- Name: Integrate with Active Directory Federation Services (ADFS) via SAML 2.0 Federation + File: integrate_saml_active_directory_federation_services +- Name: Active Directory Non-default UPN suffixes + File: non_default_upn_suffixes +- Name: Compute user roles + File: user_roles +- Name: Assign roles + File: assign_roles +- Name: Use custom certificates for authorization + File: use_custom_certs_for_auth +--- +Name: Continuous integration +Dir: continuous_integration +Topics: +- Name: Continuous integration + File: continuous_integration +- Name: Jenkins plugin + File: jenkins_plugin +- Name: Jenkins Freestyle project + File: jenkins_freestyle_project +- Name: Jenkins Maven project + File: jenkins_maven_project +- Name: Jenkins Pipeline project + File: jenkins_pipeline_project +- Name: Run Jenkins in a container + File: run_jenkins_container +- Name: Jenkins pipeline on K8S + File: jenkins_pipeline_k8s +- Name: CloudBees Core pipeline on K8S + File: cloudbees_core_pipeline_k8s +- Name: Set policy in the CI plugins + File: set_policy_ci_plugins +--- Name: Tools Dir: tools Topics: From e26b9e23d2c18720219f556c97f3161bd947ddcd Mon Sep 17 00:00:00 2001 From: Joshua Falgout <49874460+joshfalgout@users.noreply.github.com> Date: Tue, 16 Jun 2020 16:32:58 -0500 Subject: [PATCH 26/28] Update _topic_map_prisma_cloud.yml Modify SaaS with new section --- admin_guide/_topic_map_prisma_cloud.yml | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/admin_guide/_topic_map_prisma_cloud.yml b/admin_guide/_topic_map_prisma_cloud.yml index 5e2de95b..623263d0 100644 --- a/admin_guide/_topic_map_prisma_cloud.yml +++ b/admin_guide/_topic_map_prisma_cloud.yml @@ -236,16 +236,8 @@ Dir: access_control Topics: - Name: Access control File: access_control -- Name: Access keys - File: access_keys -- Name: Role-based access control +- Name: Docker Role-based access control File: rbac -- Name: Prisma Cloud user roles - File: prisma_cloud_user_roles -- Name: Compute user roles - File: user_roles -- Name: Assign roles - File: assign_roles - Name: Open Policy Agent File: open_policy_agent --- @@ -338,6 +330,20 @@ Topics: - Name: Service violation File: service_violation --- +Name: Authentication +Dir: authentication +Topics: +- Name: Authentication + File: authentication +- Name: Access keys + File: access_keys +- Name: Prisma Cloud user roles + File: prisma_cloud_user_roles +- Name: Compute user roles + File: user_roles +- Name: Assign roles + File: assign_roles +--- Name: Continuous integration Dir: continuous_integration Topics: From 21abc684b6dd21e291cc84943c064a25b0cd76f2 Mon Sep 17 00:00:00 2001 From: Joshua Falgout Date: Tue, 16 Jun 2020 16:43:51 -0500 Subject: [PATCH 27/28] change xref changed xrefs --- admin_guide/authentication/assign_roles.adoc | 2 +- admin_guide/authentication/integrate_active_directory.adoc | 4 ++-- .../integrate_saml_active_directory_federation_services.adoc | 2 +- admin_guide/authentication/prisma_cloud_user_roles.adoc | 2 +- admin_guide/authentication/user_roles.adoc | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/admin_guide/authentication/assign_roles.adoc b/admin_guide/authentication/assign_roles.adoc index 72f04df4..569ac932 100644 --- a/admin_guide/authentication/assign_roles.adoc +++ b/admin_guide/authentication/assign_roles.adoc @@ -1,7 +1,7 @@ == Assign roles ifdef::compute_edition[] -After creating a user or group, you can assign a xref:../access_control/user_roles.adoc[role] to it. +After creating a user or group, you can assign a xref:../user_roles.adoc[role] to it. Roles determine the level of access to Prisma Cloud’s data and settings. Prisma Cloud supports two types of users and groups: diff --git a/admin_guide/authentication/integrate_active_directory.adoc b/admin_guide/authentication/integrate_active_directory.adoc index fa70662e..01ea9de4 100644 --- a/admin_guide/authentication/integrate_active_directory.adoc +++ b/admin_guide/authentication/integrate_active_directory.adoc @@ -15,7 +15,7 @@ With AD integration, you can: * Extend your organization’s access control logic to the management of Docker containers. For example, you could specify that only members of the AD group Dev Ops Admins can start and stop containers in the production environment. -For more information, see xref:../access_control/rbac.adoc[Access control for Docker Engine (RBAC)]. +For more information, see xref:../user_roles.adoc[User Roles]. === Configuration options @@ -155,7 +155,7 @@ After integrating AD with Prisma Cloud, you can: * Grant admin privileges to specific users or groups. For more information, see -xref:../access_control/assign_roles.adoc[Assigning roles]. +xref:../assign_roles.adoc[Assigning roles]. * Set up policies for accessing Docker and Kubernetes. For more information, see xref:../access_control/rbac.adoc[Access control for Docker Engine]. diff --git a/admin_guide/authentication/integrate_saml_active_directory_federation_services.adoc b/admin_guide/authentication/integrate_saml_active_directory_federation_services.adoc index ed8fdfb2..4368398d 100644 --- a/admin_guide/authentication/integrate_saml_active_directory_federation_services.adoc +++ b/admin_guide/authentication/integrate_saml_active_directory_federation_services.adoc @@ -179,7 +179,7 @@ NOTE: When federating with ADFS Prisma Cloud usernames are case insensitive. All + image::adfs_saml_12.png[width=600] -.. *Role*: select an appropriate xref:../access_control/user_roles.adoc#[role]. +.. *Role*: select an appropriate xref:../user_roles.adoc#[role]. . Click *Save*. diff --git a/admin_guide/authentication/prisma_cloud_user_roles.adoc b/admin_guide/authentication/prisma_cloud_user_roles.adoc index f65acb7e..bd45a2e6 100644 --- a/admin_guide/authentication/prisma_cloud_user_roles.adoc +++ b/admin_guide/authentication/prisma_cloud_user_roles.adoc @@ -70,4 +70,4 @@ NOTE: Only Admin can create collections in Compute. Collections for Read-Only us To learn more about Prisma Cloud permission groups and roles, see https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/manage-prisma-cloud-administrators/create-prisma-cloud-roles.html#[Create Roles in Prisma Cloud]. -To learn more about Compute roles, see xref:../access_control/user_roles.adoc#[User roles]. +To learn more about Compute roles, see xref:../user_roles.adoc#[User roles]. diff --git a/admin_guide/authentication/user_roles.adoc b/admin_guide/authentication/user_roles.adoc index dd633be4..dba2bb72 100644 --- a/admin_guide/authentication/user_roles.adoc +++ b/admin_guide/authentication/user_roles.adoc @@ -75,7 +75,7 @@ In Console, you assign the Administrator role to GroupA and the Auditor role to NOTE: Roles are enforced the same way for both the Prisma Cloud UI and the Prisma Cloud API. To learn how to assign roles to users and groups, see -xref:../access_control/assign_roles.adoc#[Assigning roles]. +xref:../assign_roles.adoc#[Assigning roles]. === Roles From 19b4d4f803a5746e819fa429a54d7712d4016f02 Mon Sep 17 00:00:00 2001 From: ian <> Date: Thu, 2 Jul 2020 12:13:00 -0500 Subject: [PATCH 28/28] Fixups --- admin_guide/_topic_map_compute_edition.yml | 58 +++++++++--------- admin_guide/_topic_map_prisma_cloud.yml | 30 ++++----- .../containerized_mode.adoc | 25 -------- .../jenkins_pipeline_k8s.adoc | 27 +++++++- ...arialbles.png => lambda_env_variables.png} | Bin build_site.sh | 3 + 6 files changed, 72 insertions(+), 71 deletions(-) delete mode 100644 admin_guide/continuous_integration/containerized_mode.adoc rename admin_guide/install/install_defender/images/{lambda_env_varialbles.png => lambda_env_variables.png} (100%) diff --git a/admin_guide/_topic_map_compute_edition.yml b/admin_guide/_topic_map_compute_edition.yml index 1fecb1d3..b40a3edb 100644 --- a/admin_guide/_topic_map_compute_edition.yml +++ b/admin_guide/_topic_map_compute_edition.yml @@ -188,6 +188,34 @@ Topics: - Name: Credentials store File: credentials_store --- +Name: Authentication +Dir: authentication +Topics: +- Name: Authentication + File: authentication +- Name: Integrate with Active Directory + File: integrate_active_directory +- Name: Integrate with OpenLDAP + File: integrate_openldap +- Name: Integrate with SAML + File: integrate_saml +- Name: Integrate Google G Suite (SAML) + File: integrate_saml_google_g_suite +- Name: Integrate with Azure Active Directory via SAML 2.0 Federation + File: integrate_saml_azure_active_directory +- Name: Integrate with PingFederate via SAML 2.0 Federation + File: integrate_saml_ping_federate +- Name: Integrate with Active Directory Federation Services (ADFS) via SAML 2.0 Federation + File: integrate_saml_active_directory_federation_services +- Name: Active Directory Non-default UPN suffixes + File: non_default_upn_suffixes +- Name: Compute user roles + File: user_roles +- Name: Assign roles + File: assign_roles +- Name: Use custom certificates for authorization + File: use_custom_certs_for_auth +--- Name: Vulnerability management Dir: vulnerability_management Topics: @@ -345,7 +373,7 @@ Dir: access_control Topics: - Name: Access control File: access_control -- Name: Docker Role-based access control +- Name: Docker role-based access control File: rbac - Name: Open Policy Agent File: open_policy_agent @@ -469,34 +497,6 @@ Topics: - Name: Kubernetes auditing File: kubernetes_auditing --- -Name: Authentication -Dir: authentication -Topics: -- Name: Authentication - File: authentication -- Name: Integrate with Active Directory - File: integrate_active_directory -- Name: Integrate with OpenLDAP - File: integrate_openldap -- Name: Integrate with SAML - File: integrate_saml -- Name: Integrate Google G Suite (SAML) - File: integrate_saml_google_g_suite -- Name: Integrate with Azure Active Directory via SAML 2.0 Federation - File: integrate_saml_azure_active_directory -- Name: Integrate with PingFederate via SAML 2.0 Federation - File: integrate_saml_ping_federate -- Name: Integrate with Active Directory Federation Services (ADFS) via SAML 2.0 Federation - File: integrate_saml_active_directory_federation_services -- Name: Active Directory Non-default UPN suffixes - File: non_default_upn_suffixes -- Name: Compute user roles - File: user_roles -- Name: Assign roles - File: assign_roles -- Name: Use custom certificates for authorization - File: use_custom_certs_for_auth ---- Name: Continuous integration Dir: continuous_integration Topics: diff --git a/admin_guide/_topic_map_prisma_cloud.yml b/admin_guide/_topic_map_prisma_cloud.yml index 5c47eb9f..2b573844 100644 --- a/admin_guide/_topic_map_prisma_cloud.yml +++ b/admin_guide/_topic_map_prisma_cloud.yml @@ -168,6 +168,20 @@ Topics: - Name: Credentials store File: credentials_store --- +Name: Authentication +Dir: authentication +Topics: +- Name: Authentication + File: authentication +- Name: Access keys + File: access_keys +- Name: Prisma Cloud user roles + File: prisma_cloud_user_roles +- Name: Compute user roles + File: user_roles +- Name: Assign roles + File: assign_roles +--- Name: Vulnerability management Dir: vulnerability_management Topics: @@ -236,7 +250,7 @@ Dir: access_control Topics: - Name: Access control File: access_control -- Name: Docker Role-based access control +- Name: Docker role-based access control File: rbac - Name: Open Policy Agent File: open_policy_agent @@ -330,20 +344,6 @@ Topics: - Name: Service violation File: service_violation --- -Name: Authentication -Dir: authentication -Topics: -- Name: Authentication - File: authentication -- Name: Access keys - File: access_keys -- Name: Prisma Cloud user roles - File: prisma_cloud_user_roles -- Name: Compute user roles - File: user_roles -- Name: Assign roles - File: assign_roles ---- Name: Continuous integration Dir: continuous_integration Topics: diff --git a/admin_guide/continuous_integration/containerized_mode.adoc b/admin_guide/continuous_integration/containerized_mode.adoc deleted file mode 100644 index 387f76fb..00000000 --- a/admin_guide/continuous_integration/containerized_mode.adoc +++ /dev/null @@ -1,25 +0,0 @@ -[NOTE] -==== -You can run the Prisma Cloud scanner inside a container using the 'containerized' flag. -Scanning from inside a container is only required for special situations. - -[source] ----- -stage(‘Parallel’) { - agent { - docker { - image ‘ubuntu:latest’ - } - } - stages { - stage(‘Prisma Cloud Scan’) { - steps { - prismaCloudScanImage ca: '', cert: '', containerized:true, ... - } - } - ... -} ----- - -When using the containerized mode, image ID won't be displayed in the scan results (only image name). -==== diff --git a/admin_guide/continuous_integration/jenkins_pipeline_k8s.adoc b/admin_guide/continuous_integration/jenkins_pipeline_k8s.adoc index 609a1810..1f4f84d1 100644 --- a/admin_guide/continuous_integration/jenkins_pipeline_k8s.adoc +++ b/admin_guide/continuous_integration/jenkins_pipeline_k8s.adoc @@ -167,5 +167,28 @@ Alternatively, we could use a https://github.com/nathanielc/docker-client[contai * *6* -- The second stage runs the Prisma Cloud scanner on the nginx image in the default jnlp container. -// Reusable content fragment. -include::containerized_mode.adoc[leveloffset=0] +[NOTE] +==== +You can run the Prisma Cloud scanner inside a container using the 'containerized' flag. +Scanning from inside a container is only required for special situations. + +[source] +---- +stage(‘Parallel’) { + agent { + docker { + image ‘ubuntu:latest’ + } + } + stages { + stage(‘Prisma Cloud Scan’) { + steps { + prismaCloudScanImage ca: '', cert: '', containerized:true, ... + } + } + ... +} +---- + +When using the containerized mode, image ID won't be displayed in the scan results (only image name). +==== diff --git a/admin_guide/install/install_defender/images/lambda_env_varialbles.png b/admin_guide/install/install_defender/images/lambda_env_variables.png similarity index 100% rename from admin_guide/install/install_defender/images/lambda_env_varialbles.png rename to admin_guide/install/install_defender/images/lambda_env_variables.png diff --git a/build_site.sh b/build_site.sh index 45a855a9..0e07a366 100755 --- a/build_site.sh +++ b/build_site.sh @@ -119,6 +119,9 @@ git commit -q -m "Commit index file for SaaS book" # Create a branch git checkout -b pcee +# Rename topic map file. +mv "$output_dir""/_topic_map_prisma_cloud.yml" "$output_dir""/_topic_map.yml" + # Commit files. echo "Commit SaaS files" git add -A