Prisma Access Whitelist Egress IPs on SaaS Services

Supported versions

Supported Cortex XSOAR versions: 5.5.0 and later.

Retrieve Prisma Access Egress IP for specific geographic Zones and populate in security groups within cloud services.

Dependencies#

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks#

  • IP Whitelist - AWS Security Group
  • IP Whitelist - GCP Firewall
  • Allow IP - Okta Zone

Integrations#

  • PrismaAccessEgressIPFeed

Scripts#

This playbook does not use any scripts.

Commands#

  • prisma-access-get-indicators
  • closeInvestigation

Playbook Inputs#


NameDescriptionDefault ValueRequired
Indicator QueryIndicators matching the indicator query will be used as playbook inputOptional
AWSSecurityGroupNameName of the AWS Security Group to update with the IPs.Optional
GCPFirewallNameOptional
OktaZoneIDID of the Okta Zone to update. Use !okta-list-zones to obtainOptional

Playbook Outputs#


There are no outputs for this playbook.

Playbook Image#


Prisma Access Whitelist Egress IPs on SaaS Services