From a3bfcd9336a20dbb1ba526bde97abfcdfe160a2c Mon Sep 17 00:00:00 2001 From: Kamesh-PaloAlto <166385805+Kamesh-PaloAlto@users.noreply.github.com> Date: Mon, 25 Nov 2024 19:10:50 +0530 Subject: [PATCH 1/2] added PCSUP-24989, PCSUP-25007 --- .../serverless/auto-defend-serverless.adoc | 22 ++++++++++-- .../serverless/auto-defend-serverless.adoc | 21 +++++++++-- .../32/admin-guide/compliance/serverless.adoc | 1 - .../serverless/auto-defend-serverless.adoc | 28 +++++++++++++-- .../33/admin-guide/compliance/serverless.adoc | 1 - .../serverless/auto-defend-serverless.adoc | 27 +++++++++++--- .../get-started/console-prerequisites.adoc | 36 ++++++++++--------- .../compliance/visibility/serverless.adoc | 1 - .../runtime-security/waas/waas.adoc | 2 ++ 9 files changed, 107 insertions(+), 32 deletions(-) diff --git a/docs/en/compute-edition/30/admin-guide/install/deploy-defender/serverless/auto-defend-serverless.adoc b/docs/en/compute-edition/30/admin-guide/install/deploy-defender/serverless/auto-defend-serverless.adoc index 4a66bb8011..e719046a3b 100644 --- a/docs/en/compute-edition/30/admin-guide/install/deploy-defender/serverless/auto-defend-serverless.adoc +++ b/docs/en/compute-edition/30/admin-guide/install/deploy-defender/serverless/auto-defend-serverless.adoc @@ -7,9 +7,25 @@ It is an additional option for deploying the Serverless Defender, on top of manu Serverless auto-defend supports the following runtimes: -* Node.js 12.x, 14.x -* Python 3.6, 3.7, 3.8, 3.9 -* Ruby 2.7 +[cols="50%a,50%a"] +|=== +|Platform +|Runtime +|AWS +| +* Node.js: 12.x/14.x/16.x/18.x +* Python: 3.7/3.8/3.9 +* Ruby: 2.7 +* Java: 8/11 +* C#: 5.0/6.0 +* G0: 1.x +|Azure +|Python: 3.8 +|GCP +|Python: 3.7 +|=== + + === Limitations diff --git a/docs/en/compute-edition/31/admin-guide/install/deploy-defender/serverless/auto-defend-serverless.adoc b/docs/en/compute-edition/31/admin-guide/install/deploy-defender/serverless/auto-defend-serverless.adoc index 7a154a5081..ef7475c311 100644 --- a/docs/en/compute-edition/31/admin-guide/install/deploy-defender/serverless/auto-defend-serverless.adoc +++ b/docs/en/compute-edition/31/admin-guide/install/deploy-defender/serverless/auto-defend-serverless.adoc @@ -7,9 +7,24 @@ It is an additional option for deploying the Serverless Defender, on top of manu Serverless auto-defend supports the following runtimes: -* Node.js 12.x, 14.x -* Python 3.6, 3.7, 3.8, 3.9 -* Ruby 2.7 +[cols="50%a,50%a"] +|=== +|Platform +|Runtime +|AWS +| +* Node.js: 12.x/14.x/16.x/18.x +* Python: 3.7/3.8/3.9 +* Ruby: 2.7 +* Java: 8/11 +* C#: 6.0 +* G0: 1.x +|Azure +|Python: 3.8 +|GCP +|Python: 3.7 + +|=== === Limitations diff --git a/docs/en/compute-edition/32/admin-guide/compliance/serverless.adoc b/docs/en/compute-edition/32/admin-guide/compliance/serverless.adoc index 278deaa833..7339c1f40e 100644 --- a/docs/en/compute-edition/32/admin-guide/compliance/serverless.adoc +++ b/docs/en/compute-edition/32/admin-guide/compliance/serverless.adoc @@ -1,7 +1,6 @@ == Serverless functions compliance checks Prisma Cloud Labs has developed compliance checks for serverless functions. -Currently, only AWS Lambda is supported. In AWS Lambda, every function has an execution role. Execution roles are identities with permission policies that control what functions can and cannot do in AWS. diff --git a/docs/en/compute-edition/32/admin-guide/install/deploy-defender/serverless/auto-defend-serverless.adoc b/docs/en/compute-edition/32/admin-guide/install/deploy-defender/serverless/auto-defend-serverless.adoc index 4a66bb8011..02ca41c1fa 100644 --- a/docs/en/compute-edition/32/admin-guide/install/deploy-defender/serverless/auto-defend-serverless.adoc +++ b/docs/en/compute-edition/32/admin-guide/install/deploy-defender/serverless/auto-defend-serverless.adoc @@ -7,9 +7,31 @@ It is an additional option for deploying the Serverless Defender, on top of manu Serverless auto-defend supports the following runtimes: -* Node.js 12.x, 14.x -* Python 3.6, 3.7, 3.8, 3.9 -* Ruby 2.7 +[cols="50%a,50%a"] +|=== +|Platform +|Runtime +|AWS +| +* Node.js: 16.x/18.x/20.x +* Python: 3.1/3.7/3.8/3.9/3.11 +* Ruby: 3.2 +* Java: 17.0 +* C#: 6.0 +* G0: 1.x +|Azure +| +* Node.js: 20.x +* Python: 3.8 +* Java: 17 +|GCP +| +* Node.js: 20.x +* Python: 3.7/3.9 +* Java: 17 + +|=== + === Limitations diff --git a/docs/en/compute-edition/33/admin-guide/compliance/serverless.adoc b/docs/en/compute-edition/33/admin-guide/compliance/serverless.adoc index 278deaa833..7339c1f40e 100644 --- a/docs/en/compute-edition/33/admin-guide/compliance/serverless.adoc +++ b/docs/en/compute-edition/33/admin-guide/compliance/serverless.adoc @@ -1,7 +1,6 @@ == Serverless functions compliance checks Prisma Cloud Labs has developed compliance checks for serverless functions. -Currently, only AWS Lambda is supported. In AWS Lambda, every function has an execution role. Execution roles are identities with permission policies that control what functions can and cannot do in AWS. diff --git a/docs/en/compute-edition/33/admin-guide/install/deploy-defender/serverless/auto-defend-serverless.adoc b/docs/en/compute-edition/33/admin-guide/install/deploy-defender/serverless/auto-defend-serverless.adoc index 4a66bb8011..307c3d3a0b 100644 --- a/docs/en/compute-edition/33/admin-guide/install/deploy-defender/serverless/auto-defend-serverless.adoc +++ b/docs/en/compute-edition/33/admin-guide/install/deploy-defender/serverless/auto-defend-serverless.adoc @@ -7,10 +7,29 @@ It is an additional option for deploying the Serverless Defender, on top of manu Serverless auto-defend supports the following runtimes: -* Node.js 12.x, 14.x -* Python 3.6, 3.7, 3.8, 3.9 -* Ruby 2.7 - +[cols="50%a,50%a"] +|=== +|Platform +|Runtime +|AWS +| +* Node.js: 16.x/18.x/20.x +* Python: 3.1/3.8/3.9/3.11 +* Ruby: 3.2 +* Java: 17.0 +* C#: 6.0 +* G0: 1.x +|Azure +| +* Node.js: 20.x +* Python: 3.9 +* Java: 17 +|GCP +| +* Node.js: 20.x +* Python: 3.7/3.9 +* Java: 17 +|=== === Limitations * Auto-protect is implemented with a layer. diff --git a/docs/en/enterprise-edition/content-collections/get-started/console-prerequisites.adoc b/docs/en/enterprise-edition/content-collections/get-started/console-prerequisites.adoc index af4dd32f3b..7f69243797 100644 --- a/docs/en/enterprise-edition/content-collections/get-started/console-prerequisites.adoc +++ b/docs/en/enterprise-edition/content-collections/get-started/console-prerequisites.adoc @@ -84,7 +84,7 @@ Required for Transporter and Application Security integrations with network rest Egress: 34.75.54.101 -Ingress: 34.74.84.51, 34.139.64.150, 34.139.249.192 +Ingress: 34.74.84.51, 34.139.64.150, 34.139.249.192, 34.23.229.147, 34.74.93.165, 35.185.127.202 |52.25.108.159/32 @@ -144,7 +144,7 @@ Required for Transporter and Application Security integrations with network rest Egress: 34.75.54.101 -Ingress: 34.74.84.51, 34.139.64.150, 34.139.249.192 +Ingress: 34.74.84.51, 34.139.64.150, 34.139.249.192, 34.23.229.147, 34.74.93.165, 35.185.127.202 |54.176.152.228/32 @@ -191,7 +191,7 @@ Required for Transporter and Application Security integrations with network rest Egress: 34.82.51.12 -Ingress: 34.82.138.152, 35.230.69.118, 104.198.109.73 +Ingress: 34.82.138.152, 35.230.69.118, 104.198.109.73, 34.19.57.46, 34.83.186.93, 34.168.3.165 |34.192.147.35/32 @@ -250,7 +250,7 @@ Required for Transporter and Application Security integrations with network rest Egress: 34.82.51.12 -Ingress: 34.82.138.152, 35.230.69.118, 104.198.109.73 +Ingress: 34.82.138.152, 35.230.69.118, 104.198.109.73, 34.19.57.46, 34.83.186.93, 34.168.3.165 |3.18.55.196/32 @@ -283,7 +283,7 @@ Ingress: 34.82.138.152, 35.230.69.118, 104.198.109.73 Egress: 34.75.54.101 -Ingress: 34.74.84.51 +Ingress: 34.74.84.51, 34.139.64.150, 34.139.249.192, 34.23.229.147, 34.74.93.165, 35.185.127.202 | @@ -330,9 +330,9 @@ Required for Transporter and Application Security integrations with network rest |*asia-northeast1 (Tokyo, Japan)* or *australia-southeast1 (Sydney, Australia)* -Egress: 35.194.113.255 or 35.244.121.190 +Egress: 35.194.113.255, 35.244.121.190 -Ingress: 35.200.123.236 or 35.189.44.184 +Ingress: 35.200.123.236, 35.189.44.184, 34.116.88.189, 35.189.14.189, |18.176.206.56 @@ -395,7 +395,7 @@ Required for Transporter and Application Security integrations with network rest Egress: 35.203.59.190 -Ingress: 35.203.31.67 +Ingress: 35.203.31.67, 34.118.176.160, 34.47.2.35 | - @@ -448,7 +448,7 @@ Required for Transporter and Application Security integrations with network rest Egress: 35.200.249.161 -Ingress: 35.200.140.118 +Ingress: 35.200.140.118, 34.93.124.157, 34.47.154.73 |3.109.168.12 @@ -525,11 +525,11 @@ Required for Transporter and Application Security integrations with network rest * 18.133.59.44 -|*europe-west2 (London)* +|*europe-west2 (UK)* Egress: 34.105.197.208 -Ingress: 34.89.87.128 +Ingress: 34.89.87.128, 34.142.29.59, 34.89.33.47 | - @@ -584,7 +584,7 @@ Required for Transporter and Application Security integrations with network rest Egress: 34.107.65.220 -Ingress: 34.107.91.105 +Ingress: 34.107.91.105, 35.198.174.6, 34.141.93.246, 34.141.89.174, 34.141.2.56, 35.198.185.51 |3.65.146.60/32 @@ -628,6 +628,10 @@ Required for Transporter and Application Security integrations with network rest |*europe-west2 (UK)* +Egress: 34.105.197.208 + +Ingress: 34.89.87.128, 34.142.29.59, 34.89.33.47 + |18.135.53.56 3.9.243.250 @@ -686,7 +690,7 @@ Required for Transporter and Application Security integrations with network rest Egress: 34.163.33.98 -Ingress: 34.163.186.175 +Ingress: 34.163.186.175, 34.163.241.103, 34.163.12.56 | - @@ -714,7 +718,7 @@ Ingress: 34.163.186.175 Egress: 34.82.51.12 -Ingress: 34.82.138.152, 35.230.69.118, 104.198.109.73 +Ingress: 34.82.138.152, 35.230.69.118, 104.198.109.73, 34.19.57.46, 34.83.186.93, 34.168.3.165 | @@ -748,7 +752,7 @@ Required for Transporter and Application Security integrations with network rest Egress: 35.194.113.255 -Ingress: 35.200.123.236 +Ingress: 35.200.123.236, 35.187.195.198, 34.85.99.145 |- @@ -803,7 +807,7 @@ Required for Transporter and Application Security integrations with network rest Egress: 35.198.194.238 -Ingress: 34.87.137.141 +Ingress: 34.87.137.141, 35.186.153.185, 34.87.100.14 | - diff --git a/docs/en/enterprise-edition/content-collections/runtime-security/compliance/visibility/serverless.adoc b/docs/en/enterprise-edition/content-collections/runtime-security/compliance/visibility/serverless.adoc index d3da536938..b941acc650 100644 --- a/docs/en/enterprise-edition/content-collections/runtime-security/compliance/visibility/serverless.adoc +++ b/docs/en/enterprise-edition/content-collections/runtime-security/compliance/visibility/serverless.adoc @@ -2,7 +2,6 @@ == Serverless Functions Compliance Checks Prisma Cloud Labs has developed compliance checks for serverless functions. -Currently, only AWS Lambda is supported. In AWS Lambda, every function has an execution role. Execution roles are identities with permission policies that control what functions can and cannot do in AWS. diff --git a/docs/en/enterprise-edition/content-collections/runtime-security/waas/waas.adoc b/docs/en/enterprise-edition/content-collections/runtime-security/waas/waas.adoc index 2e12d3a3ec..3d18bbbc1e 100644 --- a/docs/en/enterprise-edition/content-collections/runtime-security/waas/waas.adoc +++ b/docs/en/enterprise-edition/content-collections/runtime-security/waas/waas.adoc @@ -47,6 +47,8 @@ The Inline Defenders evaluate client requests against security policies before r image::runtime-security/CNAF-architecture.png[] +*The WaaS serverless offering does not provide the full range of defenses available in other environments. Specifically, it does not support protection against bot attacks or denial of service (DoS) attacks. + Defenders are deployed into the environment in which the web applications run, and you can view the data on the Prisma Cloud management console. === How does WAAS work? From a02b39ee905bab47393fb374dd821a1b44465dee Mon Sep 17 00:00:00 2001 From: manukumar6 <108253187+manukumar6@users.noreply.github.com> Date: Mon, 25 Nov 2024 19:42:14 +0530 Subject: [PATCH 2/2] Update waas.adoc Fixed a typo --- .../content-collections/runtime-security/waas/waas.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/en/enterprise-edition/content-collections/runtime-security/waas/waas.adoc b/docs/en/enterprise-edition/content-collections/runtime-security/waas/waas.adoc index 3d18bbbc1e..a02646e004 100644 --- a/docs/en/enterprise-edition/content-collections/runtime-security/waas/waas.adoc +++ b/docs/en/enterprise-edition/content-collections/runtime-security/waas/waas.adoc @@ -47,7 +47,7 @@ The Inline Defenders evaluate client requests against security policies before r image::runtime-security/CNAF-architecture.png[] -*The WaaS serverless offering does not provide the full range of defenses available in other environments. Specifically, it does not support protection against bot attacks or denial of service (DoS) attacks. +*The WAAS serverless offering does not provide the full range of defenses available in other environments. Specifically, it does not support protection against bot attacks or denial of service (DoS) attacks. Defenders are deployed into the environment in which the web applications run, and you can view the data on the Prisma Cloud management console.