A customer wants to monitor the company’s AWS accounts via Prisma Cloud, but only needs the resource configuration to be monitored for now.
Which two pieces of information do you need to onboard this account? (Choose two.)
A customer wants to monitor the company’s AWS accounts via Prisma Cloud, but only needs the resource configuration to be monitored for now.
Which two pieces of information do you need to onboard this account? (Choose two.)
To onboard an AWS account to Prisma Cloud for monitoring the resource configuration, you need the External ID and the Role ARN. The External ID provides an additional security mechanism allowing the trust relationship to be established between the AWS account and Prisma Cloud. The Role ARN specifies the AWS Identity and Access Management (IAM) role that Prisma Cloud will assume to access and retrieve the necessary data from the AWS account. CloudTrail is not needed for monitoring resource configuration, as it is primarily used for tracking API activity.
@Redrum702 Cloudtrail is for API; configuration is About AWS Config
has anyone passed the exam recently? are these questions valid
AE https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/connect-your-cloud-platform-to-prisma-cloud/onboard-your-aws-account/add-aws-cloud-account-to-prisma-cloud
A E To automate the process of creating the Prisma Cloud role that is trusted and has the permissions required to retrieve data on your AWS deployment, Prisma Cloud uses a CFT. The CFT enables the ingestion of configuration data, Amazon S3 flow logs, and AWS CloudTrail logs (audit events) only, and it does not support the ability to enable VPC flow logs for your AWS account.
A. Cloudtrail E. Role ARN
DE https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/connect-your-cloud-platform-to-prisma-cloud/onboard-your-aws-account/set-up-your-prisma-cloud-role-for-aws-manual