To get started with IaC Security, all you need is to ensure you've met the IaC prerequisites. You can view a summary about the capabilities on our IaC Overview page. For a visual of the product and workflow check out the Workflow page.
Accessing the IaC Security interface through the InsightCloudSec platform is available under "Security → Infrastructure as Code".
Note: For new users the display defaults to a blank “Scan List” landing page with a prompt to “Create Configuration”.
There are three distinct sections of the IaC Security interface:
- Scan List - Lists all IaC completed configuration scans as well as their status, scan date, and duration. Review Viewing Scan Results for details on filtering, interacting, and interpreting scan results. The Viewing Scan Results page also includes information on Dynamic Analysis capabilities.
- Configurations - Lists all IaC configurations as well as some scan statistics about each configuration. Review Managing Configurations for details on reviewing, creating, and editing IaC configurations.
- On-Demand Scan - Allows users to use the IaC Analyzer to scan IaC templates on-demand and check for any issues in an existing IaC configuration. While this use case is less common, it can be helpful if you're interested in learning more about how the analyzer works. Review Using the IaC Analyzer (via the UI) for detailed steps about initiating and viewing IaC Security scans from within the UI.
Compliance Automation At Scale
If you'd rather use the IaC analyzer via the API and leverage the full capability of IaC Security, review Using the IaC Analyzer (via API).
Using the IaC analyzer via API is our anticipated most common use case and will vary based on your environment and tooling. Note, however, that you will need a CI/CD environment that is integrated with your version control systems from which you can send requests to your InsightCloudSec instance before this functionality is useful.
Otherwise, there are no special compatibility concerns as long as you can use scripts to make API requests to your InsightCloudSec platform. We have created a Python script, which includes usage instructions in its docstring, that will help you get started with using IaC security in your CI/CD environment.
Note: If you continue to use this Python script as-is any scans performed using the script will be counted under the API Scans widget.
If you have questions or concerns about this approach reach out to us through the Customer Support Portal.
Updated 5 months ago