Getting Started with IaC Security

An Introduction to the InsightCloudSec IaC Security Interface

Steps to Implement

Before getting started with IaC Security you will want to understand the steps typically required to take advantage of this feature. IaC Security employs the IaC Analyzer to scan your infrastructure templates using Insight Packs to detect security issues with resource definitions. The scan results provide details about policy violations to determine compliance before infrastructure is deployed.

To get started you’ll need to do four things:

1. Select your configuration
Configurations are a critical component that allow users to select the “checks” best suited to use for scanning, based on your environment's resources and the applicable Insights. Within your InsightCloudSec platform, from "Security --> Infrastructure as Code" select the Configurations tab:

  • Select an Insight Pack for scanning
  • Define the settings for each Insight within the Pack
  • Choose your notification options (email/Slack)

Details about this step are available under our documentation on Managing Configurations.

2. Choose a method for initiating IaC file scans
Initiating an IaC file scan can be done in two ways:

3. Initiate a Scan
With an IaC Configuration and scanning method defined you are ready to initiate IaC scans. Scan results are communicated regardless of the scanning method. Users receive an overall pass/fail and results are compiled into a detailed report.

  • Note: Scans initiated manually through the CLI are also published in the InsightCloudSec UI.

4. View Your Report
After a scan has completed, view your scan results. Learn more about this report in our docs on the Viewing Scan Results.

Prerequisites & Requirements

In general before using IaC Security you will need:

  • A running InsightCloudSec Platform
  • A working implementation and understanding of the desired supported IaC templating software

Note: While any type of user can access IaC Security, only Domain Admins, Organization Admins, and Editor/Admin-entitled users can create/edit IaC Configurations. See the User Entitlements Matrix for more information.

External Tooling

To leverage the full capability of the InsightCloudSec IaC functionality and compliance automation at scale, you'll need the following additional items:

  • An API Key for a user with the Infrastructure as Code Viewer entitlement
  • An existing version-controlled repository of the templates
  • An existing integration between the version-controlled repository and a CI/CD tool, e.g., Jenkins, CircleCI, etc.
  • The capacity for your CI/CD pipeline to create an IaC template and send API requests to InsightCloudSec

Additional Configuration Options

Additional configuration options for IaC are also available within InsightCloudSec's general system administration settings. Through the main console navigate to "Administration --> System Administration" and click on the "System" tab. Scroll further down the page and locate the "Infrastructure-as-Code (IaC)" component, which allows IaC users to specify settings for authentication and defaults for new Insights added to a Custom Pack.

To get started with IaC Security, all you need is to ensure you've met the IaC prerequisites defined here. You can view a summary about the capabilities on our IaC Overview page.

IaC Security Interface

The IaC Security interface is available through the InsightCloudSec platform under "Security → Infrastructure as Code".

1600

Accessing IaC Security

There are two distinct sections of the IaC Security interface:

  • Scan List - Lists all IaC completed configuration scans as well as their status, scan date, and duration. Review Viewing Scan Results for details on filtering, interacting, and interpreting scan results.
  • Configurations - Lists all IaC configurations as well as some scan statistics about each configuration. Review Managing Configurations for details on reviewing, creating, and editing IaC configurations.

IaC System Settings

Additional configuration options for IaC are also available within InsightCloudSec's general system administration settings. Through the main console navigate (via the gear on the top right) to "Administration --> System Administration" and click on the "System" tab.

1588

InsightCloudSec System Settings

Scroll further down the page and locate the "Infrastructure-as-Code (IaC)" component this section in the System Administration allows you to:

  • specify settings for authentication
  • add defaults for new Insights added to a Custom Pack
  • specify the number of days the system retains scans (if no value is supplied scans are never deleted)