Wizard - IaC Enterprise

Overview

The Wizard - IaC Enterprise allows users to connect to a Github enterprise repository where pre-deployment template files are stored, and to run test cases on it. The user can select the "IaC" option from the list of the configuration wizard and choose "Github Enterprise" from the list of Git providers. The user will be prompted to grant access to the prancer-io organization, and select the required access permissions. After selecting the repository, the user can click on the "Finish" button to create Connector Configuration, Master Snapshot Configuration, and Master Compliance Configuration. The crawler will then fetch available resources from the cloud and run policy compliance on them. The compliance results can be viewed in the Report screen, and logs can be viewed in the Log screen. It's also possible to run a compliance in a local Github enterprise server with no public internet access.

Using wizard IaC, you can connect to the Github enterprise repository where the pre-deployment template files are stored. And you can run the test cases on it.

Select the "IaC" option from the list of the configuration wizard.

  • Click on the "Next" button to see the list of providers supported for IaC.

../img/wizard/iac_enterprise/iac_wizard_selection.png

  • Select "Github Enterprise" from git providers.
  • If the enterprise server is not accessible using the internet, you can deselect "internet routable Github Server."
  • Select the security mode
  • Monitor
  • Monitor and Remediate
  • "Monitor" mode only checks for compliances, and remediation or fixes are not available
  • "Monitor and Remediate" monitors your server and provides remediation support.
  • There are two schedule options
  • One time run
  • Continuous Compliance
  • "One Time Run" will run the compliance once after the wizard creation completes
  • "Continuous Compliance" runs the compliance every day after the wizard creation completes.
  • Click on the authenticate to allow the prancer to access list all repositories available at the Github enterprise server.

../img/wizard/iac_enterprise/Iac_provider_selection.png

  • It will ask you to grant access to the prancer-io organization. Click on the "Authorize prancer-io" button.
  • we require "admin access" for webhooks
  • "repository access" is required to clone a repo, commit, generate PR, etc.

../img/wizard/iac_enterprise/grant_access.png

  • Once you authorize the application, you will redirect back to the prancer application. Now you can see the Repository option, and here you can search for a particular repository and select one of the repositories.

../img/wizard/iac_enterprise/select_repository.png

  • Once you select the repository, you can click on the "Finish" button.
  • It will do the following items:
  • Create Connector Configuration
  • Create Master Snapshot Configuration
  • Create Master Compliance Configuration
  • Run the Crawler to fetch available resources from the cloud.
  • Run the policy compliance on fetched resources.

../img/wizard/iac_enterprise/finish_processing.png

  • After some time, you can see the compliance result in the Report screen and see the logs in the Log screen.

  • If you have a local Github enterprise server with no public internet access. deselect "internet routable Github server" and authenticate it. ../img/wizard/iac_enterprise/no_internet_route.png

  • To tun a compliance in local Github enterprise server refer this