© 2024 Prancer Enterprise
Blog
Share This Post
Recent Posts
automated offensive security
Offensive Security Unveiled: Navigating Vulnerability Assessments, Penetration Testing, and Red Teaming with Prancer
March 26, 2024
Application Security Training
Application Security Training: Empowering Your Cyber Defense (7 Essential Courses to Enhance Your Skills)
February 29, 2024
penetration testing jobs entry level
Penetration Testing Jobs Entry Level: Starting Your Cybersecurity Career (5 Key Steps to Break into the Field)
February 29, 2024
How to use Prancer configuration wizard for easy repository onboarding for IaC Security
Prancer
September 23, 2021
Configuration wizard

Introduction
Prancer cloud security platform uses various configuration files to do the static code analysis on Infrastructure as Code (IaC) templates. Compiling these individual files from scratch is time-consuming and an advanced subject many users don’t need to know in their day-to-day activities. For the easy onboarding of accounts and repositories into the Prancer cloud security platform, we suggest using the “Configuration Wizard” feature. With just a few clicks, your accounts are onboarded, and you are ready to go! In this post, we want to show you how to do that.

Using Configuration Wizard
Let us see how to use the configuration wizard to connect to different repositories and then be able to IAC scan those repositories.

You need to log in to the Prancer Cloud Security platform. On the admin section, there is a “Configuration Wizard” link available.

On the “Configuration Wizard” page, the first step is to give a name to the collection. A collection name could be related to your cloud, repo, project, business unit, or any other categorization you would like to have in your environment. for example, we put Test ABC in the text box. You need to select IAC to do static code analysis and configure the options. Now you can proceed to the next screen.

config wizard firstpage

The next step for you is to select what kind of IAC scan you want to run. Various IaC formats are being supported in Prancer Cloud Security Platform for Static Code Analysis. Prancer supports both native and third-party formats, including Azure ARM templates, AWS cloud formation, Google deployment files, Kubernetes objects, HELM, and terraform for Azure, AWS, and GCP. Any of these items can be selected as your Infrastructure as Code (IaC) type. In this example, let us choose the Azure ARM template and then connect it to GitHub for authentication. In the next step, the configuration wizard shows you the GitHub authentication page. You can authorize it to access the repositories that we have and then the list of repositories available here to choose from. You can select your Infrastructure as Code (IaC) code repository and then click on the finish button.

wizard second page

The wizard goes on and then creates all the configuration items that are needed. When the process finishes, you can go to the report page and see the results. The wizard shows you it has successfully added all the compliance tests for the account and run the tests here, and that is it with the use of the wizard.

config component

It is easy for you to connect to any  code repositories to do the Infrastructure as Code (IaC) scan the codes. Then, the reports are available on the report page.

config report

This is how to use the Prancer configuration wizard to connect to repositories.