SlideShare a Scribd company logo

What are the configuration files in the prancer framework

Prancer Io
Prancer Io

There are different configuration items and files available in the Prancer framework. The Prancer framework is at the heart of the Prancer Platform. The different configuration files available in the Prancer framework are as follows:

Technology
1 of 4
Download to read offline
What are the Configuration files in the Prancer framework? Introduction There are different configuration items and files available in the Prancer framework. The Prancer framework is at the heart of the Prancer Platform. The different configuration files available in the Prancer framework are as follows:  Connector  Master Snapshot Config file  Snapshot Config file  Master Compliance test file  Compliance test file How does Prancer Framework operate in its most basic components? Connector The main configuration file is the connector, which is used to connect to different providers. It could be a cloud provider or a git provider. A connector encompasses enough information to connect to the supported external API providers. In the case of the git repository, it’s got the address of the git repository, the credentials, and the branch name. In the case of the cloud, it contains the required way to connect to the cloud, the iam user, secrets, and such information. The cloud could be any cloud supported by prancer – Azure ,AWS or GCP.
Snapshot Configs The Master Snapshot Config file contains the type of resource to get the configurations out of them , i.e. in the case of Azure, it could have the information to get all the virtual machines, all the vnets, or all the security groups. Master Snapshot configuration file cares about the types of resources from the cloud provider. In the case of the git, it could be to get all the JSON files, all the YAML files, all the terraform files, which again are types of resources being looked for. All the details to connect to various resource types are stored in the Master Snapshot Config file. Inside the Prancer framework, there’s a crawling engine (a feature called crawler), which connects to the external provider using the connector, and based on the configuration that is present in the Master Snapshot Config file, it can find all the resources in the external provider, and generate another file called a Snapshot Config file. In the Snapshot Config file, there are individual resources, unlike the Master Snapshot Config file, which contains the type of resources that we wish to get information about, e.g. when asking for virtual machines from the external provider, the crawler crawls the external provider resources and finds all the virtual machines present, for instance, vm-1, vm-2, vm-3, up until vm-10. In the case of git for IaC, the crawler connects to the git repository, based on the Master Snapshot Config file, which asks for all the YAML files, so the crawler finds all the individual YAML files in the git repository and generates a Snapshot Config file for the individual files that are available. Tests and compliance tests Another configuration file available in the Prancer frameworks is the Master Test file,which contains enough information to run tests against the type of resources that are present. For example, checking if all the virtual machines are using a public IP address, or testing all security groups and checking if they are using port 22 to allow an inbound SSH connection. All these test cases are stored in the Master Test file On another side, we have the test file. A test file is related to individual resources. When the crawling feature is used, the test file is not being used, but when individual resources are used rather than the crawling feature, a test file is used for individual tests. How all of these configuration files work together Prancer framework uses the connector to connect to an external provider. The Crawler feature uses the Master snapshot configuration file to find all the resources mentioned in the master snapshopt configuration file and generate the snapshot configuration file which contains individual resources. Then the framework will generate Snapshots, which are the confirmation of the resources we want to keep for testing. Then the Compliance Engine can start running the testcases against the resources available as the snapshot, The tests
and the compliance on these snapshots are run based on the master tests, and understood if those resources are compliant or not. while running the testcases against the available snapshots, an output file is being generated which contains the report we are looking for. if the resource is passed or failed and the related compliance testcases. All the reporting details needed are available in the output file. This process consisting of crawling and compliance tests can be run as many times as needed – based on the changes occurring in the cloud. All these configs and output files are stored in a container folder which is called Collection. We can have as many Collections as required for our testing purposes. The Collection is a very powerful feature. We can use the Collection concept for various purposes. We can have a collection based on each project, based on each customer, or based on each business unit (based on how the user would like to interpret the collection in their specific business area). A collection is basically like a folder that encompasses all these items. In the Prancer framework, there can be multiple collections, like a collection for Azure, one for AWS, one for the GitHub repository, one for a specific project in the git, and so on. Also, in each collection, there could be multiple connectors, multiple master snapshot config files, multiple master test files. It’s not restricted to a single file for each type seen here. The concept of Collection gives the user a very powerful mechanism to scale up their security posture based on the prancer framework.
Remote Configuration files Prancer Framework supports two types of test formats. The simple testcases which are an inhouse query language on JSON files, and also tests based on the Open Policy Agent (OPA) Rego policy language, All the Rego test files are also available in the same collection, e.g. if there are 100 test cases based on the Rego, the files are available in the same collection directory. That’s how the people working with the Prancer framework do the compliance test. Suppose there are multiple Collections available for the company and the user wants to centralize the management of test files, Rego files, and snapshot files. It is possible to store all of these items in a remote git repository and read them from a centralized location. In this case, instead of creating the full Master test files and Master snapshot configuration files, 2 pointers are employed – a Master Snapshot Config pointer and a Master Test file config pointer – which point to the remote git which reads the information and gives the user the ability to leverage the power of Policy as Code and centrally manage the master test files, Rego files, and also the Master Snapshot Config files. The process for running the Prancer framework would be the same but instead of having a local Master Snapshot config, it connects to the remote git and gets the information from the remote master snapshot. And at the time of testing, the Compliance Engine connects to the remote master test files and the remote Rego files rather than the local files, but everything else like the snapshot and outputs will be stored locally in the collection. In this article, I have introduced various configuration files available in the Prancer Framework, which is the heart of Prancer Platform. By understanding these concepts, you have an easier time navigating through our solution and understand the details of the application.

Recommended

CSE681 – Software Modeling and Analysis Fall 2013 Project .docx
CSE681 – Software Modeling and Analysis Fall 2013 Project .docxCSE681 – Software Modeling and Analysis Fall 2013 Project .docx
CSE681 – Software Modeling and Analysis Fall 2013 Project .docxfaithxdunce63732
 
Dost.jar and fo.jar
Dost.jar and fo.jarDost.jar and fo.jar
Dost.jar and fo.jarSuite Solutions
 
20091112 - Mars Jug - Apache Maven
20091112 - Mars Jug - Apache Maven20091112 - Mars Jug - Apache Maven
20091112 - Mars Jug - Apache MavenArnaud Héritier
 
Cloud Monitoring tool Grafana
Cloud Monitoring tool Grafana Cloud Monitoring tool Grafana
Cloud Monitoring tool Grafana Dhrubaji Mandal ♛
 
INSTALLING AND CONFIGURING APACHE TOOLKIT FOR SERVICEGUARD ...
INSTALLING AND CONFIGURING APACHE TOOLKIT FOR SERVICEGUARD ...INSTALLING AND CONFIGURING APACHE TOOLKIT FOR SERVICEGUARD ...
INSTALLING AND CONFIGURING APACHE TOOLKIT FOR SERVICEGUARD ...webhostingguy
 
INSTALLING AND CONFIGURING APACHE TOOLKIT FOR SERVICEGUARD ...
INSTALLING AND CONFIGURING APACHE TOOLKIT FOR SERVICEGUARD ...INSTALLING AND CONFIGURING APACHE TOOLKIT FOR SERVICEGUARD ...
INSTALLING AND CONFIGURING APACHE TOOLKIT FOR SERVICEGUARD ...webhostingguy
 
Document Summarizer
Document SummarizerDocument Summarizer
Document SummarizerAditya Lunawat
 
Maven 2.0 - Project management and comprehension tool
Maven 2.0 - Project management and comprehension toolMaven 2.0 - Project management and comprehension tool
Maven 2.0 - Project management and comprehension toolelliando dias
 

Recommended

CSE681 – Software Modeling and Analysis Fall 2013 Project .docx
CSE681 – Software Modeling and Analysis Fall 2013 Project .docxCSE681 – Software Modeling and Analysis Fall 2013 Project .docx
CSE681 – Software Modeling and Analysis Fall 2013 Project .docxfaithxdunce63732
 
Dost.jar and fo.jar
Dost.jar and fo.jarDost.jar and fo.jar
Dost.jar and fo.jarSuite Solutions
 
20091112 - Mars Jug - Apache Maven
20091112 - Mars Jug - Apache Maven20091112 - Mars Jug - Apache Maven
20091112 - Mars Jug - Apache MavenArnaud Héritier
 
Cloud Monitoring tool Grafana
Cloud Monitoring tool Grafana Cloud Monitoring tool Grafana
Cloud Monitoring tool Grafana Dhrubaji Mandal ♛
 
INSTALLING AND CONFIGURING APACHE TOOLKIT FOR SERVICEGUARD ...
INSTALLING AND CONFIGURING APACHE TOOLKIT FOR SERVICEGUARD ...INSTALLING AND CONFIGURING APACHE TOOLKIT FOR SERVICEGUARD ...
INSTALLING AND CONFIGURING APACHE TOOLKIT FOR SERVICEGUARD ...webhostingguy
 
INSTALLING AND CONFIGURING APACHE TOOLKIT FOR SERVICEGUARD ...
INSTALLING AND CONFIGURING APACHE TOOLKIT FOR SERVICEGUARD ...INSTALLING AND CONFIGURING APACHE TOOLKIT FOR SERVICEGUARD ...
INSTALLING AND CONFIGURING APACHE TOOLKIT FOR SERVICEGUARD ...webhostingguy
 
Document Summarizer
Document SummarizerDocument Summarizer
Document SummarizerAditya Lunawat
 
Maven 2.0 - Project management and comprehension tool
Maven 2.0 - Project management and comprehension toolMaven 2.0 - Project management and comprehension tool
Maven 2.0 - Project management and comprehension toolelliando dias
 
User and group security migration
User and group security migrationUser and group security migration
User and group security migrationAmit Sharma
 
C# and Borland StarTeam Connectivity
C# and Borland StarTeam ConnectivityC# and Borland StarTeam Connectivity
C# and Borland StarTeam ConnectivityShreesha Rao
 
Managing Your Runtime With P2
Managing Your Runtime With P2Managing Your Runtime With P2
Managing Your Runtime With P2Pascal Rapicault
 
Puppet
PuppetPuppet
PuppetMahesh N
 
Chapter 10
Chapter 10Chapter 10
Chapter 10cclay3
 
User and group security migration
User and group security migrationUser and group security migration
User and group security migrationAmit Sharma
 
Automations Presentation New
Automations Presentation NewAutomations Presentation New
Automations Presentation Newfapestniegd
 
PhyloPipe.v1.1_manual_20150610
PhyloPipe.v1.1_manual_20150610PhyloPipe.v1.1_manual_20150610
PhyloPipe.v1.1_manual_20150610Yixuan Guo
 
Groovy component
Groovy componentGroovy component
Groovy componentSindhu VL
 
Nagios 3
Nagios 3Nagios 3
Nagios 3rajni_kant
 
Mule groovy
Mule groovyMule groovy
Mule groovySindhu VL
 
Through the firewall with miniCRAN
Through the firewall with miniCRANThrough the firewall with miniCRAN
Through the firewall with miniCRANRevolution Analytics
 
Introduction to maven
Introduction to mavenIntroduction to maven
Introduction to mavenManos Georgopoulos
 
Apache ppt
Apache pptApache ppt
Apache pptSanmuga Nathan
 
Performance tesing coding standards & best practice guidelines v1
Performance tesing coding standards & best practice guidelines v1Performance tesing coding standards & best practice guidelines v1
Performance tesing coding standards & best practice guidelines v1Argos
 
11i Logs
11i Logs11i Logs
11i LogsMahesh Vallampati
 
Supply Chain Security for Containerised Workloads - Lee Chuk Munn
Supply Chain Security for Containerised Workloads - Lee Chuk MunnSupply Chain Security for Containerised Workloads - Lee Chuk Munn
Supply Chain Security for Containerised Workloads - Lee Chuk MunnNUS-ISS
 
Force.com migration utility
Force.com migration utilityForce.com migration utility
Force.com migration utilityAmit Sharma
 
Build cloud native solution using open source
Build cloud native solution using open source Build cloud native solution using open source
Build cloud native solution using open source Nitesh Jadhav
 
Configuring jpa in a Spring application
Configuring jpa in a Spring applicationConfiguring jpa in a Spring application
Configuring jpa in a Spring applicationJayasree Perilakkalam
 
Prancer Enterprise has achieved SOC 2 Type I compliance in accordance with Am...
Prancer Enterprise has achieved SOC 2 Type I compliance in accordance with Am...Prancer Enterprise has achieved SOC 2 Type I compliance in accordance with Am...
Prancer Enterprise has achieved SOC 2 Type I compliance in accordance with Am...Prancer Io
 
Prancer Enterprise announces today the release of the Zero Trust Security Val...
Prancer Enterprise announces today the release of the Zero Trust Security Val...Prancer Enterprise announces today the release of the Zero Trust Security Val...
Prancer Enterprise announces today the release of the Zero Trust Security Val...Prancer Io
 

More Related Content

Similar to What are the configuration files in the prancer framework

User and group security migration
User and group security migrationUser and group security migration
User and group security migrationAmit Sharma
 
C# and Borland StarTeam Connectivity
C# and Borland StarTeam ConnectivityC# and Borland StarTeam Connectivity
C# and Borland StarTeam ConnectivityShreesha Rao
 
Managing Your Runtime With P2
Managing Your Runtime With P2Managing Your Runtime With P2
Managing Your Runtime With P2Pascal Rapicault
 
Chapter 10
Chapter 10Chapter 10
Chapter 10cclay3
 
User and group security migration
User and group security migrationUser and group security migration
User and group security migrationAmit Sharma
 
Automations Presentation New
Automations Presentation NewAutomations Presentation New
Automations Presentation Newfapestniegd
 
PhyloPipe.v1.1_manual_20150610
PhyloPipe.v1.1_manual_20150610PhyloPipe.v1.1_manual_20150610
PhyloPipe.v1.1_manual_20150610Yixuan Guo
 
Groovy component
Groovy componentGroovy component
Groovy componentSindhu VL
 
Through the firewall with miniCRAN
Through the firewall with miniCRANThrough the firewall with miniCRAN
Through the firewall with miniCRANRevolution Analytics
 
Performance tesing coding standards & best practice guidelines v1
Performance tesing coding standards & best practice guidelines v1Performance tesing coding standards & best practice guidelines v1
Performance tesing coding standards & best practice guidelines v1Argos
 
Supply Chain Security for Containerised Workloads - Lee Chuk Munn
Supply Chain Security for Containerised Workloads - Lee Chuk MunnSupply Chain Security for Containerised Workloads - Lee Chuk Munn
Supply Chain Security for Containerised Workloads - Lee Chuk MunnNUS-ISS
 
Force.com migration utility
Force.com migration utilityForce.com migration utility
Force.com migration utilityAmit Sharma
 
Build cloud native solution using open source
Build cloud native solution using open source Build cloud native solution using open source
Build cloud native solution using open source Nitesh Jadhav
 
Configuring jpa in a Spring application
Configuring jpa in a Spring applicationConfiguring jpa in a Spring application
Configuring jpa in a Spring applicationJayasree Perilakkalam
 

Similar to What are the configuration files in the prancer framework (20)

User and group security migration
User and group security migrationUser and group security migration
User and group security migration
 
C# and Borland StarTeam Connectivity
C# and Borland StarTeam ConnectivityC# and Borland StarTeam Connectivity
C# and Borland StarTeam Connectivity
 
Managing Your Runtime With P2
Managing Your Runtime With P2Managing Your Runtime With P2
Managing Your Runtime With P2
 
Puppet
PuppetPuppet
Puppet
 
Chapter 10
Chapter 10Chapter 10
Chapter 10
 
User and group security migration
User and group security migrationUser and group security migration
User and group security migration
 
Automations Presentation New
Automations Presentation NewAutomations Presentation New
Automations Presentation New
 
PhyloPipe.v1.1_manual_20150610
PhyloPipe.v1.1_manual_20150610PhyloPipe.v1.1_manual_20150610
PhyloPipe.v1.1_manual_20150610
 
Groovy component
Groovy componentGroovy component
Groovy component
 
Nagios 3
Nagios 3Nagios 3
Nagios 3
 
Mule groovy
Mule groovyMule groovy
Mule groovy
 
Through the firewall with miniCRAN
Through the firewall with miniCRANThrough the firewall with miniCRAN
Through the firewall with miniCRAN
 
Introduction to maven
Introduction to mavenIntroduction to maven
Introduction to maven
 
Apache ppt
Apache pptApache ppt
Apache ppt
 
Performance tesing coding standards & best practice guidelines v1
Performance tesing coding standards & best practice guidelines v1Performance tesing coding standards & best practice guidelines v1
Performance tesing coding standards & best practice guidelines v1
 
11i Logs
11i Logs11i Logs
11i Logs
 
Supply Chain Security for Containerised Workloads - Lee Chuk Munn
Supply Chain Security for Containerised Workloads - Lee Chuk MunnSupply Chain Security for Containerised Workloads - Lee Chuk Munn
Supply Chain Security for Containerised Workloads - Lee Chuk Munn
 
Force.com migration utility
Force.com migration utilityForce.com migration utility
Force.com migration utility
 
Build cloud native solution using open source
Build cloud native solution using open source Build cloud native solution using open source
Build cloud native solution using open source
 
Configuring jpa in a Spring application
Configuring jpa in a Spring applicationConfiguring jpa in a Spring application
Configuring jpa in a Spring application
 

More from Prancer Io

Prancer Enterprise has achieved SOC 2 Type I compliance in accordance with Am...
Prancer Enterprise has achieved SOC 2 Type I compliance in accordance with Am...Prancer Enterprise has achieved SOC 2 Type I compliance in accordance with Am...
Prancer Enterprise has achieved SOC 2 Type I compliance in accordance with Am...Prancer Io
 
Prancer Enterprise announces today the release of the Zero Trust Security Val...
Prancer Enterprise announces today the release of the Zero Trust Security Val...Prancer Enterprise announces today the release of the Zero Trust Security Val...
Prancer Enterprise announces today the release of the Zero Trust Security Val...Prancer Io
 
Prancer for Offensive Security Testing
Prancer for Offensive Security TestingPrancer for Offensive Security Testing
Prancer for Offensive Security TestingPrancer Io
 
Why do Next-generation snapshot scanning security solutions raise security co...
Why do Next-generation snapshot scanning security solutions raise security co...Why do Next-generation snapshot scanning security solutions raise security co...
Why do Next-generation snapshot scanning security solutions raise security co...Prancer Io
 
Announcing the launch of Red and Blue Cyber Security Show
Announcing the launch of Red and Blue Cyber Security ShowAnnouncing the launch of Red and Blue Cyber Security Show
Announcing the launch of Red and Blue Cyber Security ShowPrancer Io
 
9 tips for assessing your modern cloud security toolsets.pdf
9 tips for assessing your modern cloud security toolsets.pdf9 tips for assessing your modern cloud security toolsets.pdf
9 tips for assessing your modern cloud security toolsets.pdfPrancer Io
 
Infrastructure as Code
Infrastructure as CodeInfrastructure as Code
Infrastructure as CodePrancer Io
 
IAC Compliance.pdf
IAC Compliance.pdfIAC Compliance.pdf
IAC Compliance.pdfPrancer Io
 
IaC Security and Continuous Compliance
IaC Security and Continuous ComplianceIaC Security and Continuous Compliance
IaC Security and Continuous CompliancePrancer Io
 
IaC Security and Continuous Compliance
IaC Security and Continuous ComplianceIaC Security and Continuous Compliance
IaC Security and Continuous CompliancePrancer Io
 
Security Validation as Code
Security Validation as CodeSecurity Validation as Code
Security Validation as CodePrancer Io
 
Automated Pentesting vs Dynamic Application Security Testing
Automated Pentesting vs Dynamic Application Security TestingAutomated Pentesting vs Dynamic Application Security Testing
Automated Pentesting vs Dynamic Application Security TestingPrancer Io
 
Security Validation
Security ValidationSecurity Validation
Security ValidationPrancer Io
 
Cloud Security Validation at Scale
Cloud Security Validation at ScaleCloud Security Validation at Scale
Cloud Security Validation at ScalePrancer Io
 
Security Validation as Code.pdf
Security Validation as Code.pdfSecurity Validation as Code.pdf
Security Validation as Code.pdfPrancer Io
 
Prancer web interface for the ease of use
Prancer web interface for the ease of usePrancer web interface for the ease of use
Prancer web interface for the ease of usePrancer Io
 
Automated pentesting vs dynamic application security testing (dast) (2)
Automated pentesting vs dynamic application security testing (dast) (2)Automated pentesting vs dynamic application security testing (dast) (2)
Automated pentesting vs dynamic application security testing (dast) (2)Prancer Io
 
Is iac scanning scalable in the git ops era
Is iac scanning scalable in the git ops eraIs iac scanning scalable in the git ops era
Is iac scanning scalable in the git ops eraPrancer Io
 
Prancer web interface for the ease of use
Prancer web interface for the ease of usePrancer web interface for the ease of use
Prancer web interface for the ease of usePrancer Io
 
Challenges with manual vulnerability assessments and manual penetration testing
Challenges with manual vulnerability assessments and manual penetration testingChallenges with manual vulnerability assessments and manual penetration testing
Challenges with manual vulnerability assessments and manual penetration testingPrancer Io
 

More from Prancer Io (20)

Prancer Enterprise has achieved SOC 2 Type I compliance in accordance with Am...
Prancer Enterprise has achieved SOC 2 Type I compliance in accordance with Am...Prancer Enterprise has achieved SOC 2 Type I compliance in accordance with Am...
Prancer Enterprise has achieved SOC 2 Type I compliance in accordance with Am...
 
Prancer Enterprise announces today the release of the Zero Trust Security Val...
Prancer Enterprise announces today the release of the Zero Trust Security Val...Prancer Enterprise announces today the release of the Zero Trust Security Val...
Prancer Enterprise announces today the release of the Zero Trust Security Val...
 
Prancer for Offensive Security Testing
Prancer for Offensive Security TestingPrancer for Offensive Security Testing
Prancer for Offensive Security Testing
 
Why do Next-generation snapshot scanning security solutions raise security co...
Why do Next-generation snapshot scanning security solutions raise security co...Why do Next-generation snapshot scanning security solutions raise security co...
Why do Next-generation snapshot scanning security solutions raise security co...
 
Announcing the launch of Red and Blue Cyber Security Show
Announcing the launch of Red and Blue Cyber Security ShowAnnouncing the launch of Red and Blue Cyber Security Show
Announcing the launch of Red and Blue Cyber Security Show
 
9 tips for assessing your modern cloud security toolsets.pdf
9 tips for assessing your modern cloud security toolsets.pdf9 tips for assessing your modern cloud security toolsets.pdf
9 tips for assessing your modern cloud security toolsets.pdf
 
Infrastructure as Code
Infrastructure as CodeInfrastructure as Code
Infrastructure as Code
 
IAC Compliance.pdf
IAC Compliance.pdfIAC Compliance.pdf
IAC Compliance.pdf
 
IaC Security and Continuous Compliance
IaC Security and Continuous ComplianceIaC Security and Continuous Compliance
IaC Security and Continuous Compliance
 
IaC Security and Continuous Compliance
IaC Security and Continuous ComplianceIaC Security and Continuous Compliance
IaC Security and Continuous Compliance
 
Security Validation as Code
Security Validation as CodeSecurity Validation as Code
Security Validation as Code
 
Automated Pentesting vs Dynamic Application Security Testing
Automated Pentesting vs Dynamic Application Security TestingAutomated Pentesting vs Dynamic Application Security Testing
Automated Pentesting vs Dynamic Application Security Testing
 
Security Validation
Security ValidationSecurity Validation
Security Validation
 
Cloud Security Validation at Scale
Cloud Security Validation at ScaleCloud Security Validation at Scale
Cloud Security Validation at Scale
 
Security Validation as Code.pdf
Security Validation as Code.pdfSecurity Validation as Code.pdf
Security Validation as Code.pdf
 
Prancer web interface for the ease of use
Prancer web interface for the ease of usePrancer web interface for the ease of use
Prancer web interface for the ease of use
 
Automated pentesting vs dynamic application security testing (dast) (2)
Automated pentesting vs dynamic application security testing (dast) (2)Automated pentesting vs dynamic application security testing (dast) (2)
Automated pentesting vs dynamic application security testing (dast) (2)
 
Is iac scanning scalable in the git ops era
Is iac scanning scalable in the git ops eraIs iac scanning scalable in the git ops era
Is iac scanning scalable in the git ops era
 
Prancer web interface for the ease of use
Prancer web interface for the ease of usePrancer web interface for the ease of use
Prancer web interface for the ease of use
 
Challenges with manual vulnerability assessments and manual penetration testing
Challenges with manual vulnerability assessments and manual penetration testingChallenges with manual vulnerability assessments and manual penetration testing
Challenges with manual vulnerability assessments and manual penetration testing
 

Recently uploaded

AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfjimielynbastida
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsAndrey Dotsenko
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 

Recently uploaded (20)

AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdf
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 

What are the configuration files in the prancer framework

  • 1. What are the Configuration files in the Prancer framework? Introduction There are different configuration items and files available in the Prancer framework. The Prancer framework is at the heart of the Prancer Platform. The different configuration files available in the Prancer framework are as follows:  Connector  Master Snapshot Config file  Snapshot Config file  Master Compliance test file  Compliance test file How does Prancer Framework operate in its most basic components? Connector The main configuration file is the connector, which is used to connect to different providers. It could be a cloud provider or a git provider. A connector encompasses enough information to connect to the supported external API providers. In the case of the git repository, it’s got the address of the git repository, the credentials, and the branch name. In the case of the cloud, it contains the required way to connect to the cloud, the iam user, secrets, and such information. The cloud could be any cloud supported by prancer – Azure ,AWS or GCP.
  • 2. Snapshot Configs The Master Snapshot Config file contains the type of resource to get the configurations out of them , i.e. in the case of Azure, it could have the information to get all the virtual machines, all the vnets, or all the security groups. Master Snapshot configuration file cares about the types of resources from the cloud provider. In the case of the git, it could be to get all the JSON files, all the YAML files, all the terraform files, which again are types of resources being looked for. All the details to connect to various resource types are stored in the Master Snapshot Config file. Inside the Prancer framework, there’s a crawling engine (a feature called crawler), which connects to the external provider using the connector, and based on the configuration that is present in the Master Snapshot Config file, it can find all the resources in the external provider, and generate another file called a Snapshot Config file. In the Snapshot Config file, there are individual resources, unlike the Master Snapshot Config file, which contains the type of resources that we wish to get information about, e.g. when asking for virtual machines from the external provider, the crawler crawls the external provider resources and finds all the virtual machines present, for instance, vm-1, vm-2, vm-3, up until vm-10. In the case of git for IaC, the crawler connects to the git repository, based on the Master Snapshot Config file, which asks for all the YAML files, so the crawler finds all the individual YAML files in the git repository and generates a Snapshot Config file for the individual files that are available. Tests and compliance tests Another configuration file available in the Prancer frameworks is the Master Test file,which contains enough information to run tests against the type of resources that are present. For example, checking if all the virtual machines are using a public IP address, or testing all security groups and checking if they are using port 22 to allow an inbound SSH connection. All these test cases are stored in the Master Test file On another side, we have the test file. A test file is related to individual resources. When the crawling feature is used, the test file is not being used, but when individual resources are used rather than the crawling feature, a test file is used for individual tests. How all of these configuration files work together Prancer framework uses the connector to connect to an external provider. The Crawler feature uses the Master snapshot configuration file to find all the resources mentioned in the master snapshopt configuration file and generate the snapshot configuration file which contains individual resources. Then the framework will generate Snapshots, which are the confirmation of the resources we want to keep for testing. Then the Compliance Engine can start running the testcases against the resources available as the snapshot, The tests
  • 3. and the compliance on these snapshots are run based on the master tests, and understood if those resources are compliant or not. while running the testcases against the available snapshots, an output file is being generated which contains the report we are looking for. if the resource is passed or failed and the related compliance testcases. All the reporting details needed are available in the output file. This process consisting of crawling and compliance tests can be run as many times as needed – based on the changes occurring in the cloud. All these configs and output files are stored in a container folder which is called Collection. We can have as many Collections as required for our testing purposes. The Collection is a very powerful feature. We can use the Collection concept for various purposes. We can have a collection based on each project, based on each customer, or based on each business unit (based on how the user would like to interpret the collection in their specific business area). A collection is basically like a folder that encompasses all these items. In the Prancer framework, there can be multiple collections, like a collection for Azure, one for AWS, one for the GitHub repository, one for a specific project in the git, and so on. Also, in each collection, there could be multiple connectors, multiple master snapshot config files, multiple master test files. It’s not restricted to a single file for each type seen here. The concept of Collection gives the user a very powerful mechanism to scale up their security posture based on the prancer framework.
  • 4. Remote Configuration files Prancer Framework supports two types of test formats. The simple testcases which are an inhouse query language on JSON files, and also tests based on the Open Policy Agent (OPA) Rego policy language, All the Rego test files are also available in the same collection, e.g. if there are 100 test cases based on the Rego, the files are available in the same collection directory. That’s how the people working with the Prancer framework do the compliance test. Suppose there are multiple Collections available for the company and the user wants to centralize the management of test files, Rego files, and snapshot files. It is possible to store all of these items in a remote git repository and read them from a centralized location. In this case, instead of creating the full Master test files and Master snapshot configuration files, 2 pointers are employed – a Master Snapshot Config pointer and a Master Test file config pointer – which point to the remote git which reads the information and gives the user the ability to leverage the power of Policy as Code and centrally manage the master test files, Rego files, and also the Master Snapshot Config files. The process for running the Prancer framework would be the same but instead of having a local Master Snapshot config, it connects to the remote git and gets the information from the remote master snapshot. And at the time of testing, the Compliance Engine connects to the remote master test files and the remote Rego files rather than the local files, but everything else like the snapshot and outputs will be stored locally in the collection. In this article, I have introduced various configuration files available in the Prancer Framework, which is the heart of Prancer Platform. By understanding these concepts, you have an easier time navigating through our solution and understand the details of the application.