CLI Configuration File
Configuration File
Once the Command Line Interface (CLI) is installed, it creates a file called init.yaml containing the configuration settings. These settings are enumerated below.
Editing a Setting
See Config
Configuration Key/Value pairs:
| Key | Notes | Value Type |
|---|---|---|
| adAccessToken | Populated by the CLI | string |
| adAuthUrl | authentication URL | URI, typically https://login.microsoftonline.com/ |
| adClientId | Application (client) ID from Active Directory | string |
| adClientSecret | secret from Active Directory | string |
| adGraphUrl | Microsoft Graph URL | URI, typically https://graph.microsoft.com/.default |
| adTenantId | Directory (tenant) ID from Active Directory | string |
| assessmentDays | Number of days to add to today for the planned finish date for an assessment in RegScale | numeric e.g. 10 |
| azure365AccessToken | Azure DefenderAccess token (created by the API) | string |
| azure365ClientId | Azure Defender access key | string |
| azure365Secret | Azure Defender secret key | string |
| azure365TenantId | Azure Defender Tenant ID | string |
| azureCloudAccessToken | Azure Cloud Defender Access token (created by the API) | string |
| azureCloudClientId | Azure Cloud Defender access key | string |
| azureCloudSecret | Azure Cloud Defender secret key | string |
| azureCloudSubscriptionId | Azure Cloud Defender Subscription Id | string |
| azureCloudTenantId | Azure Cloud Defender Tenant ID | string |
| cisaAlerts | URL of cisa alerts page | URI: |
| cisaKev | URL of CISA Known Exploits and Vulnerabilities | URI: |
| crowdstrikeBaseUrl | Url of Crowdstrike System | URI |
| crowdstrikeClientId | CrowdStrike Client ID | string |
| crowdstrikeClientSecret | CrowdStrike Client Secret | string |
| dependabotId | The GitHub user id | string |
| dependabotOwner | The owner of the GitHub repository | string |
| dependabotRepo | The GitHub repository name | string |
| dependabotToken | The personal access token | string |
| domain | RegScale instance URI | URI e.g. https://regscale.io |
| evidenceFolder | the location of the folder containing the required documents to be tested | path, e.g. ./evidence |
| failScore | the score at which an assessment fails | whole number e.g. 30 |
| gcpCredentials | path to gcp credentials file | path, e.g. /credentials.json |
| gcpOrganizationId | Organization Id from GCP - if importing organization scans | string |
| gcpProjectId | Project Id from GCP - if importing project scans | string |
| gcpScanType | Organization or Project | string: organization | project |
| githubDomain | The GitHub api domain for your organization | URI e.g. api.github.com |
| issueCreation | For Commercial Scan integrations, this determines whether an issue is created for each unique vulnerability / asset pair: PerAsset or only for each unique vulnerability: Consolidated | string: options "Consolidated" | "PerAsset" |
| jiraApiToken | The Jira API token generated for the given username | string |
| jiraUrl | The Base URL of your Jira Instance | URI: e.g. https://regscale.jira.org |
| jiraUserName | Jira user name | string |
| maxThreads | The total number of threads the application is allowed to use for bulk processing. | numeric e.g. 1000 |
| oktaApiToken | API access token, generated within Okta admin portal | string |
| oktaClientId | Okta Client Id | string |
| oktaScopes | What permissions the RegScale CLI application is allowed from Okta admin portal | requires okta.users.read and okta.roles.read |
| oktaSecreteKey | Only used if Bearer token is your desired authentication method with Okta API | string |
| oktaUrl | URL for your Okta instance | URL |
| oscalLocation | File Path for OSCAL Files | File Path e.g. /opt OSCAL |
| otx | deprecated | |
| passScore | the score at which an assessment passes | whole number, e.g. 80 |
| poamTitleType | What to use for the title of poams created from scans | Cve (default) - CVE Number | pluginId - Scanner Plugin Id |
| pwshPath | PowerShell Path | Path e.g. /opt/microsoft/powershell/7/pwsh |
| qualysPassword | Qualys password to log in | string |
| qualysUrl | base URL for the Qualys API | URL (Article) |
| qualysUserName | Qualys user name to log in | string |
| salesforcePassword | Password for SalesForce, you can also use an environment variable as SF_PASSWORD | string |
| salesforceToken | Security token for SalesForce, you can also use an environment variable as SF_TOKEN | string |
| salesforceUserName | Your User Name in SalesForce, you can also use an environment variable as SF_USERNAME | string |
| snowPassword | ServiceNow password for this user | string |
| snowUrl | base URL of your ServiceNow instance | URL |
| snowUserName | ServiceNow User Name | string |
| sonarToken | The sonarcloud token assigned in the UI | string |
| sslVerify | Flag to verify SSL/TLS Certificates when making REST api calls | true or false (default true) |
| tenableAccessKey | Tenable access key | string |
| tenableSecretKey | Tenable secret key | string |
| tenableUrl | base URL for the Tenable API. | URL e.g. https://sc.tenalab.online |
| tenableGroupByPlugin | Flag for POA&M handling. If true, it creates a single POA&M per vulnerability labeled by plugin-id. | true or false (default true) |
| token | Bearer token or API token available on home page of RegScale instance | Base64 string |
| userId | userId available on home page of RegScale instance | String e.g. de8e7ca0-e8b7-44a3-8915-c799ad675e0e |
| vulnerabilityCreation | For Commercial Scan integrations, this determines whether an issue is created for vulnerabilities. Options are: "NoIssue" -don't create issues from vulnerabilities. "IssueCreation" - create issues from vulnerabilities. "PoamCreation" - create issues/POA&Ms from vulnerabilities | string: NoIssue|IssueCreation|PoamCreation |
| wizAccessToken | Populated by the CLI | string |
| wizAuthUrl | URL for granting authentication tokens | URI e.g. https://auth.wiz.io/oauth/token |
| wizExcludes | flags the specific assets to exclude from syncing to RegScale. For each node, this is based on the entities[0]["name"] attribute. | string |
| wizReportAge | Days old window for reports | whole number e.g. 15 |
| wizScope | Populated by the CLI | string |
| wizUrl | GraphQL endpoint for your Wiz.io instance | URL |
| Key | Notes | Value | ||
|---|---|---|---|---|
| issues: | ||||
| aws: | ||||
| high | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 30 | ||
| moderate | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 90 | ||
| low | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 365 | ||
| status | Status to be used in issues created in RegScale | Draft, Open, Pending Decommission, Supply Chain/Procurement Dependency, Vendor Dependency for Fix, Delayed, or Exception/Waiver | ||
| defender365: | ||||
| high | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 30 | ||
| moderate | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 90 | ||
| low | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 365 | ||
| status | Status to be used in issues created in RegScale | Draft, Open, Pending Decommission, Supply Chain/Procurement Dependency, Vendor Dependency for Fix, Delayed, or Exception/Waiver | ||
| defenderCloud: | ||||
| high | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 30 | ||
| moderate | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 90 | ||
| low | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 365 | ||
| status | Status to be used in issues created in RegScale | Draft, Open, Pending Decommission, Supply Chain/Procurement Dependency, Vendor Dependency for Fix, Delayed, or Exception/Waiver | ||
| jira: | ||||
| highest | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 7 | ||
| high | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 30 | ||
| moderate | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 90 | ||
| low | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 365 | ||
| lowest | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 365 | ||
| status | Status to be used in issues created in RegScale | Draft, Open, Pending Decommission, Supply Chain/Procurement Dependency, Vendor Dependency for Fix, Delayed, or Exception/Waiver | ||
| qualys: | ||||
| high | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 30 | ||
| moderate | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 90 | ||
| low | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 365 | ||
| status | Status to be used in issues created in RegScale | Draft, Open, Pending Decommission, Supply Chain/Procurement Dependency, Vendor Dependency for Fix, Delayed, or Exception/Waiver | ||
| salesforce: | ||||
| critical | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 7 | ||
| high | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 30 | ||
| moderate | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 90 | ||
| low | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 365 | ||
| status | Status to be used in issues created in RegScale | Draft, Open, Pending Decommission, Supply Chain/Procurement Dependency, Vendor Dependency for Fix, Delayed, or Exception/Waiver | ||
| tenable: | ||||
| critical | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 3 | ||
| high | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 30 | ||
| moderate | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 90 | ||
| low | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 365 | ||
| status | Status to be used in issues created in RegScale | Draft, Open, Pending Decommission, Supply Chain/Procurement Dependency, Vendor Dependency for Fix, Delayed, or Exception/Waiver | ||
| wiz: | ||||
| critical | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 3 | ||
| high | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 30 | ||
| moderate | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 90 | ||
| low | Number of days to add to today's date when setting due dates to RegScale issues | whole numbers e.g. 365 | ||
| status | Status to be used in issues created in RegScale | Draft, Open, Pending Decommission, Supply Chain/Procurement Dependency, Vendor Dependency for Fix, Delayed, or Exception/Waiver |
Updated 9 months ago