HomeGuidesAPI ReferenceChangelog
Log In
Guides

CLI Configuration File

Configuration File

Once the Command Line Interface (CLI) is installed, it creates a file called init.yaml containing the configuration settings. These settings are enumerated below.

Editing a Setting

See Config

Configuration Key/Value pairs:

KeyNotesValue Type
adAccessTokenPopulated by the CLIstring
adAuthUrlauthentication URLURI, typically https://login.microsoftonline.com/
adClientIdApplication (client) ID from Active Directorystring
adClientSecretsecret from Active Directorystring
adGraphUrlMicrosoft Graph URLURI, typically https://graph.microsoft.com/.default
adTenantIdDirectory (tenant) ID from Active Directorystring
assessmentDaysNumber of days to add to today for the planned finish date for an assessment in RegScalenumeric e.g. 10
azure365AccessTokenAzure DefenderAccess token (created by the API)string
azure365ClientIdAzure Defender access keystring
azure365SecretAzure Defender secret keystring
azure365TenantIdAzure Defender Tenant IDstring
azureCloudAccessTokenAzure Cloud Defender Access token (created by the API)string
azureCloudClientIdAzure Cloud Defender access keystring
azureCloudSecretAzure Cloud Defender secret keystring
azureCloudSubscriptionIdAzure Cloud Defender Subscription Idstring
azureCloudTenantIdAzure Cloud Defender Tenant IDstring
cisaAlertsURL of cisa alerts pageURI:
cisaKevURL of CISA Known Exploits and VulnerabilitiesURI:
crowdstrikeBaseUrlUrl of Crowdstrike SystemURI
crowdstrikeClientIdCrowdStrike Client IDstring
crowdstrikeClientSecretCrowdStrike Client Secretstring
dependabotIdThe GitHub user idstring
dependabotOwnerThe owner of the GitHub repositorystring
dependabotRepoThe GitHub repository namestring
dependabotTokenThe personal access tokenstring
domainRegScale instance URIURI e.g. https://regscale.io
evidenceFolderthe location of the folder containing the required documents to be testedpath, e.g. ./evidence
failScorethe score at which an assessment failswhole number e.g. 30
gcpCredentialspath to gcp credentials filepath, e.g. /credentials.json
gcpOrganizationIdOrganization Id from GCP - if importing organization scansstring
gcpProjectIdProject Id from GCP - if importing project scansstring
gcpScanTypeOrganization or Projectstring: organization | project
githubDomainThe GitHub api domain for your organizationURI e.g. api.github.com
issueCreationFor Commercial Scan integrations, this determines whether an issue is created for each unique vulnerability / asset pair: PerAsset or only for each unique vulnerability: Consolidatedstring: options "Consolidated" | "PerAsset"
jiraApiTokenThe Jira API token generated for the given usernamestring
jiraUrlThe Base URL of your Jira InstanceURI: e.g. https://regscale.jira.org
jiraUserNameJira user namestring
maxThreadsThe total number of threads the application is allowed to use for bulk processing.numeric e.g. 1000
oktaApiTokenAPI access token, generated within Okta admin portalstring
oktaClientIdOkta Client Idstring
oktaScopesWhat permissions the RegScale CLI application is allowed from Okta admin portalrequires okta.users.read and okta.roles.read
oktaSecreteKeyOnly used if Bearer token is your desired authentication method with Okta APIstring
oktaUrlURL for your Okta instanceURL
oscalLocationFile Path for OSCAL FilesFile Path e.g. /opt OSCAL
otxdeprecated
passScorethe score at which an assessment passeswhole number, e.g. 80
poamTitleTypeWhat to use for the title of poams created from scans Cve (default) - CVE Number |
pluginId - Scanner Plugin Id
pwshPathPowerShell PathPath e.g. /opt/microsoft/powershell/7/pwsh
qualysPasswordQualys password to log instring
qualysUrlbase URL for the Qualys APIURL (Article)
qualysUserNameQualys user name to log instring
salesforcePasswordPassword for SalesForce, you can also use an environment variable as SF_PASSWORDstring
salesforceTokenSecurity token for SalesForce, you can also use an environment variable as SF_TOKENstring
salesforceUserNameYour User Name in SalesForce, you can also use an environment variable as SF_USERNAMEstring
snowPasswordServiceNow password for this userstring
snowUrlbase URL of your ServiceNow instanceURL
snowUserNameServiceNow User Namestring
sonarTokenThe sonarcloud token assigned in the UIstring
ssl_verifyFlag to verify SSL/TLS Certificates when making REST api callstrue or false (default true)
tenableAccessKeyTenable access keystring
tenableSecretKeyTenable secret keystring
tenableUrlbase URL for the Tenable API.URL e.g. https://sc.tenalab.online
tenableGroupByPluginFlag for POA&M handling. If true, it creates a single POA&M per vulnerability labeled by plugin-id.true or false (default true)
tokenBearer token or API token available on home page of RegScale instanceBase64 string
userIduserId available on home page of RegScale instanceString e.g. de8e7ca0-e8b7-44a3-8915-c799ad675e0e
vulnerabilityCreationFor Commercial Scan integrations, this determines whether an issue is created for vulnerabilities. Options are: "NoIssue" -don't create issues from vulnerabilities. "IssueCreation" - create issues from vulnerabilities. "PoamCreation" - create issues/POA&Ms from vulnerabilitiesstring: NoIssue|IssueCreation|PoamCreation
wizAccessTokenPopulated by the CLIstring
wizAuthUrlURL for granting authentication tokensURI e.g. https://auth.wiz.io/oauth/token
wizExcludesflags the specific assets to exclude from syncing to RegScale. For each node, this is based on the entities[0]["name"] attribute.string
wizReportAgeDays old window for reportswhole number e.g. 15
wizScopePopulated by the CLIstring
wizUrlGraphQL endpoint for your Wiz.io instanceURL
KeyNotesValue
issues:
aws:
highNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 30
moderateNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 90
lowNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 365
statusStatus to be used in issues created in RegScaleDraft, Open, Pending Decommission, Supply Chain/Procurement Dependency, Vendor Dependency for Fix, Delayed, or Exception/Waiver
defender365:
highNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 30
moderateNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 90
lowNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 365
statusStatus to be used in issues created in RegScaleDraft, Open, Pending Decommission, Supply Chain/Procurement Dependency, Vendor Dependency for Fix, Delayed, or Exception/Waiver
defenderCloud:
highNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 30
moderateNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 90
lowNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 365
statusStatus to be used in issues created in RegScaleDraft, Open, Pending Decommission, Supply Chain/Procurement Dependency, Vendor Dependency for Fix, Delayed, or Exception/Waiver
jira:
highestNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 7
highNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 30
moderateNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 90
lowNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 365
lowestNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 365
statusStatus to be used in issues created in RegScaleDraft, Open, Pending Decommission, Supply Chain/Procurement Dependency, Vendor Dependency for Fix, Delayed, or Exception/Waiver
qualys:
highNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 30
moderateNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 90
lowNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 365
statusStatus to be used in issues created in RegScaleDraft, Open, Pending Decommission, Supply Chain/Procurement Dependency, Vendor Dependency for Fix, Delayed, or Exception/Waiver
salesforce:
criticalNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 7
highNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 30
moderateNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 90
lowNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 365
statusStatus to be used in issues created in RegScaleDraft, Open, Pending Decommission, Supply Chain/Procurement Dependency, Vendor Dependency for Fix, Delayed, or Exception/Waiver
tenable:
criticalNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 3
highNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 30
moderateNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 90
lowNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 365
statusStatus to be used in issues created in RegScaleDraft, Open, Pending Decommission, Supply Chain/Procurement Dependency, Vendor Dependency for Fix, Delayed, or Exception/Waiver
wiz:
criticalNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 3
highNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 30
moderateNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 90
lowNumber of days to add to today's date when setting due dates to RegScale issueswhole numbers e.g. 365
statusStatus to be used in issues created in RegScaleDraft, Open, Pending Decommission, Supply Chain/Procurement Dependency, Vendor Dependency for Fix, Delayed, or Exception/Waiver