Skip to content
| Marketplace
Sign in
Azure DevOps>Azure Pipelines>Ermetic
Ermetic

Ermetic

Ermetic

ermetic.com
|
12 installs
| (3) | Free
Ermetic Azure Pipelines extension

Ermetic Azure Pipelines Extension

Use the Ermetic Azure Pipelines extension to scan your infrastructure-as-code (IAC) pipeline for security issues. Doing so can help you identify and remediate configuration issues before your cloud resources are deployed.

ErmeticLogo

IaC Scan Task Parameters

Parameter Description Default Example
apiToken (Required) The API token used to communicate with Ermetic. Generated in the Ermetic Console during initial Azure Pipelines setup.
apiUrl (Required) The URL of the Ermetic API. The API URL varies based on the region in which your Ermetic environment is deployed. https://us.app.ermetic.com/
excludePaths Exclude specific paths from the scan. dev/
excludePolicies The IDs of any Ermetic policies to exclude from the scan. This parameter is mutually exclusive with `policies` such that a value can only be entered for one of the two. 3e4d5ce6-3280-4027-8010-c26eeea1ec01
failOnMinSeverity The minimum policy severity that should return an exit code different from 0, and fail the build workflow. Possible values: none information low medium high critical none critical
logs Whether to print log messages to the standard workflow output. Log messages include information about the run process of the scanner and debug information, such as the number of files/lines scanned. Possible values: true false true
minSeverity The minimum severity of Ermetic policies that you want to include in the scan. Possible values: information low medium high critical information medium
outputFileFormats The format/s of the report output file/s which will be exported. Possible values: csv json junit sarif json json,csv
outputFileName The name of the report output file/s which will be exported. If multiple formats are selected, all files will have the same name. results results
outputPath The export path for the report output file/s. results/
paths The repository path/s that will be scanned by Ermetic, entered as a comma separated list. If left blank, Ermetic will scan the entire repository. prod/,stg/
policies The IDs of the Ermetic policies that will be used to scan the repository, entered as a comma separated list. If no values are entered, all policies will be scanned. This parameter is mutually exclusive with `excludePolicies` such that a value can only be entered for one of the two. For information about how to retrieve policy ID information from the Ermetic CLI, refer to Ermetic documentation. 3e4d5ce6-3280-4027-8010-c26eeea1ec01,32ecd6eb-0711-421f-9627-1a28d9eff217
silent Whether to print scan result content to the standard workflow output. Scan result output contains detailed information about issues found during scanning. Independent from logs. Possible values: true false false false
types The IaC frameworks that Ermetic scans. If no value is entered, Ermetic scans all frameworks. Possible values: terraform terraform-plan cloudformation terraform
  • Contact us
  • Jobs
  • Privacy
  • Terms of use
  • Trademarks
© 2023 Microsoft