Get Started

Introduction

Vendor Integration

AWS

After creating new AWS vendor data using the vendor template, you can go to the vendor details page in the Integration section to fill in the API Credentials from AWS IAM.

Click the save button to process the connection between fehagrc and AWS for evidence scanning purposes.

If fehagrc and AWS are successfully connected, it will take some time for the evidence scan to complete.

Click the view detail button to see the collected evidence along with the recommendation information.

GitHub

After creating new GitHub vendor data using the vendor template, you can go to the vendor details page in the Integration section to create new connection.

Input the organization name to system easily detect your destination repository.

Sign In to GitHub with your credentials.

Authorize fehagrc to access your organization on GitHub.

Select the destination repositories for scanning evidences.

The scanning process takes some time to complete.

Click the view detail button to see the collected evidence along with the recommendation information.

Note: integration between fehagrc and personal GitHub is easier than GitHub organization because it only requires authorization to the destination repository.

Gitlab

After creating new GitLab vendor data using the vendor template, you can go to the vendor details page in the Integration section to create new connection.

First, fill group name and instance URL field to create new connection.

After sign in to GitLab, we need to create new authorized application for save callback API from fehagrc and access permission for fehagrc.

Copy Application ID and Secret value from GitLab into fehagrc.

Paste Application ID and Secret for credentials to fehagrc scan evidences on your GitLab organization.

Select the destination repositories for scanning evidences.

The scanning process takes some time to complete.

Click the view detail button to see the collected evidence along with the recommendation information.

Note: integration between fehagrc and personal GitLabb is easier than GitHub organization because it only requires authorization to the destination repository.