Monitor your IaC environment

You can monitor code repositories you've added to Sophos Cloud Optix.

To see the repositories to which you've granted access, or from which events are received, go to Settings and click Environments and click IaC Environments.

You can also see reports and alerts for your repositories.

Get IaC reports

You can see reports generated by analysis of the files in your repositories. Go to Compliance > Reports.

Note You only see reports corresponding to configurations we can classify as related to Terraform, AWS CloudFormation, Kubernetes, or Ansible. So you might not see reports on all repository push events.

See IaC alerts

To see IaC alerts:

  1. Go to Alerts and look for alerts with IaC in the Type column. You can filter the list to show only these alerts. Here's an example:

    Screenshot showing IaC alerts filtered by type
  2. Click an Alert ID for more details. Here's an example:
    Alert details
  3. In alert details you can click the plus sign next to a resource. This shows more detail about the resource including the branch, repository, file name, and the variable containing the resource's reference. You can use this information to identify the resource and fix the issue.

    Screenshot of Resource details