Add your IaC environments

Sophos Cloud Optix can monitor code submitted to your Infrastructure as Code (IaC) repositories for potential security issues.

Sophos Cloud Optix can also monitor code submitted to your Continuous Integration and Continuous Delivery (CI/CD) pipeline.

This can identify potential security issues before they reach production. Sophos Cloud Optix can currently check Terraform, AWS CloudFormation, Ansible, Kubernetes, and Microsoft Azure Resource Manager (ARM) IaC template files.

Sophos Cloud Optix provides integrations for GitHub, Bitbucket, and Jenkins.

You can also use the Sophos Cloud Optix REST API as part of your development processes and (CI/CD) pipelines. See Getting Started With Cloud Optix REST API.

You must grant Sophos Cloud Optix access to your code repositories if you use the GitHub and Bitbucket integrations. To grant access, do as follows:

  1. Go to Settings and click Add Environments.
    Add your cloud environment appears.
  2. Select IaC.
  3. Select the type of environment you want to add and follow the instructions.

When integration is complete, alerts will automatically appear in your Sophos Cloud Optix dashboard.