Fidelis Cybersecurity
Fidelis Blog


Cooking with CloudPassage and Chef

On Tuesday, Chef announced its Partner Cookbook Program, setting the bar for companies to create high-quality Chef Cookbooks for their products that are easy to navigate and meet Chef community standards and best practices. Through this partnership, the quality of Chef Cookbooks is standardized so that users can be sure they are only getting the best recipes possible, ensuring easier integration and better flexibility.

We’re excited to be a part of the program, since many of our customers deploy CloudPassage Halo using Chef as their automation tool. We partnered with Chef to create a CloudPassage Halo-specific Cookbook, consistent with the Chef community’s best practices. Writing the Cookbook was an opportunity to accelerate adoption of CloudPassage Halo in environments where Chef is used for orchestration, enabling seamless, automated deployment of Halo. The Cookbook for CloudPassage Halo and an LWRP (Lightweight Resources and Providers) component are both available today in the Chef Supermarket.

In a nutshell, a Chef Cookbook is a set of instructions (called “recipes”) that are used to enforce a desired state of a system. Cookbooks exist for a multitude of administrative tasks, from adjusting system settings to installing and upgrading packages.

In our Cookbook we cover the ins and outs of getting Halo installed, and it’s designed to be flexible and usable in multiple ways, including:

  • As a reusable resource (LWRP), easily incorporating the agent installation and update process in other recipes.
  • As a recipe that can be run, passing in information— like the agent registration key— to install and run the Halo agent. In the event the agent is already installed, the recipe just makes an upgrade, if necessary, to reach the target version of the agent package.

If you use Chef to manage your infrastructure, and you use Halo for security automation, then you can use our Cookbook instead of writing and maintaining your own.

If you use Chef and you want to see what it is like to run security at the speed of DevOps, our Cookbook is a quick, easy path to Halo adoption.

So how and when should you use our Cookbook? You can find detailed instructions in the Cookbook’s README, but the simplest way to get started is to run the Cookbook, passing in the agent key via an attribute or data bag. This will install the Halo agent and register it with the Analytics Engine.

In the README you’ll also find a list of supported platforms, which include Ubuntu 12.04, Ubuntu 14.04, CentOS 6.7, CentOS 7.1, RHEL 7.2, and Windows Server 2012R2, but will work just as well on any platform (Linux or Windows) that is officially supported by CloudPassage Halo.

Our Cookbook makes it seamless for customers to build, test, implement, deploy, and orchestrate Halo agents through Chef. Let’s get cooking!

Stay up to date on all things security

Subscribe to the Threat Geek Blog