Add your Puppet Enterprise credentials to Security Compliance Management

To allow Security Compliance Management to communicate with Puppet Enterprise, you must add your PE credentials to Security Compliance Management.

Before you begin
Make sure you have classified the nodes you want to scan in Puppet Enterprise (PE).

Adding your Puppet Enterprise credentials authenticates Security Compliance Management with Role Based Access Control (RBAC). Your Puppet Enterprise account requires the following permissions:

Type Action Instance
Console View -
Job Orchestrator Start, stop and view jobs -
Node Groups View All
Nodes View node data from PuppetDB -
Tasks Run Tasks

Task: comply::backup_assessor

Permitted on: All nodes
Tasks Run Tasks

Task: comply::ciscat_scan

Permitted on: All nodes
User Roles View All
User Roles Create All
For more information on permissions, see User permissions and user roles.
  1. In Security Compliance Management — located at https://<COMPLY-HOSTNAME>/ — click Settings.
  2. Enter your Puppet Enterprise hostname, username, and password.
  3. Click Submit.
    Tip: You can refresh the Puppet Enterprise node and fact information by clicking Refresh data.
Results
You’ll now see a list of your classified nodes on the Nodes page.
What to do next
You have completed the Security Compliance Management setup process! You can now start running CIS scans on your nodes. If you're new to Security Compliance Management, try out the beginner's guide.