Connecting Rapid7
To connect Rapid7 to Prelude SCM you will need:
- Insight Platform API key
Create Rapid7 Insight Platform API key
Authorization requires a token header X-Api-Key, which can be generated from the Insight Platform key management page. See Insight Platform API Key for more details.
Document Link: https://help.rapid7.com/insightvm/en-us/api/integrations.html#section/Overview/Authorization
Steps to generate an X-Api-Key for API authentication.
- To generate an Authorization HTTPs header value of X-Api-Key, create an account in the application.
- Visit the official Rapid7 Insight website at the link below: https://insight.rapid7.com/login.
- Click Log In
- Click InsightVM
- Click the gear icon in the top-right corner, then select API Keys from the dropdown menu.
- Click Generate New User Key to create a new API key.
- Select the organization, define a name for the API key, and click Submit.
- Copy and securely save the generated API key, as you won't be able to view it again later.
Rapid7 IVM User Roles And their Permissions
|
Asset Owner, Security Manager, Site Owner |
Users with these roles can access asset data. |
|
Custom Role |
To create custom roles with the correct permissions and scoping can also retrieve asset data |
Document Link: https://docs.rapid7.com/insightvm/managing-users-and-authentication/
To Connect Rapid7 with Prelude
- Access the Prelude SCM Integration page here
- Click add integration
- Select Rapid7
- Name the integration
- Input the base URL for the Insight Console
- Input the API key from Step 8 above
- Click connect