Resourcely Documentation
LoginSign Up
  • Get Started
    • 🎱What is Resourcely?
    • πŸ‘‹Why Resourcely
    • πŸƒQuickstart
      • Terraform policies integrated into CI
      • Remediate policy violations in existing infrastructure
      • Templates for generating Terraform
      • Glossary
  • Concepts
    • Foundry
      • Create Blueprints with Foundry
      • Creating Guardrails with Foundry
      • lmport Terraform Modules
    • Guardrails
      • Writing your own Guardrails
      • Editing Guardrails
      • Releasing Guardrails
      • Enabling Inactive Guardrails
      • Guardrails in Action
        • 🐱GitHub Actions
        • 🦊GitLab Pipelines
    • Campaigns
      • Get started with Campaigns
      • Creating Campaigns
      • Remediate Resources
      • Campaign Agent
        • State File Support
          • Amazon Simple Storage Service (S3)
          • Google Cloud Storage (GCS)
          • HCP Terraform
          • Spacelift
        • Running Campaigns with GitHub Actions and a Repo-Hosted State File
        • Running Campaigns Locally
    • Blueprints
      • Authoring Your Own Blueprints
      • Using Built-in Resourcely Blueprints
      • Configuring Global Contexts
      • Deep Linking
    • Resources
      • Provisioning Infrastructure
      • Editing Infrastructure
      • Shopping Cart
      • Config Roots and Environments
    • Other Features and Settings
      • Global Values
      • Global Context
      • Metrics
      • Resourcely-cli
      • Resourcely.yaml
      • VCS Proxy
      • Settings
        • User management
        • Company Information
        • Notification Settings
        • Change Management
          • 🐱Connect to GitHub
          • 🦊Connect to Gitlab
        • Generate API Token
    • ✨Production Setup
      • Single Sign-On (SSO)
        • Auth0
        • AWS Single Sign-On
        • Azure AD
        • Google Workspace
        • JumpCloud
        • Okta
        • Omnissa Workspace ONE (formerly VMware)
        • OneLogin
        • Ping Identity
        • Other SAML / OIDC Providers
      • Source Code Management
        • Page
        • 🐱GitHub
        • 🦊GitLab
        • Atlassian Bitbucket
        • Azure Repos
  • Tutorials and guides
    • Remediation Use Cases
      • Apply tags to resources for automating backups
      • Implement centralized logging
    • Blueprints Use Cases
      • Automate Data Pipeline Creation
      • Encryption for GCP
      • AWS Account Factory
      • Streamline and govern AI
      • IAM Factory
      • Cost optimization for FinOps
      • Guardrails for Terraform Modules
    • Using the Resourcely Terraform Provider
      • Setup Resourcely Provider
      • Blueprints
      • Guardrails
      • Global Context
  • Integrate
    • CI/CD & Terraform Runners
      • Atlantis
      • 🐟AWS CodeBuild
      • Azure Pipelines
      • Buildkite
      • CircleCI
      • CloudBees CI
      • Codefresh
      • Digger
      • Env0
      • 🎏GitHub Actions
        • 🐱Local Plan
          • 🐹AWS with OpenID Connect
        • 🐢Terraform Cloud Integration
      • 🦊GitLab Pipelines
      • Harness
      • πŸ—»HashiCorp Cloud Platform (formerly Terraform Cloud)
      • Jenkins
      • Octopus Deploy
      • Scalr
      • 🌌Spacelift
      • Terramate
      • 🌎Terrateam
    • Cloud Providers
      • 🌨️Amazon Web Services (AWS)
      • πŸ€“Google Cloud Platform (GCP)
        • Guardrail Gaunlet at Google Cloud Next 2025
      • πŸ’ΎMicrosoft Azure
      • Alibaba Cloud
      • Huawei Cloud
      • IBM Cloud
      • Oracle Cloud Infrastructure (OCI)
      • Tencent Cloud
      • VMware vSphere
    • Developer Portals
      • Atlassian Compass
      • Backstage
      • Cortex
      • Harness IDP
      • Home grown internal developer portals
      • OpsLevel
      • Port
      • Roadie
    • ITSM
      • Atlassian Jira
      • FreshWorks
      • ServiceNow ITSM
      • ZenDesk
    • CSPM
      • Wiz
    • More Terraform Provider Integrations
      • πŸš‚ConductorOne Provider
      • Databricks Provider
      • Kubernetes Provider
      • πŸ•Datadog Provider
      • ❄️Snowflake Provider
Powered by GitBook
On this page
  1. Concepts
  2. Campaigns
  3. Campaign Agent

Running Campaigns Locally

PreviousRunning Campaigns with GitHub Actions and a Repo-Hosted State FileNextBlueprints

Last updated 2 months ago

Running Campaigns Locally

You can run campaigns on a local state file. This feature requires the following:

Prerequisite

  • An active account on

  • An active list of guardrails in order to generate violations, see Guardrails

  • Resourcely-CLI which you can find the list of available versions

  • A valid RESOURCELY_API_TOKEN which can be obtained Generate API Token

  • A copy of state file in JSON format - You can find example state file in our

Running CLI

Now you can run the resourcely-cli against a local state file. We can export a CSV of findings associated with a single state file without needing any configuration beyond the normal for the resourcely CLI.

export RESOURCELY_API_TOKEN=<token>

Without config root

resourcely-cli evaluate_state --state_file terraform.json --api_host <https://api.resourcely.io> --repo_url <https://github.com/org/repo_name>

With config root configured via resourcely.yaml

resourcely-cli evaluate_state --state_file terraform.json --api_host <https://api.resourcely.io> --repo_url <https://github.com/org/repo_name> --config_root_path "."

Results will look like this

... Logs trimmed to highlight relevant sections ...
2025-01-08T13:25:20.666-0800	info	evaluate/state.go:650	Checking Campaigns:All (config_root=., environment=dev) for guardrail violations...	{"run_id": "d32d5491-f9aa-4137-8cbd-31405aea5abe", "repo_url": "<https://github.com/org/repo_name>", "config_root": "."}
2025-01-08T13:25:20.737-0800	info	evaluate/evaluate_state.go:82	Evaluation returned 0 passed checks, 3 violations
2025-01-08T13:25:20.737-0800	warn	cl/cl.go:124	Guardrail checks found 3 violations
2025-01-08T13:25:20.737-0800	info	evaluate/evaluate.go:294	=============== Guardrail ID 2c451692-1bef-43e7-8597-0680d8ae6bc3 ==============
2025-01-08T13:25:20.737-0800	warn	cl/cl.go:124	(config_root_path: "." environment: "dev") Resource "aws_s3_bucket_versioning.campaigns-data-resource_fraMshbmm94dxGRa" violates requirement "REQUIRE versioning_configuration.status = \\"Enabled\\"". Approver: "default"
2025-01-08T13:25:20.737-0800	info	evaluate/evaluate.go:294	=============== Guardrail ID 2ced4a82-23fa-4e42-b467-b60c2605745f ==============
2025-01-08T13:25:20.738-0800	warn	cl/cl.go:124	(config_root_path: "." environment: "dev") Resource "aws_s3_bucket_public_access_block.campaigns-data-resource_fraMshbmm94dxGRa" violates requirement "REQUIRE block_public_acls = true AND restrict_public_buckets = true". Approver: "default"
2025-01-08T13:25:20.738-0800	info	evaluate/evaluate.go:294	=============== Guardrail ID 7d69433d-3018-4889-8bb2-6725d2d2a18b ==============
2025-01-08T13:25:20.738-0800	warn	cl/cl.go:124	(config_root_path: "." environment: "dev") Resource "aws_s3_bucket.campaigns-data-resource_fraMshbmm94dxGRa" violates requirement "REQUIRE bucket STARTSWITH \\"resourcely\\"". Approver: "default"

With environment

resourcely-cli evaluate_state --state_file terraform.json --api_host <https://api.resourcely.io> --repo_url <https://github.com/org/repo_name> --config_root_path "." --environment "dev"

Output results to a CSV file

resourcely-cli evaluate_state --state_file terraform.json --api_host <https://api.resourcely.io> --repo_url <https://github.com/org/repo_name> --output_file_csv /path/to/export.csv

Upload Findings

We can add findings into a config root as long as it doesn’t have an actual setup for campaigns; these will be rejected if there is any pre-existing setup for that config root. This allows you to see the findings in the UI, and go through the steps for campaigns without needing the proxy set up.

resourcely-cli evaluate_state state terraform.json --api_host https://api.resourcely.io --repo_url https://github.com/org/repo_name --config_root_path us-east-1 --upload_demo_findings true

You can also test demo findings through the repository evaluating a state file in a repository.

https://portal.resourcely.io/
here
scaffolding repo
Github scaffolding