Remediate Resources
Last updated
Last updated
Remediators does not make a distinction about which Campaigns are ongoing: for a remediator, their focus is simply fixing the issue. A remediator can see either a list of repos and config roots with findings that are associated with an active campaign, or they can be given a link directly to the remediation page.
There are two actions a remediator can take for findings. The first is to fix the issue; to this end, the editor will show them all of the findings currently present in the config root.
The other option is to get an approval.
Typically, in Resourcely change management, findings that are already merged into the codebase are inherently considered approved; to indicate to the change management flow to loop in the appropriate approvers for change management, the remediator can request approvals on any of the preexisting findings. If the associated reviewer group then approves the finding, then that approval will be associated with the finding so that it is no longer considered open once the remediation proposal PR is merged.
Clicking Evaluate Changes → Evaluate generates a Pull/Merge Request (PR) containing your proposed changes.
The PR will run automated checks that use resourcely-cli to validate your proposed changes. If your changes fix guardrail violations, they will disappear from the Remediate screen once Evaluate finishes.
Until you merge your PR, the findings still exist in Resourcely - you haven’t actually updated your infrastructure yet!
Clicking Submit will add approvers to your PR for any remaining findings or requested exceptions.
When your changes are applied (likely after the PR merges), Resourcely performs a scan of your infrastructure. This scan is what finally resolves the findings in Resourcely.
When you click on Request Exception without making any ****code changes. This is expected, and still involves the creation of a PR. Resourcely will add approvers to the PR and attach information describing your exception requests. You can add description to explain why you are requesting the exception.
After clicking 'Submit,' proceed to 'Evaluate Changes' and then select 'Evaluate.' This action will generate a pull request that includes a detailed description explaining the reason for your exception request.
After that click on 'Evaluate Changes' and then select 'Submit.' This action will finalize the details and request approval from the guardrail default approver.
Guardrails can reference context answers. Please refer to Context and resource-level answer for more details.
When a finding corresponds to a guardrail that reference global context question. You can update the context answers and we will store answers in resourcely.tf. If you move the answers to a different file, Resourcely will leave them where you put them.
