~ 3 min read

How to onboard Red Hat Quay to Kloudle

This blog lists the steps that are required to onboard Red Hat Quay to Kloudle.

What is Kloudle?

Kloudle is a Digital Assets Security Automation Platform for SREs and DevOps. When integrated with your Cloud or SaaS provider, Kloudle takes periodic security snapshots and provides complete security contextual visibility that allows you to make informed decisions about your infrastructure, the assets and their various configurations.

Kloudle collects metadata about the resources and analyzes them to identify misconfigurations and using a massive research powered knowledgebase, identifies what would go wrong if these misconfigurations were exploited and what you can do to fix them.

As part of making sure the lives of SREs and DevOps become easier, Kloudle offers the ability to create “rules” that allow a user to take automated actions against a baseline. These automated actions, which we call Security Processes, allow users to configure a series of steps that kick in when custom events occur to ensure the security of the cloud and SaaS platform being monitored.

Quay.io onboarding for Kloudle

Prerequisites

To onboard a Quay.io cloud account to Kloudle, an OAuth2 Access Token needs to be generated. This token can be generated from an Application that is created within Quay.io in any organisation.

Regardless of which organisation you create the Application in, the token that is generated will always act on behalf of the logged in user.

Steps to onboard Quay.io to Kloudle

Following are the steps to create an OAuth2 Token on Quay.io to onboard the account..

  1. Login to the Quay.io dashboard at https://quay.io/

  2. On the right side of the screen, select any organisation. Organisations have a URL of the form - https://quay.io/organization/ORGNAME

    Quay organization

  3. If no organisations exist, create a new organisation under the “Open Source” plan for the sake of generating the token. Note the name of the organisation.

    create quay organization

  4. In the Organisation selection, click on the “OAuth Applications” menu and click on the “Create New Application” button.

    new oauth applications

  5. Give the app the name “kloudle-quay-app”

    new oauth application name

  6. Once the application is created, click on the app name and select the “Generate Token” menu.

    Quay generate token

  7. Select the following permissions

    1. Administer Organization (required for organization level visibility, including teams and their permissions)
    2. View all visible repositories (required for repository visibility)
    3. Administer User (required for visibility into robot accounts and permissions)
    4. Read User Information (required for visibility of user information)

    Quay token permissions

  8. Click the “Generate Access Token” button.

  9. A new tab will open to request Authorization. Click on “Authorize Application” to generate the token.

  10. Copy the token shown and add it to Kloudle via the onboarding window. This token cannot be recovered if the window is closed, so make sure this is copied.

    Quay access token

  11. Now in the Kloudle dashboard, go to Manage and click on Red Hat Quay.io under Cloud Integrations.

    Kloudle dashboard

  12. Provide the Account name and OAuth Token we copied in step 10

    onboarding Quay to Kloudle

  13. Click on Add Account to complete the setup.

;