Skip to main content

IaCM Security

Harness IaCM integrates robust security measures to safeguard your infrastructure state. It leverages the Harness Platform's functionalities, including Authentication, Role-Based Access Control (RBAC), Resource Groups, Pipelines, Audit Trail, Connectors, Secrets, and Licensing. These measures adhere to the stringent security protocols outlined in the Security section. For Infrastructure as Code Management (IaCM), Harness IaCM ensures:

  • Data encryption in transit using TLS 1.3.
  • Data encryption at rest with AES 256.
  • Regular security testing and vulnerability scanning.
  • Logical and physical data segmentation.

Common Security Concerns

Harness protects customer infrastructure and data through rigorous security measures. Access to systems is restricted to authorized employees using secure connections, with all activities logged and reviewed regularly. State files and sensitive information are safeguarded with strong encryption (TLS 1.3 and AES 256) and controlled access. Customers can further enhance security by integrating their identity provider and setting IP allowlists.

During the planning and execution phases, Harness ensures compliance by checking changes against organizational policies and detecting any tampering with state files before execution. These measures maintain a secure and compliant environment for managing infrastructure changes.

The operational model flow is comprised of three components:

All executed commands honor your defined backend, which determines where your infrastructure state is stored and how terraform and tofu operations such as apply or destroy are executed.

default backend

If no plan file is specified, IaCM will apply its own backend implicitly.

Operational model

The following diagram highlights the operational model flow and operations carried out at each stage.

Interactive Diagram

Start by clicking on the first step node for more details.