Integrate with CI/CD

Cloudrail is designed to be integrated into CI pipelines, such as those run with GitLab, CircleCI, Jenkins and Github Actions. This is achieved by using the Cloudrail CLI container, available via DockerHub.

While all CI pipelines are supported, we provide detailed documentation for using a few specific ones:

  1. AWS CodeBuild
  2. CircleCI
  3. GitLab
  4. GitHub Actions
  5. Jenkins

Whatever CI platform you use, Cloudrail will return exit codes based on the following list:

Exit CodeDescription
0Cloudrail successfully executed the assessment, and found no rule violations with rules that are set to Mandate. Note that rules that are set to Advise will generate warnings, and still return exit code 0.
1Cloudrail successfully execute the assessments, and found rule violations in rules set to Mandate.
2There was an error executing the assessment due to an issue in the Cloudrail Service, please contact support.
3Invalid input provided, please review the parameters you entered.
4There was an issue building the context, which is the process through which Cloudrail understands the relationships between resources. This is usually a bug, please contact support. You can also add --no-fail-on-context-error to your run in order to avoid these.
5User terminated execution.
6There was a timeout in the assessment execution, please contact support.
7There was an error on the CLI side during assessment execution, please contact support.