1.0.1 • Published 8 months ago
@wiz-sec/backstage-plugin-wiz v1.0.1
Wiz Plugin for Backstage
This plugin provides a user interface for viewing Wiz security information within Backstage.
Features
- Display security issues and vulnerabilities in a comprehensive table view
- Severity-based issue categorization
- Real-time search functionality
- Pagination support
- Integration with Backstage catalog entities
- Support for various security annotations
Installation
Add the Frontend Plugin
# From your Backstage root directory
yarn add --cwd packages/app @wiz-sec/backstage-plugin-wizConfiguration
Entity Annotations
Add the following annotations to your catalog entities:
metadata:
annotations:
wiz.io/project-id: 'your-project-id'
wiz.io/asset-id: 'your-asset-id'
wiz.io/external-asset-id: 'your-external-asset-id'
wiz.io/repository-external-id: 'your <org/repo>'Available annotations:
wiz.io/project-id: Wiz project identifierwiz.io/asset-id: Direct asset identifier in Wizwiz.io/external-asset-id: External asset identifier (e.g., AWS resource ID)wiz.io/repository-external-id: Repository identifier for version control integration (e.g., demo-org/demo-repo)
Features
Search Functionality
- Real-time search for vulnerabilities by CVE IDs
- Search issues by rule or resource name
Pagination
- Configurable page sizes (5, 10, 20 items)
- Load more data on demand
- Total count display
Usage Examples
Basic Implementation
// packages/app/src/components/catalog/EntityPage.tsx
import {
BackstagePluginWizPage
} from "@wiz-sec/backstage-plugin-wiz";
...
const serviceEntityPage = (
...
<EntityLayout.Route
path="/wiz"
title="Wiz"
>
<BackstagePluginWizPage />
</EntityLayout.Route>
);Entity Integration
# catalog-info.yaml
apiVersion: backstage.io/v1alpha1
kind: Component
metadata:
name: my-service
annotations:
wiz/project-id: 'proj-123'
wiz/external-asset-id: 'aws-resource-789'Troubleshooting
Common issues and solutions:
- No data displayed
- Verify entity annotations are correct
- Check backend connectivity
- Validate API credentials