Actual Extension Building Instructions

I’m looking to learn how to build and deploy extensions for private and public consumption, but so far I only see scripts. Where is the actually information needed to do what I want?

Building a Plug-in is basically running scripts to automate the initial framework to the icon standard, generating help documentation, and delinting your code.

40,000 foot view of the process:

  1. Install the icon toolset
  2. Create a folder to do your build (it should be the name of the plug-in)
  3. Inside that folder create a yaml file that outlines the plug-in
  4. Run the icon generate command to get the initial file structure and framework of the plug-in
  5. Go into your connection folder each of your action folders and add the logic of the action that returns an object
  6. Using the icon run command test your actions
  7. Once you have tested everything and you have a working plugin, run the icon export command
  8. You can then import this plug-in into insightConnect to use yourself, or if you want to contribute to the community you can create a pull request on the GitHub page (there are instructions on what needs to be included there)

Everything you need to know with examples can be found here: https://komand.github.io/python/start.html
Hopefully that will get you going, let me know if you have any questions.

Today, the InsightConnect product is the most extensible and allows for easy contributions from its users. More of Rapid7’s products will become extensible over time so keep checking back!

Brandon covered plugins already, but we also have a contribution process for workflows through our public workflow repo on Github. GitHub - rapid7/insightconnect-workflows: Community workflows for the InsightConnect SOAR product

If this interests you, see the contributor’s guide for more information:

At a high-level:

  1. Create a workflow in InsightConnect
  2. Export the workflow
  3. Create a workflow directory following the structure in the workflows repo
  4. Add the workflow to the directory
  5. Create a help.md document for the workflow documentation
  6. Complete the workflow.spec.yaml file which contains details to list the workflow on the Extension Library
  7. Add any screenshots as PNG files in the screenshots directory (for display on Extension Library)
  8. Push to Github

The easiest thing to do is copy an existing workflow directory and modify it to your needs.

While this is mostly a manual process today, the team is exploring ways for users to contribute back from the Extension Library so stay tuned for that. In addition, we plan to have a unified builder experience, with documentation and all across Rapid7 products. We’re all very excited for what is to come.

@pablo_vega In addition to all that Jon and Brandon already provided for InsightConnect, if you are looking to get started with other Rapid7 products usually the best place to go is our API documentation. We’ve compiled a list of the resources you might find helpful here: Resources for Getting Started with Rapid7 APIs and Building Extensions.

Thanks for reaching out!

Thanks for the quick responses! I think it was probably a mistake not specifying the product I wanted to create an extension for. I actually wanted to create an extension for InsightVM. Where is the documentation for that?

@pablo_vega When extending InsightVM, it will depend a bit as to what you are hoping to accomplish. Usually a mix of the RESTful API documentation and the Reporting Data Model documentation are most helpful for getting started:
InsightVM API Documentation
InsightVM Reporting Data Model

If you are looking to instead add a custom check for your environment, this documentation may also be helpful. If you are looking for something else entirely, just let us know we will try our best to get you to the right place!

@zyoutz I’m looking to develop the following solutions to start:

  • Grab all Public IPs from Azure (not just for VMs) and add as assets
  • Tag Assets with the Azure Subscription they belong to

I know this can done using an Azure Function, for example, but I’m trying to avoid going this route and sticking to Rapid7 while contributing to the community.

Thanks for the information @pablo_vega, I think we can point you in the right direction to get started. First, there is an InsightVM integration for Azure Discovery that might come in handy for discovery of virtual assets. While this won’t give you all Azure service public IPs, it is a great place to get started.

In addition to that, if you are able to pull the public IPs of the other Azure services you want to scan you will be able to add them to a site scope. Our very own @tyler_schmidtke wrote up a post on this for automating site scopes for use in scanning. Between that post and the Sites endpoints in the InsightVM API documentation, you should be able to get started.