Traditional (SSH) Quickstart

Harness Key Concepts

Harness Products and Editions

Get Started with Continuous Efficiency

Harness On-Premise Overview

Built-in App Tour Guide

AWS AMI Quickstart

AWS CodeDeploy Quickstart

AWS ECS Quickstart

AWS Lambda Quickstart

Helm Quickstart

IIS (.NET) Quickstart

Kubernetes Quickstart

Pivotal Cloud Foundry Quickstart

Tour Harness Manager

Supported Platforms and Technologies

Checklist Builder

Harness Delegate Overview

Delegate Requirements and Limitations

Delegate Installation Overview

Install the Harness Shell Script Delegate

Install the Harness Kubernetes Delegate

Install the Harness ECS Delegate

Install the Harness Helm Delegate

Install the Harness Docker Delegate

Approve or Reject Harness Delegates

Run Scripts on Delegates using Profiles

Use Secrets in a Delegate Profile

Select Delegates with Selectors

Install the AWS CLI on a Delegate

Scope Delegates to Harness Components and Commands

Target Delegates to Specific Namespaces

Automate Harness Kubernetes Delegate Setup

Use Custom Helm Binaries on Harness Delegates

Add Self-Signed Certificates for Delegate Connections

Delegate Task Category Mapping

Configure Delegate Proxy Settings

Connectors Overview

Add Cloud Providers

Add Kubernetes Cluster Cloud Provider

Add Google Cloud Platform Cloud Provider

Add Amazon Web Services Cloud Provider

Add Microsoft Azure Cloud Provider

Add Pivotal Cloud Foundry (PCF) Cloud Provider

Add Physical Data Center as Cloud Provider

Add SpotInst Cloud Provider

Add Artifact Servers

Add Docker Registry Artifact Servers

Add Helm Repository Artifact Servers

Add AWS S3 and Google Cloud Storage Artifact Servers

Add Azure DevOps Artifact Servers

Add Jenkins Artifact Servers

Add Bamboo Artifact Servers

Add Nexus Artifact Servers

Add Artifactory Servers

Add Samba Server Artifact Servers

Add SFTP Artifact Servers

Add Source Repo Providers

Add a GitHub Repo

Add a Bitbucket Repo

Add a GitLab Repo

Add a CodeCommit Repo

Add Collaboration Providers

Add SMTP Collaboration Provider

Add Jira Collaboration Provider

Add ServiceNow Collaboration Provider

Add Verification Providers

Manage User Notifications

Send Notifications Using Slack

Send Slack Messages from Workflows

Send Notifications to Microsoft Teams

Manage Alert Notifications

Migrate to Harness Community

Add Application Stacks

Create an HTTP Workflow Step Template

Create a Shell Script Workflow Step Template

Create a Service Command Template

Add Service Command Templates into Command Units

Link Templates to Services and Workflows

Copy Templates to Workflow

Use Expressions in Workflow and Pipeline Tags

Assign Metadata Using Tags

Apply Filters Using Tags

Manage Tags

Deployments Overview

Filtering Deployments

View the Delegates Used in a Deployment

Export Deployment Logs

Restrict Deployment Access to Specific Environments

Deploy a Workflow to Multiple Infrastructures Simultaneously

Resume Pipeline Deployments

AMI/ASG Deployments How-tos

AMI Basic Deployment

AMI Canary Deployment

AMI Blue/Green Deployment

AMI Spotinst Elastigroup Deployment

Configure Spotinst Traffic Shift Verification

ECS Deployments Overview

1 - Harness ECS Delegate

2 - ECS Connectors and Providers Setup

3 - ECS Services

4 - ECS Environments

5 - ECS Workflows

6 - ECS Blue/Green Workflows

7 - ECS Setup in YAML

8 - ECS Troubleshooting

Deploy Multiple ECS Sidecar Containers

Run an ECS Task

Use Remote ECS Task and Service Definitions in Git Repos

CloudFormation How-tos

Set Up Your Harness Account for CloudFormation

Add CloudFormation Templates

Map CloudFormation Infrastructure

Provision using CloudFormation Create Stack

Using CloudFormation Outputs in Workflow Steps

Remove Provisioned Infra with CloudFormation Delete Stack

AWS Lambda How-tos

AWS Lambda Deployment Overview

Connect to AWS for Lambda Deployments

Add Lambda Functions

Define Your Lambda Target Infrastructure

Create a Basic Lambda Deployment

View Lambda Deployments in the Serverless Functions Dashboard

Azure Virtual Machine Scale Set Deployments Overview

Connect to Azure for VMSS Deployments

Add Your Azure VM Image for Deployment

Define Your Azure VMSS Target Infrastructure

Create an Azure VMSS Basic Deployment

Create an Azure VMSS Canary Deployment

Create an Azure VMSS Blue/Green Deployment

Azure VMSS Versioning and Naming

Azure ACR to AKS Deployments Overview

1 - Harness Account Setup for Azure ACR to AKS

2 - Harness Service Setup for Azure ACR and AKS

3 - Define Your AKS Target Infrastructure

4 - Azure ACR to AKS Workflows and Deployments

5 - Azure ACR to AKS Troubleshooting

Build and Deploy Pipeline How-tos

Connect to Your Artifact Build and Deploy Pipeline Platforms

Add Your Build and Deploy Pipeline Artifacts

Create the Build Workflow for Build and Deploy Pipelines

Define Your Build and Deploy Pipeline Target Infrastructure

Create the Deploy Workflow for Build and Deploy Pipelines

Create the Build and Deploy Pipeline

Run Google Cloud Builds

Helm Native Deployment Guide Overview

1 - Delegate, Providers, and Helm Setup

2 - Helm Services

3 - Helm Environments

4 - Helm Workflows and Deployments

5 - Helm Troubleshooting

Upgrade Native Helm 2 Deployments to Helm 3

IIS (.NET) Deployment Overview

1 - Delegate and Connectors for IIS

2 - Services for IIS (.NET)

3 - IIS Environments in AWS and Azure

4 - IIS Workflows and Pipelines

5 - Best Practices and Troubleshooting

Kubernetes How-tos

Connect to Your Target Kubernetes Platform

Add Container Images for Kubernetes Deployments

Pull an Image from a Private Registry for Kubernetes

Define Kubernetes Manifests

Use Go Templating in Kubernetes Manifests

Adding and Editing Inline Kubernetes Manifest Files

Upload Kubernetes Resource Files

Use a Helm Repository with Kubernetes

Link Resource Files or Helm Charts in Git Repos

Using Harness Config Variables in Manifests

Use Harness Config Files in Manifests

Override Values YAML Files

Override Harness Kubernetes Service Settings

Override Variables at the Infrastructure Definition Level

Define Your Kubernetes Target Infrastructure

Provision Kubernetes Infrastructures

Create a Kubernetes Canary Deployment

Create a Kubernetes Rolling Deployment

Create a Kubernetes Blue/Green Deployment

Kubernetes Workflow Variables and Expressions

Create Kubernetes Namespaces based on InfraMapping

Create Kubernetes Namespaces with Workflow Variables

Set Up Kubernetes Traffic Splitting

Traffic Splitting Without Istio

Deploy Manifests Separately using Apply Step

Use Kustomize for Kubernetes Deployments

Ignore a Manifest File During Deployment

Set up Kubernetes Ingress Rules

Scale Kubernetes Pods

Delete Kubernetes Resources

Upgrade to Helm 3 Charts in Kubernetes Services

Using OpenShift with Harness Kubernetes

Harness Kubernetes V2 Changes

Deploy Kubernetes Custom Resources using CRDs

Use Helm Chart Hooks in Kubernetes Deployments

Run Kubernetes Jobs

Deploy Helm Charts

Pivotal Cloud Foundry Deployments

Connect to Your Target PCF Account

Add Container Images for PCF Deployments

Adding and Editing Inline PCF Manifest Files

Upload Local and Remote PCF Resource Files

Using Harness Config Variables in PCF Manifests

Define Your PCF Target Infrastructure

Override PCF Manifests and Config Variables and Files

Create a Basic PCF Deployment

Create a Canary PCF Deployment

Create a Blue/Green PCF Deployment

Run CF CLI Commands and Scripts in a Workflow

PCF Built-in Variables

Use CLI Plugins in Harness PCF Deployments

Use the App Autoscaler Service

Terraform How-tos

Set Up Your Harness Account for Terraform

Add Terraform Scripts

Map Terraform Infrastructure

Provision using the Terraform Provision Step

Using the Terraform Apply Command

Perform a Terraform Dry Run

Remove Provisioned Infra with Terraform Destroy

Use Terraform Outputs in Workflow Steps

Traditional (SSH) Deployments How-tos

Connect to Your Repos and Target SSH Platforms

Add Artifacts and App Stacks for Traditional (SSH) Deployments

Add Scripts for Traditional (SSH) Deployments

Define Your Traditional (SSH) Target Infrastructure

Create a Basic Workflow for Traditional (SSH) Deployments

Configuration as Code Overview

Harness Account-Level Git Sync

Harness Application-Level Git Sync

Edit Harness Components as YAML

Delink Git Sync

Create a Custom Deployment

Create an Application

Create Default Application Directories and Variables

Add Specs and Artifacts using a Harness Service

Use Script Based Services

Add Service Config Variables

Add Service Config Files

Using Custom Artifact Sources

Service Types and Artifact Sources

Add a Docker Artifact Source

Add an Azure DevOps Artifact Source

Add an Environment

Add an Infrastructure Definition

Migrating from Service Infrastructures to Infrastructure Definitions

Override a Service Configuration in an Environment

Workflows

Add a Workflow

Deploy Individual Workflows

Verify Workflow

Add a Workflow Notification Strategy

Define Workflow Failure Strategy

Set Workflow Variables

Use Steps for Different Workflow Tasks

Add Phases to a Workflow

Synchronize Workflow Deployments using Barriers

Templatize a Workflow

Clone a Workflow

Configure Workflows Using YAML

Using the HTTP Command

Run Shell Scripts in Workflows

Run Jenkins Jobs in Workflows

Jira Integration

ServiceNow Integration

Control Resource Usage

Workflow Queuing

Target Specific Hosts During Deployment

Skip Workflow Steps

Rollback Production Deployments

Select Nodes in a Rolling Deployment Workflow

Workflow Steps UI Changes

Integrate Tests into Harness Workflows

Deploy Multiple Services Simultaneously using Barriers

Send an Email from Your Workflow

Create a Pipeline

Create Pipeline Templates

Pipeline Skip Conditions

Shell Script Provisioner

Infrastructure Provisioners Overview

Provision Infrastructure Without Deploying to It

Trigger Workflows and Pipelines

Trigger Deployments When a New Artifact is Added to a Repo

Trigger Deployments when Pipelines Complete

Schedule Deployments using Triggers

Trigger Deployments using Git Events

Trigger a Deployment using cURL

Get Deployment Status using REST

Trigger a Deployment when a File Changes

Trigger a Deployment using a URL

Pause All Triggers using Deployment Freeze

Harness UI Approvals

Jira Approvals

Custom Shell Script Approvals

ServiceNow Approvals

Using Variables in Workflow Approvals

Passing Variables into Workflows and Pipelines from Triggers

Pass Variables between Workflows

Harness GitOps Overview

Onboard Teams Using GitOps

Enable Continuous Efficiency for Kubernetes Clusters By Adding a Delegate

Enable Continuous Efficiency for Kubernetes Clusters With an Existing Delegate

Enable Continuous Efficiency for Amazon Web Services (AWS)

Enable Continuous Efficiency for Google Cloud Platform (GCP)

Analyze Cost Across Clusters

Analyze Cost for AWS

Analyze Cost for GCP

Create a Perspective

Perform Root Cost Analysis

Optimize Kubernetes Cluster Costs With Resource Recommendations

Create a Budget

Manage CE Communication Strategy

Use Cost Explorer APIs

Set Up 24/7 Service Guard

Apply Custom Thresholds to 24/7 Service Guard

Add AppDynamics as a Verification Provider

Monitor Applications 24/7 with AppDynamics

Verify Deployments with AppDynamics

Templatize AppDynamics Verification

Set AppDynamics Environment Variables

Connect to Bugsnag

Monitor Applications 24/7 with Bugsnag

Verify Deployments with Bugsnag

Connect to CloudWatch

Monitor Applications 24/7 with CloudWatch

Verify Deployments with CloudWatch

Connect to Datadog

Monitor Applications 24/7 with Datadog Logging

Monitor Applications 24/7 with Datadog Metrics

Verify Deployments with Datadog Logging

Verify Deployments with Datadog Metrics

Connect to Dynatrace

Monitor Applications 24/7 with Dynatrace

Verify Deployments with Dynatrace

Connect to Elasticsearch (ELK)

Monitor Applications 24/7 with Elasticsearch

Verify Deployments with Elasticsearch

Troubleshoot Verification with Elasticsearch

Connect to Logz.io

Verify Deployments with Logz.io

Connect to New Relic

Monitor Applications 24/7 with New Relic

New Relic Deployment Marker

Verify Deployments with New Relic

Troubleshooting New Relic

Connect to Prometheus

Monitor Applications 24/7 with Prometheus

Verify Deployments with Prometheus

Connect to Splunk

Monitor Applications 24/7 with Splunk

Verify Deployments with Splunk

Connect to Stackdriver

Monitor Applications 24/7 with Stackdriver Logging

Monitor Applications 24/7 with Stackdriver Metrics

Verify Deployments with Stackdriver Logging

Verify Deployments with Stackdriver Metrics

Connect to Sumo Logic

Monitor Applications 24/7 with Sumo Logic

Verify Deployments with Sumo Logic

1 – Instana Connection Setup

2 – 24/7 Service Guard for Instana

3 – Verify Deployments with Instana

Custom Verification Overview

Connect to Custom Verification for Custom Logs

Connect to Custom Verification for Custom Metrics

Monitor Applications 24/7 with Custom Logs

Monitor Applications 24/7 with Custom Metrics

Verify Deployments with Custom Logs

Verify Deployments with Custom Metrics

Connect to Datadog as a Custom APM

Verify Deployments with Datadog as a Custom APM

Connect to AppDynamics as a Custom APM

Verify Deployments with AppDynamics as a Custom APM

File Jira Tickets on Verification Events

Apply Custom Thresholds to Deployment Verification

Refine 24/7 Service Guard Verification Analysis

Refine Deployment Verification Analysis

Managing Users and Groups (RBAC)

Set Up RBAC for Application Release Process

Authentication Settings

SSO Provider Overview

Single Sign-On (SSO) with OAuth 2.0

Single Sign-On (SSO) with LDAP

Single Sign-On (SSO) with SAML

Provisioning Users with Okta (SCIM)

Two-Factor Authentication

IP Whitelist Management

API Keys

Provision Users and Groups with OneLogin (SCIM)

Provision Azure AD Users and Groups (SCIM)

Add a Secrets Manager

Managing Harness Secrets

Add Google KMS as a Harness Secrets Manager

Add an AWS KMS Secrets Manager

Add a HashiCorp Vault Secrets Manager

Add an Azure Key Vault Secrets Manager

Add an AWS Secrets Manager

Add a CyberArk Secrets Manager

Use Encrypted Text Secrets

Use Encrypted File Secrets

Add SSH Keys

Use SSH Key via Kerberos for Server Authentication

Add WinRM Connection Credentials

Create WinRM Connection Using Kerberos

Scope Secret Managers to Applications and Environments

Restrict Secrets Usage

Reference Existing Secret Manager Secrets

Migrate Secrets between Secrets Managers

Add and Use a Custom Secrets Manager

Select Secrets in Scripts at Runtime

Audit Trail

Deployment Freeze

Pipeline Governance

Monitor Deployments in Dashboards

Custom Dashboards Overview

Primary Widgets

Custom Widgets

Filters, Groups, and Tags in Primary and Custom Widgets

Completed Custom Dashboards

Create and Manage Custom Dashboards

Add and Configure Primary Widgets

Add and Configure Custom Widgets

Share a Custom Dashboard

Kubernetes Cluster On-Prem: Infrastructure Requirements

Kubernetes Cluster On-Prem: Kubernetes Cluster Setup

Harness On-Prem Support Policy for Kubernetes

Virtual Machine On-Prem: Infrastructure Requirements

Virtual Machine On-Prem: Installation Guide

On-Prem Component Metrics for Scaling and Management

Harness Disconnected On-Prem Setup

OpenShift Connected On-Prem Setup

Migrate Legacy Connected On-Prem to New KOTS-based Harness On-Prem

View Harness Git Sync Activity

Introduction to Harness GraphQL API

Harness API Explorer

API Schema and Structure

Building Applications Using Postman

Trigger Workflows or Pipelines Using GraphQL API

Filter Harness Entities using Harness Tags in the API

Fetch Artifact Source Details Using GraphQL APIs

Use Cloud Providers API

Use Harness Applications API

Use Workflows API

Use Services API

Use Pipelines API

Use Trigger APIs

Fetch Artifact Type Details Using GraphQL APIs

Use Users and Groups API

Use Audit Trails API

Use API to Retrieve IDs by Name

Encrypted Text API

Encrypted Files API

SSH Credentials API

WinRM Credentials API

Add Git Connectors Using API

Add a Docker Artifact Source Using API

Add a Nexus Artifact Source Using API

Add a Helm Artifact Source Using API

Deprecated API Features

Fetch Users By Email Address

Leverage Harness GraphQL APIs in Automation Scripts

Harness YAML Code Reference

What is a Harness Variable Expression?

Built-in Variables List

Availability and Scope of Harness Variables

Variable Override Priority

JSON and XML Functors

Extracting Characters from Harness Variable Expressions

Serverless Functions Dashboard

Harness Search

Delegate Connection Requirements

Common Delegate Profile Scripts

Install Workflow Step

Select Nodes Workflow Step

Artifactory Artifact Sources

Nexus Artifact Sources

Kubernetes Versioning and Annotations

Verification Event Classifications

Secrets and Log Sanitization

Troubleshooting

Harness Kubernetes Implementation v1 FAQ

Diagnose Git Sync Errors

Deployment Concepts and Strategies

CI/CD with the Build Workflow

Artifact Build and Deploy Pipelines Overview

AWS AMI Deployments Overview

AMI Spotinst Elastigroup Deployments Overview

AWS ECS Deployments Overview

AWS Lambda Deployments Overview

Azure Kubernetes Service (AKS) Deployments Overview

Native Helm Deployments Overview

IIS (.NET) Deployments Overview

Kubernetes Deployments Overview

Pivotal Deployments Overview

Terraform Provisioning with Harness

CloudFormation Provisioning with Harness

Shell Script Provisioning with Harness

Account and Application Templates

Harness HashiCorp Integrations

Traditional Deployments (SSH) Overview

Continuous Efficiency Overview

Cost Explorer Walkthrough

What Is Continuous Verification (CV)?

Why Perform Continuous Verification?

When Does Harness Verify Deployments?

How Does Harness Perform Continuous Verification?

Who Are Harness' Verification Providers?

Verification Results Overview

Harness Verification Feedback Overview

24/7 Service Guard Overview

CV Strategies, Tuning, and Best Practices

Continuous Verification Metric Types

AppDynamics Verification Overview

Bugsnag Verification Overview

CloudWatch Verification Overview

Datadog Verification Overview

Dynatrace Verification Overview

Elasticsearch Verification Overview

Instana Verification Overview

Google Operations (formerly Stackdriver) Overview

New Relic Verification Overview

Prometheus Verification Overview

Splunk Verification Overview

Sumo Logic Verification Overview

What is Secrets Management?

Continuous Deployment FAQs

Continuous Efficiency FAQs

Continuous Verification FAQs

Harness Security FAQs

Harness GraphQL API FAQs

Harness Delegate FAQs

Harness On-Prem Release Notes

Harness SaaS Release Notes

Customer Case Studies

Overview of Harness

Canary Deployment Video

Create an Application and Service Video

Create an Environment Video

Create a Workflow Video

Create a Pipeline Video

Create a Trigger Video

Overview of Continuous Efficiency

Cost Explorer Overview

All Categories > Technical Reference > Account > Delegates > Delegate Connection Requirements

Delegate Connection Requirements

Updated 5 months ago by Michael Cretzman

How does Harness Connect to Providers?
Harness Delegate Connection to Harness Manager
Permissions and Ports for Harness Connections

This article lists the permissions and ports that the Harness Delegate requires to access your artifact servers, cloud providers, and verification and security providers.

How does Harness Connect to Providers?

Harness Manager connects to artifact servers, cloud providers, verification providers, and security providers using the Harness Delegate. You download the Harness Delegate from the Harness Manager and install it in your network or VPC.

For information on Harness architecture, see .

The Delegate connects to the Harness Manager only via an outbound HTTPS/WSS connection over port 443. There is no inbound connection from the Harness Manager to the Delegate.

The Delegate and the Harness Manager (via SaaS) establish a Secure WebSocket channel (WebSocket over TLS) to send new Delegate task event notifications (not the tasks themselves) and exchange connection heartbeats. In the case that the WebSocket connection is dropped, the Harness Delegate falls back to outbound-only, polling-based task fetch.

In the Harness Manager, you configure artifact servers, cloud providers, verification, and security providers using your account credentials with those providers. The Delegate uses those credentials when it uses your providers in the Harness deployment, verification, and security processes.

Harness Delegate Connection to Harness Manager

The Delegate runs from within your enterprise network or VPC and only connects to the Harness Manager with a secure outbound HTTPS connection over port 443.

HTTPS port 443 outbound from locally-installed delegate to the Harness Manager.
HTTPS port 443 from your browser to the Harness Manager.

The Harness Delegate does NOT require root account access, but the Kubernetes, ECS, and Docker Delegates run as root by default. This is to enable the Delegate to install applications using Delegate Profiles (apt-get, etc). If you do not need to install applications using Delegate Profiles, then you can use a non-root account or install the application without the Delegate.

Permissions and Ports for Harness Connections

The following table lists the permissions and ports needed for the Harness Delegate to access artifact servers, cloud providers, verification, and security providers. You configure these settings in the Harness Manager.

Artifact servers: The Delegate pulls artifacts and metadata from artifact servers using the account and ports required by the artifact server.
Deployments: Most Harness deployments to Virtual Machines (for example, AWS, GCP, Azure, Datacenter) are performed using SSH over port 22. The VPC firewall setting might also require additional open ports for administration, such as HTTP 443.
Verifications: The Delegate makes API calls to verification providers using the access keys required by the providers.
Security: For security, such as SAML and LDAP, the Delegate uses the account and ports required by the provider, such as a Active Directory domain controller running in a Azure or AWS VPC.

In general, if you are already connecting to your artifact servers, cloud, verification, and security providers from within your network or VPC, and you install the Harness Delegate inside that network or VPC, there is little network or VPC configuration needed. You simply need to specify accounts and ports when configuring Harness to use the providers.

Connections	Permissions and Harness Docs	Ports for Delegate Connections to Services	Provider References
Active Directory LDAP	User account in the Active Directory.	HTTPS: 443. LDAP without SSL: 389. Secure LDAP (LDAPS): 636.	Users and Groups
AppDynamics	General permission: View, Edit and Delete permissions for new applications can be set as part of the default permissions for a custom role.	HTTP: 80	General Permissions
AWS Cloud	IAM user to be able to make API requests to AWS.	Depends on the firewall settings of your VPC, but typically, HTTP: 443.	Creating an IAM User in Your AWS Account
AWS CodeDeploy	Policies: AWSCodeDeployRole AWSCodeDeployDeployerAccess AWSCodeDeploy	HTTPS: 443.	AWS Managed (Predefined) Policies for AWS CodeDeploy
AWS EC2	Policy: AmazonEC2FullAccess	HTTP: 80. HTTP: 443. TCP: 9090.	Controlling Access to Amazon EC2 Resources
AWS ELB, ALB, ECS	Policy for Elastic Load Balancer, Application Load Balancer, and Elastic Container Service:	Well-known ports: 25, 80, 443, 465, and 587.	Amazon ECS Service Scheduler IAM Role
AWS S3	Policy: AmazonS3ReadOnlyAccess	HTTP: 443.	Creating an IAM User in Your AWS Account
Azure	Client (Application) and Tenant (Directory) IDs, and Key.	Windows VMs (WinRM ports): HTTP: 5985, HTTPS: 5986.	Get application ID and authentication key
Bamboo	Username and password for account.	HTTP: 443. TCP: 8085.	Bamboo permissions
Bugsnag	Data Access API Auth Token.	The Bugsnag Data Access API is exposed on the same TCP port as the dashboard, 49080.	Data Access API Authentication
Datadog	API Key.	HTTPS: 443.	Open Ports
Docker Registry	User permission level.	TCP: 8083.	Permission levels
Dynatrace	Access token.	HTTPS: 443.	Access tokens
ELK Elasticsearch	User (Read permission) or Token Header and Token Value.	TCP: 9200.	User authentication
Github Repo	User account: repository owner. Organization account: read and write.	HTTP: 443.	Permission levels for a user account repository Repository permission levels for an organization
Google Cloud Platform (GCP)	Policies: Kubernetes Engine Admin. Storage Object Viewer. Google Cloud Platform (GCP)	SSH: 22.	Understanding Roles
JFrog Artifactory	Privileged User: Read permission.	HTTP: 443.	Managing Permissions
Jenkins	Matrix-based: Read permission. Execute Permission, if jobs are triggered from Workflow.	HTTPS: 443.	Matrix-based security
Kubernetes Cluster	One of the following: Same cluster as kubernetes delegate. Use this option if you installed the Harness delegate in your cluster. Username and password. CA certificate, client certificate, and client key. Key passphrase and key algorithm are optional. For OpenShift: Kubernetes service account token. Kubernetes Cluster	Depends where the cluster is hosted, such as GCP or AWS.	Authenticating
Logz	Token-based.	HTTPS: 443.	Announcing the Logz.io Search API
OpenShift	Kubernetes service account token.	HTTPS: 443.	Enabling Service Account Authentication
New Relic	API key.	HTTPS: 443.	Access to REST API keys
Nexus	User account with Repository View Privilege or read for repository.	TCP: 8081.	Nexus Managing Security
Pivotal Cloud Foundry	User account with Admin, Org Manager, or Space Manager role. The user account must be able to update spaces, orgs, and applications.	HTTP: 80 or 443.	Orgs, Spaces, Roles, and Permissions
Prometheus	None.	Depends on where the Prometheus server is hosted. For example, on AWS, port 9090 might be required.	Configuration
SMTP	None.	TCP: 25.
Splunk	User account with Read permissions on eventtypes objects.	TCP: 8089 for API.	Set permissions for objects in a Splunk app
Sumo Logic	User account with access ID and key and query permissions.	HTTPS: 443.	API Authentication
WinRM	User account in the same Active Directory domain as the Windows instances the connection uses.	HTTP: 5985. HTTPS: 5986 and 443. SSH: 22.	Installation and Configuration for Windows Remote Management

Delegate Connection Requirements

How does Harness Connect to Providers?

Harness Delegate Connection to Harness Manager

Permissions and Ports for Harness Connections

How did we do?

Related Articles Delegate Requirements and Limitations Harness Delegate Overview Add Self-Signed Certificates for Delegate Connections

Feedback

Related Articles

Delegate Requirements and Limitations

Harness Delegate Overview

Add Self-Signed Certificates for Delegate Connections