Skip to main content

Supported platforms and technologies

This topic lists Harness support for platforms, methodologies, and related technologies for NextGen modules.

Continuous Delivery (CD) and GitOps

This section lists the supported CD features and integrations you can use in Harness for deploying and verifying your apps.

Platform features for all deployment types

Access control

Role-based access control (RBAC) lets you control who can access your resources and what actions they can perform on the resources. To do this, a Harness account administrator assigns resource-related permissions to members of user groups.

Secrets management

Harness includes a built-in Secret Management feature that enables you to store encrypted secrets, such as access keys, and use them in your Harness connectors and pipelines.

For more information, go to Harness Secrets Management Overview.

In addition to the built-in Secret Manager, Harness Platform supports the cloud platform secrets management services in the following table.

Provider NameKey Encryption SupportEncrypted Data Stored with HarnessSupport for Referencing Existing Secrets
AWS KMSYesYesNo
AWS Secret ManagerYesNoYes
Hashicorp VaultYesNoYes
Azure Key VaultYesNoYes
Google KMSYesYesNo

Delegates

Harness packages and distributes delegates on different types of images. Delegate images are identified by the delegate name. Image types are distinguished by tag.

Delegate-Legacy End of Support (EOS) notice

This is an End of Support (EOS) notice for the Delegate-Legacy image type. This image type reached End of Support (EOS) as of January 31, 2024.

End of Support means the following:

  • Harness Support will no longer accept support requests for the Delegate-Legacy image type in both Harness FirstGen and Harness NextGen (including Harness Self-Managed Enterprise Edition (SMP)).
  • Security fixes will still be addressed.
  • Product defects will not be addressed.
Image typeImage tagImage description
DELEGATEyy.mm.xxxxxThe release year, month, and version in dot-separated format. Supported on both NextGen and FirstGen Harness Platform.
DELEGATE-MINIMALyy.mm.xxxxx.minimalThe minimal tag is appended to the release year, month, and version in dot-separated format. Supported on both NextGen and FirstGen Harness Platform.
DELEGATE-LEGACYlatestDelegate that auto upgrades with no flexibility to turn off auto upgrade (DEPRECATED)

AuthN

The following table lists the supported Authentication features and various ways to authenticate users. Users in Administrator groups can use Authentication Settings to restrict access to an organization's Harness account. The options you choose will apply to all of your account's users.

For more information, go to Authentication overview.

SSO TypeSSO ProvidersAuthentication SupportedAuthorization (Group Linking) SupportedSCIM Provisioning
SAML 2.0OktaYesYesYes
Microsoft Entra IDYesYesYes
OthersYesYesNo
OneLoginYesYesYes
OAuth 2.0GithubYesNoN/A
GitLabYesNoN/A
BitbucketYesNoN/A
GoogleYesNoN/A
AzureYesNoN/A
LinkedInYesNoN/A
LDAP (Delegate connectivity needed)Active DirectoryComing soonComing soonN/A
Open LDAPComing soonComing soonN/A
Oracle LDAPComing soonComing soonN/A

Notifications

Git experience

Harness Git Experience allows you to store your resource configurations, such as pipelines and input sets, in Git.

Supported Git providers​

The following section lists the support for Git providers for Harness Git Sync:​

  • GitHub
  • Bitbucket Cloud
  • Bitbucket Server
  • Azure Repos
  • GitLab

Supported Harness entities​

You can save the following Harness resources in Git using Harness Git Experience:

  • Pipelines
  • Input sets
  • Templates
  • Services
  • Environments
  • Infrastructure Definitions
note

Artifact Source templates are not supported with Git Experience.

Accounts, orgs, projects

The following table lists the resources that are available at various scopes in Harness:

ResourcesAccountOrgProject
PipelineNoNoYes
ServicesYesYesYes
EnvironmentsYesYesYes
Git ManagementNoNoYes
ConnectorsYesYesYes
SecretsYesYesYes
SMTP ConfigurationYesNoNo
TemplatesYesYesYes
Audit TrailYesYesYes
DelegatesYesYesYes
GovernanceYesYesYes
Kubernetes
  • Overview:

  • Supported connectors for deployment:

    • Kubernetes connector
      • Username and password
      • Client key and secret
      • OIDC authentication
      • Kubernetes service account
      • Assume role binding on delegate configuration
    • Google Cloud connector (GKE authentication)
      • Service Account
      • Google Cloud Role on Delegate
      • Workload Identity
    • Azure Cloud Connector (AKS Authentication)
      • Subscription Id
      • Principal and Service Account
      • GovCloud Support
    • AWS Cloud Connector (EKS Authentication)
      • IRSA
      • Access Key and Secret Key
      • IAM Role
      • GovCloud Support
  • Supported platforms for deployment:

    • Self Hosted Kubernetes
    • Google Kubernetes Engine
    • Azure Kubernetes Engine
    • AWS Elastic Kubernetes Service
    • Red Hat OpenShift
  • Versions and tooling support:

    • Kubectl Client Versions:
      • 1.16
      • 1.27
      • We support what each of the Cloud Providers support. We recommend users to keep their binary versions up to date.
      • By default, Harness ships with kubectl client - 1.24.3
      • Harness has certified versions 1.25, 1.26, and 1.27 of kubectl. You must install the respective client version of the delegate for Harness to leverage it.
    • Tooling:
      • OpenShift - oc client binary
      • Kustomize - kustomize binary
      • Helm - Helm 3.12 and 2.8 binary.
      • Helm 3.8 can be supported via feature flag.
  • Limitations:

    • Helm:
      • Helm Hooks are not supported for this swimlane. Harness manages and orchestrates the manifests and their release.
      • Kustomize:
        • Kustomize Patches are only supported in YAML, not JSON
        • Kustomize Containerized Plugins are not supported
        • Kustomize manifests and patches do not support the custom remote manifest feature.
      • Harness managed resources:
        • Deployment
        • Secrets
        • ConfigMap
        • StatefulSet
        • HorizontalPodAutoScalar
        • PodDisruptionBudget
  • Deployment Performance

    • Helm deployments might start failing at the delegate due to a large index.yaml files. This causes a CPU spike on the delegate. If you do not provide enough resources to the delegate, you might see failures in pipeline executions.
    • Certified Limits:
      • Index.yaml file size limit 15Mb
      • 5000 Helm charts have been deployed
      • Kubernetes delegate size: 8GB, 2 CPU
      • 10 parallel deployments
  • Supported integrations:

    • Traffic Shifting for Advanced Deployment Strategies:
      • Istio
      • Nginx Ingress Controller
    • All manifest type sources for fetching Kubernetes resources:
      • Github
      • Gitlab
      • Bitbucket
      • Custom Remote Source Repository
      • Harness Local File Store
    • For Helm Chart Type Manifests we also support:
      • Generic Git Provider
      • Google Cloud Storage
      • Amazon S3 Storage
      • Helm OCI Repository (ACR, ECR, GAR, Artifactory)
      • Helm HTTP Server Repository (Nexus, Artifactory)
    • Artifact repository supported to deploy with manifest:
      • DockerHub
      • Amazon Elastic Container Registry
      • Google Container Registry
      • Azure Container Registry
      • Custom Artifact Source
      • Google Artifact Registry
      • Github Package Registry
      • Nexus 3 (Sonatype 3.50.0 and previous supported)
      • Artifactory

For details on what you can deploy, go to What Can I Deploy in Kubernetes?.

Kubernetes version support

The following versions are tested and supported for Kubernetes Canary, Rolling, and Blue/Green deployments:

  • 1.13.0
  • 1.14.0
  • 1.15.0
  • 1.16.0
  • 1.17.0
  • 1.18.0
  • 1.19.4
  • 1.20.0
  • 1.21.0
  • 1.22.0
  • 1.23.0
  • 1.24.3
  • 1.24.9
  • 1.25.6
  • 1.26.0
  • 1.27.0

For details on other tools and versions included in Harness, see Delegate-required SDKs.

Guidelines:

  • Harness will officially support 3 previous versions from the last stable release. For example, the current most recent stable release is 1.25.6, and so Harness supports 1.24, 1.23, and 1.22.
  • Harness supports any other versions of Kubernetes you are using on a best effort basis.
  • Harness commits to support new minor versions within 3 months of the first stable release. For example, if the stable release of 1.25.6 occurs on April 15th, we will support it for compatibility by July 15th.

Helm notes

Helm chart dependencies are not supported in Git source repositories. Helm chart dependencies are supported in Helm Chart Repositories.

Azure AKS clusters

To use an AKS cluster for deployment, the AKS cluster parameter disableLocalAccounts can be set either true or false.

Native Helm
  • Overview:
  • Supported connectors for deployment:
    • Kubernetes Connector
      • Username + Password
      • Client Key and Secret
      • OIDC Authentication
      • Kubernetes Service Account
      • Assume Rolebinding on Delegate Configuration
    • Google Cloud Connector (GKE Authentication)
      • Service Account
      • Google Cloud Role on Delegate
      • Workload Identity
    • Azure Cloud Connector (AKS Authentication)
      • Subscription ID
      • Principal and Service Account
      • GovCloud Support
    • AWS Cloud Connector (EKS Authentication)
      • IRSA
      • Access Key and Secret Key
      • IAM Role
      • GovCloud Support
  • Supported platforms for deployment:
    • Self Hosted Kubernetes
    • Google Kubernetes Engine
    • Azure Kubernetes Engine
    • AWS Elastic Kubernetes Service
    • Red Hat OpenShift
  • Versions and tooling support:
    • Helm Client Versions: 2.8 - 3.8
    • We support what each of the Cloud Providers support, we recommend users to keep their binary versions up to date
    • By default Harness ships with helm client 2.8 and 3.12.
    • Tooling:
      • OpenShift - oc client binary
      • Kustomize - kustomize binary
      • Helm - Helm 3.12 & 2.8 binary. Helm 3.8 can be supported via feature flag.
  • Limitations:
    • Helm 2 is deprecated so there is limited support for Helm 2.
    • Helm 3 is now the default for Harness Helm Chart Deployments.
    • Helm Plugins are not supported
    • Only Basic Deployment Strategy supported (No Canary or Blue-Green Support Out of the box)
  • Supported integrations:
    • Manifest Sources for fetching Helm Chart:
      • Github
      • Gitlab
      • Bitbucket
      • Generic Git Provider
      • Custom Remote Source Repository
      • Google Cloud Storage
      • Amazon S3 Storage
      • Helm OCI Repository (ACR, ECR, GAR, Artifactory)
      • Helm HTTP Server Repository (Nexus, Artifactory)
      • Harness Local File Store
    • Artifact Repository for Container Images to deploy with Chart:
      • DockerHub
      • Amazon Elastic Container Registry
      • Google Container Registry
      • Azure Container Registry
      • Custom Artifact Source
      • Google Artifact Registry
      • Github Package Registry
      • Nexus 3 (Sonatype 3.50.0 and previous supported)
      • Artifactory

Notes

Helm chart dependencies are not supported in Git source repositories. Helm chart dependencies are supported in Helm Chart Repositories.

Amazon ECS
  • Overview:
  • Supported connectors for deployment:
  • AWS Cloud Connector
    • IRSA
    • Access Key and Secret Key
    • IAM Role
    • GovCloud Support
  • Supported platforms for deployment:
    • AWS Cloud, any region
    • AWS - Launch Types:
      • Amazon ECS - EC2 - Generally Provisioned Instances
      • Amazon ECS - EC2 - Spot Backed Instances
      • Amazon ECS - Fargate
  • Versions and tooling support:
    • AWS SDK
  • Supported integrations:
    • ECS Service Discovery - Supported via Service Definition
    • ECS Circuit Breaker - Supported via Service Definition
    • Artifact Repository:
      • DockerHub
      • Amazon Elastic Container Registry
      • Azure Container Registry
      • Custom Artifact Source
      • Github Package Registry
      • Nexus 3 (Sonatype 3.50.0 and previous supported)
      • Artifactory
Amazon AMI/ASG
  • Overview:
  • Supported connectors for deployment:
    • AWS cloud connector
      • IRSA
      • Access Key and Secret Key
      • IAM Role
      • GovCloud Support
  • Supported platforms for deployment:
    • AWS cloud, any region
  • Versions and tooling support:
    • AWS SDK
AWS Lambda
  • Overview:
  • Supported connectors for deployment:
    • AWS Cloud Connector
      • IRSA
      • Access Key and Secret Key
      • IAM Role
      • GovCloud supported
  • Supported platforms for deployment:
    • AWS cloud, any region
  • Versions and tooling support:
    • AWS SDK
  • Supported integrations:
    • Artifact Repository Supported to Deploy with Function Definition:
      • Amazon Elastic Container Registry
      • Amazon S3
AWS SAM
  • Overview:
  • Supported connectors for deployment:
    • AWS cloud connector
      • Access key and secret key
  • Supported platforms for deployment:
    • AWS cloud, any region
  • Versions and tooling support:
    • AWS SDK
    • Harness supports standard SAM templates.
  • Supported integrations:
    • All Git providers are supported for SAM templates.
    • Currently, you cannot add artifacts to your Harness SAM service.
Traditional: WinRM
  • Overview:
  • Supported connectors for deployment:
    • AWS Cloud Connector
      • IRSA
      • Access Key and Secret Key
      • IAM Role
      • GovCloud Support
    • Azure Cloud Connector (AKS Authentication)
      • Subscription Id
      • Principal and Service Account
      • GovCloud Support
  • Supported platforms for deployment:
    • AWS Cloud
    • Azure Cloud
    • Physical Datacenter
Traditional: SSH
  • Overview:
  • Supported connectors for deployment:
    • AWS Cloud Connector
      • IRSA
      • Access Key and Secret Key
      • IAM Role
      • GovCloud Support
    • Azure Cloud Connector (AKS Authentication)
      • Subscription Id
      • Principal and Service Account
      • GovCloud Support
  • Supported platforms for deployment:
    • AWS Cloud
    • Azure Cloud
    • Physical Datacenter
  • Linux SSH Setups
    • Ubuntu Version 22+
    • RHEL9 (Red Hat Enterprise Linux 9)
    • SSH libraries supported:
      • SSHJ: used in our HashiCorp Vault SSH integrations.
      • JSCH: used in our SSH deployment types.
      • To see the hostkey formats for these libraries, go to the SSH implementation comparison.
  • Limitations:
    • Google Compute Engine (Virtual Machine Targets)
      • Limited Support, Harness can connect to Google VMs via an SSH Key, not via Google Cloud Authentication
Tanzu Application Service (formerly Pivotal Cloud Foundry)
  • Overview:
  • Supported connectors for deployment:
    • Tanzu Connector
      • Endpoint URL, Username and Password
  • Supported platforms for deployment:
    • On Premise Cloud Foundry Installations
    • VMware Tanzu Platform
  • Versions and tooling support:
    • Binary Versions:
      • CF CLI v7
Google Functions
  • Overview:
  • Supported connectors for deployment:
    • Google Cloud Connector
    • Service Account
  • Supported platforms for deployment:
    • Google Cloud, any region
  • Versions and tooling support:
    • Google SDK. Supported versions:
      • Google Functions Gen 1
      • Google Functions Gen 2
  • Deployment strategies:
    • Google Functions Gen 1: Basic.
    • Google Functions Gen 2: Basic, blue green, canary.
  • Supported integrations:
    • Artifact Repository:
      • Google Cloud Storage
      • Google Cloud Storage and Google Cloud Source (Gen 1 Only)
Spot Instances
  • Overview:
  • Supported connectors for deployment:
    • Spot Connector
      • AccountID + API Token
  • Supported platforms for deployment:
    • AWS cloud, any region
  • Limitations:
    • Deployment Behavior:
      • Incremental Traffic Shifting for SpotInst Deployment is not supported
      • VM-based Deployments are supported via Elastigroup configuration
Serverless.com Framework
  • Overview:
  • Supported connectors for deployment:
    • AWS Cloud Connector
      • IRSA
      • Access Key and Secret Key
      • IAM Role
  • Supported platforms for deployment:
    • AWS cloud, any region
  • Versions and tooling support:
    • Supported Binary Versions:
      • serverless.com 1.x
      • serverless.com 2.x
      • serverless.com 3.x
  • Limitations:
    • Deployment Behavior:
      • Harness only supports AWS Lambda Functions to be deployed via Serverless.com Framework
      • Harness builds and deploys Lambda Functions> You cannot split up the tasks to build functions and deploy functions separately as part of Harness support.
    • Not supported application types:
      • Google Functions
      • Azure Functions
    • Serverless.com 1.x (limited support). Not all capabilities supported.
    • Basic deployment supported. No out-of-the-box canary and blue green deployment supported.
  • Supported integrations:
    • Serverless.com plugins:
      • Harness supports all the Serverless.com plugins. Please make sure they are compatible with the version of Serverless.com you are using.
    • Artifact Repository:
      • DockerHub
      • Amazon Elastic Container Registry
      • Artifactory
      • Amazon S3
Azure WebApps
  • Overview:
  • Supported connectors for deployment:
    • Azure Cloud Connector (AKS Authentication)
      • Subscription Id
      • Principal and Service Account
      • GovCloud Support
  • Supported platforms for deployment:
    • Azure cloud, any Region
  • Versions and tooling support:
    • Azure SDK
Builds in CD

Continuous Integration (CI) can be performed in Harness using the module and CI pipelines.

If you are using Harness Continuous Delivery (CD) but not Harness Continuous Integration (CI), you can still perform CI using the Jenkins step in your CD stage.

Harness integrates with Jenkins, enabling you to run Jenkins jobs and dynamically capture inputs and outputs from the jobs.

Harness has been tested with the following versions of Jenkins:

GitOps

Harness GitOps lets you perform GitOps deployments in Harness. You define the desired state of the service you want to deploy in your Git manifest, and then use Harness GitOps to sync state with your live Kubernetes cluster.

GitOps supports the following:

  • Argo CD version supported: 2.8.2.
  • Source Repositories:
    • All Git providers.
    • HTTP Helm repos.
  • Target clusters:
    • Kubernetes clusters hosted on any platform:
      • GKE.
      • AKS.
      • EKS.
      • Other Kubernetes-compliant clusters.
      • OpenShift version 3.11, 4.x.
      • Minikube.
      • Kubernetes Operations (kops).
  • Repository Certificates:
    • TLS Certificate (PEM format).
    • SSH Known Host Entry.
  • GnuPG Keys:
    • GnuPG Public Key Data (ASCII-armored).
  • Limitations:
    • Self-hosted environments
      • Agents installed in custom namespaces are not yet supported.
Local (Harness Community Edition)

Harness CD Community Edition is a lightweight version of Harness that you can download and run on your laptop or any VM.

Harness CD Community Edition is intended to get devs started with Harness quickly without having to sign up for a Harness SaaS account.

Custom

For non-native deployments, Harness provides a custom deployment option using Deployment Templates.

Notes

  • AWS and Azure GovCloud: Harness is now certified in Azure GovCloud and AWS GovCloud.

Harness Self-Managed Enterprise Edition (SMP) including offline Environments

All CD features supported in Harness SaaS are also supported in Self-Managed Enterprise Edition with the following exceptions:

  • Dashboards: Harness CD Dashboards might not be completely functional with a bundled Timescale community edition version installation.
  • Triggers: The feature flag CD_GIT_WEBHOOK_POLLING must be enabled for Github polling with two factor authentication. For more information, go to Polling frequency.
  • ServiceNow: ServiceNow versions Utah and earlier are supported.
  • Jira: Jira on-premise versions < 9.0 are supported. To support Jira on-premise >= 9.0, the feature flag SPG_USE_NEW_METADATA must be enabled.
  • Policy as Code: Harness Git Experience support for OPA policies is not supported in Self-Managed Enterprise Edition.
  • Harness AI Development Assistant (AIDA): To support AIDA in Self-Managed Enterprise Edition running in an offline environment, you must add https://harness.openai.azure.com to your allowlist.

Continuous Integration (CI)

The following table lists Harness support for CI platforms, repos, registries, and related technologies.

Source Code Management (SCM)Artifact repositoriesContainer registriesBuild farm platformsTesting frameworks
  • Azure Repos
  • Bitbucket
  • GitHub
  • GitLab
  • AWS CodeCommit
  • Harness Code Repository
  • Other (platform-agnostic Git connector)
  • JFrog Artifactory
  • AWS S3
  • GCP GCS
  • Sonatype Nexus
  • Azure Container Registry (ACR)
  • Amazon Elastic Container Registry (ECR)
  • Google Container Registry (GCR)
  • Docker registries (e.g. Docker Hub)
  • Other
  • Harness Cloud (built-in)
  • Kubernetes cluster (platform agnostic)
  • Amazon Elastic Kubernetes Service (Amazon EKS)
  • Google Kubernetes Engine (GKE)
  • AWS Linux and Windows VMs
  • Red Hat OpenShift 4
  • Other
  • Bazel
  • Maven
  • Gradle
  • NET CLI
  • Nunit
  • Other

Continuous Verification

Harness supports the following Application Performance Monitoring (APM) and log management tools:

APM tools

Harness CV supports the following APM tools:

  • AppDynamics
  • Amazon CloudWatch
  • Custom health source
  • Datadog
  • Dynatrace
  • Google Cloud Operations (formerly Stackdriver)
  • New Relic
  • Prometheus (includes support for AWS Prometheus)
  • Splunk Observability (formerly SignalFx)
  • Sumo Logic

Harness supports most of the popular APM tools, but there may be instances where Harness don't have a native connector. Using the Harness Custom Health Source feature, you can integrate such APM tools with Harness.

Log management tools

Harness CV supports the following log management tools:

  • Datadog
  • Elasticsearch
  • Google Cloud Operations (formerly Stackdriver)
  • Grafana Loki
  • Splunk
  • Sumo Logic

Harness supports most of the popular log management tools, but there may be instances where Harness don't have a native connector. Using the Harness Custom Health Source feature, you can integrate such log management tools with Harness.

Cloud Cost Management

info

CCM FirstGen support is discontinued as of December 31, 2022. To migrate to Next Gen, please create Next Gen connectors and delete any existing First Gen connectors.

This topic provides the Harness Cloud Cost Management supported platforms and feature support matrix:

FeaturesAWSAzureGCPKubernetesRBAC Support
Perspectives
Cost categories
BI dashboards
Anomaly detection
Currency standardization
Inventory managementSupported services and products:
  • EC2
  • RDS
  • EBS
Supported services and products:
  • Azure VM
Supported services and products:
  • Instances
  • Disks
NAManaged through Dashboards
Perspectives

Feature summary

Different stakeholders in an organization care about different slices of your cloud data. Perspectives allow you to monitor the slice of data you are interested in. It also shows contextual recommendations and anomalies, tying in real time alerting and budgets to the specific style of data.

Benefits

  • Perspectives can help you monitor cloud costs, tie them back to optimization opportunities, and set budget to govern costs along with reporting and alerting capabilities.
  • Single pane of glass across multiple cloud and cluster costs.
  • Slice and dice data across multiple dimensions across cloud providers.
  • Deep resource-level visibility for K8s and ECS clusters.

Prerequisites

Any of the following CCM cloud connectors in a healthy state:

  • AWS
  • GCP
  • Azure
  • K8s

Supported Integrations

Terraform support - coming soon

Supported Platforms

  • SaaS
  • SMP

Notes

  • Upper limit of 10,000 perspectives
  • Resource-level granularity is not feasible in cloud perspectives
  • Perspective Preferences
    • Not supported for Azure and Kubernetes
    • RBAC is not supported
  • Data level and connector level RBAC is not supported
  • The total cost displayed on the perspective list page is pre-computed (performed once per day) and could potentially deviate from the real-time costs presented within the perspective.

Perspectives overview

Cost category

Feature summary

Cost categories are a rule-based engine that attaches additional metadata to categorize cloud spending. Enabling organizations to align costs with context most relevant to their showback and chargeback models.

Cost categories also enable you to reshare specific costs (Shared) with different sharing strategies.

Benefits

  • Contextualize cloud spending
  • Cost sharing to manage shared/ common pool resources

Prerequisites

Any of the following CCM cloud connectors in a healthy state:

  • AWS
  • GCP
  • Azure
  • K8s

Supported Platforms

  • SaaS
  • SMP

Notes

  • Maximum limits

    • Cost Buckets: 1000
    • Shared Buckets: 10
  • Dashboard limitations

    • Any changes to the cost categories will only be reflective for the current month data onwards. Historical data will point to the state of cost categories at that point in time.
    • Cost category metadata attribution doesn’t work for any historical data, it is only from the point of cost category creation.
    • Not supported in dashboards for cluster, AWS, GCP & Azure models. Only supported in the Unified Model.
    • Shared cost data attribution of cost categories doesn’t flow into dashboards.
  • Perspectives limitations

    • Perspectives always rely on the current state of cost categories, everything is generated dynamically real-time.
    • Sharing of unallocated costs among cost buckets is not supported

Cost Categories overview

Currency Standardization

Feature summary

Currency standardization allows you to view your cloud spend data in the currency of your choice. It provides more consistent, easy-to-consume, and meaningful cloud analytics across the entire business.

Benefits

If you have cloud provider bills in different currencies, currency standardization helps you normalize all costs into a single currency of your choice.

Supported Platforms

  • SaaS

Notes

  • After standardizing the currency, historical cluster data is not backfilled automatically. Today a support request has to be raised to replay/backfill data.

  • You can configure your preferred currency only once. It can't be updated later.

  • The currency symbol in dashboards don't change, but the cost values are displayed in the preferred currency.

  • Only 15 currencies are supported

  • Default currency conversion factor is picked up from the CUR and falls back to public API.

  • Option to change currency conversion factor. The new factor will be used to:

    • Reflect current month’s data and new data for cloud
    • Reflect current day’s data and new data for cluster
  • Currency representation based on locale. Default is en-us locale.

  • After configuring it may take up to 24 hours for the converted value to be displayed.

Set up currency preferences

Anomalies

Feature summary

Anomaly detection helps detect unusual spending patterns in your clusters costs and cloud accounts. Cloud cost anomaly detection can be used as a tool to keep cloud costs under control. It also provides alerting capabilities (email and Slack) so that stakeholders are notified of each anomaly that's detected.

Benefits

  • Early detection of unusual expenses: Anomaly detection can quickly identify unusual spending patterns or unexpected costs. This early detection allows businesses to address potential issues promptly, preventing further financial losses.
  • Realtime alerting: This can help relevant teams get notified proactively.

Prerequisites

Any of the following CCM cloud connectors in a healthy state:

  • AWS
  • GCP
  • Azure
  • K8s

Supported Platforms

  • SaaS
  • SMP

Notes

  • CCM detects anomalies only for the following time series:

    • Clusters: cluster name, namespaces
    • AWS: Account, Service, Usage Type
    • GCP: Projects, Products and SKUs
    • Azure: Subscription ID, Service Name, and Resources
  • Anomaly are detected once every 24 hours

  • Anomaly are detected in one of the two cases:

    • Actual cost - Predicted Cost > $75
    • Actual Cost / Predicted Cost >= 1.25X

Detect cloud cost anomalies

BI Dashboards

Feature summary

Custom dashboards enable you to leverage the full functionality of BI platform backed by the simple data models exposed by Cloud Cost Management.

Benefits

  • Data Visualization: BI Dashboards allows users to create interactive and visually appealing dashboards and reports. This makes it easier for users to understand complex data sets and gain insights.

  • Real-time Data Access: BI Dashboards enables users to access real-time data from various cloud sources. This ensures that users are making decisions based on the most up-to-date information.

  • Data Exploration and Discovery: BI Dashboards provides a powerful and user-friendly interface that empowers users to explore and analyze data on their own. Users can easily drill down into specific data points, apply filters, and perform ad-hoc analysis.

Prerequisites

Any of the following CCM cloud connectors in a healthy state:

  • AWS
  • GCP
  • Azure
  • K8s

Supported Platforms

  • SaaS
  • SMP

Notes

The following data can be consumed through dashboards:

  • AWS
  • GCP
  • Azure
  • Cluster
    • ECS
    • K8s
  • Inventory
    • EC2
    • RDS
    • EBS
    • Instances
    • Disks
    • Azure VM
  • Recommendations
  • Autostopping savings (Coming soon)

Dashboards

info

Harness CCM does not currently support AWS China regions.

CCM on Harness Self-Managed Enterprise Edition

Review the following information about what installation infrastructure and CCM features are supported on Harness Self-Managed Enterprise Edition.

Supported installation infrastructure for CCM on Harness Self-Managed Enterprise Edition

AWS is the only supported installation infrastructure. If you do not install Harness Self-Managed Enterprise Edition on AWS, then you cannot use the CCM features.

Supported CCM features on Harness Self-Managed Enterprise Edition

The following table provides the feature support matrix for CCM on Harness Self-Managed Enterprise Edition.

FeaturesAWSAzureGCPKubernetesConnected environmentAir-gapped environment
Perspectives
Cost categories
Budgets
BI dashboards
Anomaly detection
Currency standardization
Recommendations
AutoStopping
Asset governance
note
  • Perspective preferences are now supported on Harness SMP.
  • Margin Obfuscation is not supported on Harness SMP.
  • The cost data for Kubernetes workloads will be derived from the public pricing provided by the respective cloud provider.
  • Tracking recommendation lifescyle through Jira and ServiceNow is not supported in Air-gapped environments.

CCM on air-gapped environment

CCM is supported in Harness Self-Managed Enterprise Edition installs on an air-gapped environment.

CCM leverages AWS APIs that require connectivity from the isolated (air-gapped) instance. To grant access to these AWS APIs, establish VPC endpoints for the respective AWS services. For services lacking VPC endpoints, use a proxy to facilitate access. For more information, go to Manage AWS costs by using CCM on Harness Self-Managed Enterprise Edition.

For a comprehensive list of supported features in other Harness modules and the Harness Platform overall, go to Supported platforms and technologies.

Service Reliability Management

Harness supports the following Health Sources and Change Sources.

Health sources

A Health Source monitors changes in health trends of the Service using metrics and logs collected from an APM and log provider respectively.

Harness offers support for all major APM vendors, but there are cases where a customized APM is needed. The Custom Health Source lets you customize APMs of your choice.

Metrics providers and logging tools

Currently, Harness supports the following APMs and logging tools:

  • AppDynamics
  • Prometheus
  • Dynatrace
  • Splunk
  • Custom Health Source
  • Google Cloud Operations (formerly Stackdriver)
  • New Relic
  • Datadog

More tools will be added soon.

Change sources

A Change Source monitors change events related to deployments, infrastructure changes, and incidents. The following Change Sources are supported:

  • Harness CD NextGen
  • Harness CD
  • PagerDuty

Security Testing Orchestration

Go to Security Step Settings Reference.

Feature Flags

Harness Feature Flags supports client-side and server-side SDKs for a number of programming languages.

Supported client-side SDKs

The following table lists the client-side Feature Flag SDKs that Harness supports.

SDKDocumentation
AndroidAndroid SDK Reference
iOSiOS SDK Reference
FlutterFlutter SDK Reference
JavascriptJavascript SDK Reference
React NativeReact Native SDK Reference
XamarinXamarin SDK Reference
React ClientReact Client Reference
React NativeReact Native Reference

Supported server-side SDKs

The following table lists the server-side Feature Flag SDKs that Harness supports.

SDKDocumentation
.NET.NET SDK Reference
GoGo SDK Reference
JavaJava SDK Reference
Node.jsNode.js SDK Reference
PythonPython SDK Reference
RubyRuby SDK Reference
ApexApex SDK Reference
ErlangErlang SDK Reference
PHPPHP SDK Reference

Chaos Engineering

Perform chaos experiments on applications in your infrastructure, such as a Kubernetes cluster. Use predefined or custom workflow templates.

Go to Introduction to Chaos Module.

Code Repository

Manage code within Harness and accelerate development with security at scale.

The Harness Code Repository module is a source code management (SCM) tool that fosters developer collaboration and accelerates innovation while keeping security and compliance in mind. Git-based repositories are seamlessly integrated across your software delivery processes in Harness. Collaborative code reviews with checks and rules enforcement foster teamwork, reduce risk, and maintain code quality.

Collaboration

The following table lists Harness support for collaboration tools.

Most providers are used in both Pipeline Notification Strategies and User Group notifications:

Provider NameNotificationApproval/Change Management
Microsoft TeamsYesN/A
[Email](../continuous-delivery/x-platform-cd-features/cd-steps/notify-users-of-pipeline-events.mdN/A
SlackYesN/A
JiraYesYes
ServiceNowN/AYes
[PagerDuty](../continuous-delivery/x-platform-cd-features/cd-steps/notify-users-of-pipeline-events.mdN/A

Software Supply Chain Assurance (SSCA)

The Harness SSCA module supports the following components and standards.

SBOM tools

SBOM formats

  • SPDX
  • CycloneDX

Artifact repositories

  • Docker Hub
  • GCR
  • Amazon ECR

SLSA compliance level

  • Level 3, when used along with Harness CI Hosted Builds.

You can generate and sign provenance as per the SLSA v1.0 spec to achieve Level 3 compliance.

Attestation/Provenance generation & verification tools

Policy enforcement attributes

  • Component name
  • Component version
  • License
  • Supplier
  • PURL

Harness Git Experience

Harness Git Experience allows you to store your resource configurations, such as pipelines and input sets, in Git.

Supported Git providers​

The following section lists the support for Git providers for Harness Git Sync:​

  • GitHub
  • Bitbucket Cloud
  • Bitbucket Server
  • Azure Repos
  • GitLab

Supported Harness entities​

You can save the following Harness resources in Git using Harness Git Experience:

  • Pipelines
  • Input sets
  • Templates
  • Services
  • Environments
  • Infrastructure Definitions
note

Artifact Source templates are not supported with Git Experience.

Authentication

The following table lists the supported Authentication features and various ways to authenticate users. Users in Administrator groups can use Authentication Settings to restrict access to an organization's Harness account. The options you choose will apply to all of your account's users.

For more information, go to Authentication overview.

SSO TypeSSO ProvidersAuthentication SupportedAuthorization (Group Linking) SupportedSCIM Provisioning
SAML 2.0OktaYesYesYes
Microsoft Entra IDYesYesYes
OthersYesYesNo
OneLoginYesYesYes
OAuth 2.0GithubYesNoN/A
GitLabYesNoN/A
BitbucketYesNoN/A
GoogleYesNoN/A
AzureYesNoN/A
LinkedInYesNoN/A
LDAP (Delegate connectivity needed)Active DirectoryComing soonComing soonN/A
Open LDAPComing soonComing soonN/A
Oracle LDAPComing soonComing soonN/A

Secret management

Harness includes a built-in Secret Management feature that enables you to store encrypted secrets, such as access keys, and use them in your Harness connectors and pipelines.

For more information, go to Harness Secrets Management Overview.

In addition to the built-in Secret Manager, Harness Platform supports the cloud platform secrets management services in the following table.

Provider NameKey Encryption SupportEncrypted Data Stored with HarnessSupport for Referencing Existing Secrets
AWS KMSYesYesNo
AWS Secret ManagerYesNoYes
Hashicorp VaultYesNoYes
Azure Key VaultYesNoYes
Google KMSYesYesNo

Harness Self-Managed Enterprise Edition

The following table lists the major supported features for Harness Self-Managed Enterprise Edition offerings.

SolutionSupported PlatformConnectedHAMonitoringDisaster Recovery
Kubernetes ClusterKubernetes - GKE - AKS - EKSYesYesPrometheus, GrafanaYes

Supported Kubernetes versions

  • Self-Managed Enterprise Edition supports Kubernetes v.1.27, as well as versions 1.26, 1.25, 1.24, 1.23, 1.22, 1.21, and 1.20.
  • Effective October 7, 2022, with the release of version 76918, Self-Managed Enterprise Edition no longer supports Kubernetes open-source versions 1.18 and earlier.
  • Self-Managed Enterprise Edition supports the other versions of Kubernetes you use on a best-effort basis.
  • Harness commits to support new minor versions of Kubernetes within three months of the first stable release. For example, if the stable release of 1.28.0 occurs on August 31, Harness extends compatibility by November 30.

Terms of support

The support policy is 12 months of full support, followed by 6 months of limited support for critical security fixes only.

Harness Self-Managed Enterprise Edition does not introduce changes that break compatibility with supported versions of Kubernetes. For example, Self-Managed Enterprise Edition does not use features from Kubernetes version n that do not work in Kubernetes version n-2.

Installation and upgrade preflight checks provide warnings when you use unsupported Kubernetes versions.

In cases where you encounter a problem related to an incompatibility issue, you must upgrade your cluster. Harness does not issue a patch to accommodate the use of unsupported Kubernetes versions.

Template Library

Limitations

  • When you delete an existing template with active pipeline references, Harness deletes the references.
  • When you convert a runtime input in a template to a fixed value, the input type does not change in the linked pipeline. You must manually edit the linked pipeline YAML and provide the fixed values.
  • When you convert a fixed type input to a runtime input in your template, the input type does not change in the linked pipeline. You must click the template in the linked pipeline to refresh it and save the pipeline again. This re-initiates the reconciliation process.
  • Chained pipeline stages are not supported with pipeline templates.
  • When using multiple nested templates, you must manually reconcile the changes or force reconcile via the three-dots menu.

SDKs installed with Harness Delegate

Harness Delegate includes binaries for the SDKs that are required for deployments with Harness-supported integrations. These include binaries for Helm, ChartMuseum, kubectl, Kustomize, and so on.

Kubernetes Deployments

For Kubernetes deployments, the following SDKs/tools are included in the delegate image type yy.mm.xxxxx 78306 and later.

  • kubectl: v1.24.3
  • Helm: v2.13.1, 3.1.2, 3.8.0
  • Kustomize: v4.5.4
  • OpenShift: v4.2.16

The versions can be found in the Harness public GitHub repo.

For details on updating the default tool versions, go to Build custom delegate images with third-party tools.

For Kubernetes deployments, the following SDKs/tools are certified.

Manifest TypeRequired Tool/SDKCertified Version
Kuberneteskubectlv1.27.0
go-templatev0.4.1
Helmkubectlv1.27.0
helmv3.11.0
Helm (chart is stored in GCS or S3)kubectlv1.27.0
helmv3.11
chartmuseumv0.8.2 and v0.12.0
Kustomizekubectlv1.27.0
kustomizev4.5.4
OpenShiftkubectlv1.27.0
ocv4

Native Helm deployments

For Native Helm deployments, the following SDKs/tools are certified.

Manifest TypeRequired Tool/SDKCertified Version
Helm Charthelmv3.11
kubectlRequired if Kubernetes version is 1.16+.v1.27.0

Install a Delegate with custom SDK and 3rd-party tool binaries

To support customization, Harness provides a Harness Delegate image that does not include any third-party SDK binaries. We call this image the No Tools Image.

Using the No Tools Image and Delegate YAML, you can install the specific SDK versions you want. You install software on the Delegate using the INIT_SCRIPT environment variable in the Delegate YAML.

For steps on using the No Tools Delegate image and installing specific SDK versions, go to Install a Delegate with 3rd Party Tool Custom Binaries.

The Update Framework (TUF)

The Update Framework (TUF) is an open source specification for that provides instructions on how to organize, sign, and interact with metadata to secure package managers.

Harness includes native TUF support via the following:

  • Deployment templates: Deployment Templates use shell scripts to connect to target platforms, obtain target host information, and execute deployment steps.
    • Deployment Templates can obtain the required metadata for native TUF support, and generate and validate signatures in the software lifecycle.
  • OCI image registry support:
  • Enforce the rotation of secrets and key management practices:
  • Continuous Verification: TUF recommends the verification of deployments akin to Harness Continuous Verification.

Internal Developer Portal

Harness Internal Developer Portal integrates with a number of third-party providers to provide a single pane of glass for developers.

Plugins for IDP

Harness IDP supports a number of plugins to integrate the software catalog with third-party providers. Please find the growing list of supported plugins. This is a subset of the Backstage plugin marketplace.

Git providers that IDP supports

Any software component can be registered in the catalog by using a YAML file stored in the following Git providers:

  • GitHub
  • GitLab
  • Bitbucket
  • Azure Repos

CI/CD providers that IDP supports

Harness IDP is agnostic to your CI/CD provider. Following are some of the examples.

  • GitLab
  • CircleCI
  • GitHub Actions
info

Harness CI and CD has a seamless out-of-the-box experience with IDP.

Harness Open Source Software (OSS) components

The following document lists the open source libraries and third-party software Harness uses.

Supported browsers

The following desktop browsers are supported:

  • Chrome: latest version
  • Firefox: latest version
  • Safari: latest version
  • All Chromium-based browsers.

Mobile browsers are not supported.

Supported screen resolution

Minimum supported screen resolution is 1440x900.