Parameters

The transformer is configured with parameters that determine how it handles functions such as file reading (directory location, file processing criteria, etc.) and API querying (polling frequency, credentials, etc.).

Encrypt string values for sensitive parameters via hiera-eyaml. Create hiera-eyaml keys if not already generated on your PE Instance.

Node encrypt may be used as an optional extra layer of security. If you want to use node encrypt and the node_encrypt module is not already available, install puppetlabs-node_encrypt to be used on your CA or any compile server.

Parameters	Description
`pe_token` Sensitive  Required	The PE RBAC authentication token with permission to push data to the Vulnerability Remediation Service. The transformer uses the RBAC token to register itself using the registration API. A backoff mechanism is included. A PE Token can be generated via your puppet enterprise console.
`scan_reports_source_access_key` Sensitive  Required when configuring the transformer to query the Nessus API to download the latest scan data.	Authentication access key for the scanner endpoint. If required, the key can be generated on your Tenable Nessus Instance.
`scan_reports_source_secret_key` Sensitive Required when configuring the transformer to query the Nessus API to download the latest scan data.	Authentication secret key for the scanner endpoint. If required, the key can be generated on your Tenable Nessus instance.
`scan_reports_source_ca_certificate` Sensitive	The Nessus CA certificate. May be optionally provided when configuring the transformer to query the Nessus API to download the latest scan data.
`scan_reports_source_address`	The FQDN/IP address used by Nessus.
scan_reports_source_filepath Required when configuring the transformer to read scan data from a manually downloaded export file.	The path to the scanner report export directory to which the Nessus scan data has been downloaded.
`manage_python`	Determines if the module manages the installation of Python. When set to No, the existing Python setup is used.
`run_in_venv`	Run the transformer within a Python virtual environment.
`sync_schedule`	Schedule string in SystemD Timer format. Configures the transformer to run to a specific schedule.
`python_version`	The version of python to be installed. If not specified, the transformer uses latest version available on the machine through the default package managers.
`scan_reports_source_port`	Port Number used by Nessus.
`scan_reports_destination_endpoint`	URL to the Vulnerability Remediation Service ingestion endpoint
`scan_name`	The name of the specific scan for which data is to be processed by the transformer. A list of all named scans is provided in the Nessus UI.

The scan_reports_source_filepath cannot be specified at the same time as scan_reports_source_address, scan_reports_source_access_key and scan_reports_source_secret_key, as they relate to different modes of operation.