Nailing the Security Audit with RRCU

ConductorOne docs

Set up a New Relic connector

ConductorOne provides identity governance and just-in-time provisioning for New Relic. Integrate your New Relic instance with ConductorOne to run user access reviews (UARs) and enable just-in-time access requests.

Capabilities

  • Sync user identities from New Relic to ConductorOne

  • Resources supported:

    • Organizations
    • Groups
    • Roles

  • Provisioning supported:

    • Add users to groups
    • Add roles to groups

Add a new New Relic connector

This task requires either the Connector Administrator or Super Administrator role in ConductorOne.

  1. In ConductorOne, click Connectors > Add connector.

  2. Search for New Relic and click Add.

  3. Choose how to set up the new New Relic connector:

    • Add the connector to a currently unmanaged app (select from the list of apps that were discovered in your identity, SSO, or federation provider that aren’t yet managed with ConductorOne)

    • Add the connector to a managed app (select from the list of existing managed apps)

    • Create a new managed app

    Do you SSO into New Relic using your identity, SSO, or federation provider? If so, make sure to add the connector to the unmanaged New Relic app that was created automatically when you integrated your provider with ConductorOne, rather than creating a new managed app.

  1. Set the owner for this connector. You can manage the connector yourself, or choose someone else from the list of ConductorOne users. Setting multiple owners is allowed.

    An New Relic connector owner must have the following permissions:

    • Connector Administrator or Super Administrator role in ConductorOne
    • A full platform user in New Relic
  1. Click Next.

Next steps

  • If you are the connector owner, proceed to Configure your New Relic connector for instructions on integrating New Relic with ConductorOne.

  • If someone else is the connector owner, ConductorOne will notify them by email that their help is needed to complete the setup process.

Configure your New Relic connector

A user with the Connector Administrator or Super Administrator role in ConductorOne who is a full platform user in New Relic must perform this task.

Step 1: Create a user API key

  1. Log into New Relic as a full platform user.

  2. At the bottom of the left navigation bar, click your username and select API Keys.

  3. Click Create a key. The Create an API key drawer opens.

  4. Select User as the Key type.

  5. Enter a name for the new API key, such as “ConductorOne”, and add any notes you or your colleagues might need about this key.

  6. Click Create a key.

  7. The new key is generated and added to the list of API keys.

  8. Click the menu and select Copy key. Carefully save the API key, we’ll use it in Step 2.

Step 2: Add your New Relic credentials to ConductorOne

  1. In ConductorOne, navigate to the New Relic connector by either:

    • Clicking the Set up connector link in the email you received about configuring the connector.

    • Navigate to Connectors > New Relic (if there is more than one New Relic listed, click the one with your name listed as owner and the status Not connected).

  2. Find the Settings area of the page and click Edit.

  3. Paste the user API key you generated in Step 1 into the API key field.

  4. Click Save.

  5. The connector’s label changes to Syncing, followed by Connected. You can view the logs to ensure that information is syncing.

That’s it! Your New Relic connector is now pulling access data into ConductorOne.

Configure the New Relic integration using Terraform

As an alternative to the integration process described above, you can use Terraform to configure the integration between New Relic and ConductorOne.

See the ConductorOne New Relic integration resource page in the ConductorOne Terraform registry for example usage and the full list of required and optional parameters.