Skip to content

Deepfence Cloud Scanner runs in your cloud environment, gathering inventory and compliance information for the assets deployed in that environment. It submits that information to your Deepfence ThreatMapper or ThreatStryker Management Console

License

Notifications You must be signed in to change notification settings

deepfence/terraform-azure-cloud-scanner

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

44 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Cloud Scanner for Azure by Deepfence

This module deploys Cloud Scanner for Azure by creating underlying resources in Azure.

Notice

  • Deployment cost This example will create resources that cost money.
    Run terraform destroy when you don't need them anymore

Required Permissions

Provisioning Permissions

User deploying the resources needs the below access on Azure-

  • Subscription to create container group, virtual network, resource group.
  • Security administrator role to set up access.

Usage

- Single-Subscription

This approach deploys Cloud Scanner in a single Azure cloud subscription. Cloud Scanner will scan resources in the subscription id where deployment will be done.
More info in ./examples/single-subscription

- Tenant-Subscriptions

This approach deploys Cloud Scanner in a single Azure cloud subscription. However, Cloud Scanner will scan resources in all the subscription ids given as input.
More info in ./examples/tenant-subscriptions

Resources

Following resources are created in a new resource group:

Name Type
azurerm_container_group.cg resource
azurerm_network_profile.np resource
azurerm_subnet.sn resource
azurerm_virtual_network.vn resource
azurerm_subscription.current data source
azuread_application.aa resource
azuread_application_password.aap resource
azuread_service_principal.asp resource
azuread_service_principal_password.aspp resource
azurerm_role_assignment.main resource
azuread_client_config.current data source

Authors

Module is maintained and supported by Deepfence.

License

Apache 2 Licensed. See LICENSE for full details.

About

Deepfence Cloud Scanner runs in your cloud environment, gathering inventory and compliance information for the assets deployed in that environment. It submits that information to your Deepfence ThreatMapper or ThreatStryker Management Console

Resources

License

Stars

Watchers

Forks

Languages