This module deploys Cloud Scanner for Azure by creating underlying resources in Azure.
- Deployment cost This example will create resources that cost money.
Runterraform destroywhen you don't need them anymore
User deploying the resources needs the below access on Azure-
- Subscription to create container group, virtual network, resource group.
- Security administrator role to set up access.
This approach deploys Cloud Scanner in a single Azure cloud subscription. Cloud Scanner will scan resources in the subscription id where deployment will be done.
More info
in ./examples/single-subscription
This approach deploys Cloud Scanner in a single Azure cloud subscription. However, Cloud Scanner will scan resources in all the subscription ids given as input.
More info
in ./examples/tenant-subscriptions
Following resources are created in a new resource group:
| Name | Type |
|---|---|
| azurerm_container_group.cg | resource |
| azurerm_network_profile.np | resource |
| azurerm_subnet.sn | resource |
| azurerm_virtual_network.vn | resource |
| azurerm_subscription.current | data source |
| azuread_application.aa | resource |
| azuread_application_password.aap | resource |
| azuread_service_principal.asp | resource |
| azuread_service_principal_password.aspp | resource |
| azurerm_role_assignment.main | resource |
| azuread_client_config.current | data source |
Module is maintained and supported by Deepfence.
Apache 2 Licensed. See LICENSE for full details.