Setting up IaC Scanning for Cloud Security Management

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください
Join the Preview!

Static Infrastructure as Code (IaC) scanning is in Preview. To request access, complete the form.

Request Access

Use the following instructions to enable Infrastructure as Code (IaC) scanning for Cloud Security Management (CSM). IaC scanning is available for CSM Misconfigurations and CSM Identity Risks.

Static IaC scanning supports GitHub for version control and Terraform for infrastructure as code.

Set up the GitHub integration

Follow the instructions for creating a GitHub app for your organization.

To use IaC scanning, you must give the Github App Read & Write permissions for Contents and Pull Requests. These permissions can be applied to all or select repositories.

Enable IaC scanning for your repositories

After you set up the GitHub integration, enable IaC scanning for the repositories in your GitHub account.

  1. On the CSM Setup page, expand the Source Code Integrations section.
  2. Click Configure for the GitHub account you want to configure.
  3. To enable IaC:
    • All repositories: Toggle Enable Infrastructure as Code (IaC) Scanning to the on position.
    • Single repository: Toggle the IAC Scanning option for the specific repository to the on position.

Further reading

お役に立つドキュメント、リンクや記事:

Setting up Cloud Security ManagementDOCUMENTATION more more CSM MisconfigurationsDOCUMENTATION more more CSM Identity RisksGUIDE more more