Preparing for Compliance Posture Scanning
Cloud Compliance posture scanning uses a Compliance Scanner task which is installed in your monitored cloud instances.
The Cloud Scanner task interacts with the local cloud APIs under the instruction of the remote management console. This architecture removes the need to open up cloud APIs to remote (over the internet) clients, where security is harder to achieve.
Before You Begin
Review the architecture for compliance scanning, as described in Architecture: Cloud Scanner task.
Configuring Cloud Posture Management
📄️ AWS
CloudFormation
📄️ Microsoft Azure
Cloud Scanner is deployed as a task within your Azure infrastructure.
📄️ Google Compute Platform
Cloud Scanner is deployed as a task within your Google Cloud Platform instance.
📄️ Other Platforms
ThreatMapper can perform compliance posture scanning on linux hosts and Kubernetes master and worker nodes.