Control types for @turbot/azure
- Azure > Management Group > CMDB
- Azure > Management Group > Discovery
- Azure > Resource Group > CMDB
- Azure > Resource Group > Configured
- Azure > Resource Group > Discovery
- Azure > Resource Group > Stack
- Azure > Resource Group > Tags
- Azure > Subscription > CMDB
- Azure > Subscription > Discovery
- Azure > Subscription > Stack
- Azure > Tenant > CMDB
- Azure > Turbot
- Azure > Turbot > Event Handlers
- Azure > Turbot > Event Poller
- Azure > Turbot > Management Group Event Poller
- Azure > Turbot > Resource Group
Azure > Management Group > CMDB
Record and synchronize details for the Azure Azure management group into the CMDB.
The CMDB control is
responsible for populating and updating all the attributes for that
resource type in the Guardrails CMDB.
Note that if CMDB is set to Skip for a resource, then it will not be added
to the CMDB, and no controls that target it will run.
tmod:@turbot/azure#/control/types/managementGroupCmdb
Azure > Management Group > Discovery
Discover Azure Azure management groups and add them to Guardrails.
The Discovery
control is tasked with identifying instances for a particular resource.
The Discovery control will periodically search for new target resources and
save them to the Guardrails CMDB. Once discovered, resources are then
responsible for tracking changes to themselves through the
CMDB control.
tmod:@turbot/azure#/control/types/managementGroupDiscovery
Azure > Resource Group > CMDB
Record and synchronize details for the Azure resource group into the CMDB.
The CMDB control is
responsible for populating and updating all the attributes for that
resource type in the Guardrails CMDB.
Note: If CMDB is set to Skip for a resource, then it will not be added
to the CMDB, and no controls that target it will run.
tmod:@turbot/azure#/control/types/resourceGroupCmdb
Azure > Resource Group > Configured
Maintain Azure > Azure > Resource Group configuration.
Note: If the resource is managed by another stack, then the Skip/Check/Enforce values here are ignored
and inherit from the stack that owns it.
tmod:@turbot/azure#/control/types/resourceGroupConfigured
Azure > Resource Group > Discovery
Discover all Azure resource group resources and add them to the CMDB.
The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.
tmod:@turbot/azure#/control/types/resourceGroupDiscovery
Azure > Resource Group > Stack
Configure a custom stack on Azure, per the custom Stack > Source
.
A Guardrails Stack
is a set of resources configured by Guardrails, as specified
via Terraform source. Stacks are responsible for the creation and deletion
of multiple resources. Once created, stack resources are responsible for
configuring themselves from the stack source via their Configured
control.
tmod:@turbot/azure#/control/types/resourceGroupStack
Azure > Resource Group > Tags
Take an action when an Azure Azure resource group tags is not updated based on the Azure > Azure > Resource Group > Tags > *
policies.
If the resource is not updated with the tags defined in Azure > Azure > Resource Group > Tags > Template
, this control raises an alarm and takes the defined enforcement action.
See Tags for more information.
tmod:@turbot/azure#/control/types/resourceGroupTags
Azure > Subscription > CMDB
Record and synchronize details for the Azure Subscription into the CMDB.
The CMDB control is
responsible for populating and updating all the attributes for that
resource type in the Guardrails CMDB.
Note that if CMDB is set to Skip for a resource, then it will not be added
to the CMDB, and no controls that target it will run.
tmod:@turbot/azure#/control/types/subscriptionCmdb
Azure > Subscription > Discovery
Discover Azure Azure subscriptions and add them to Guardrails.
The Discovery
control is tasked with identifying instances for a particular resource.
The Discovery control will periodically search for new target resources and
save them to the Guardrails CMDB. Once discovered, resources are then
responsible for tracking changes to themselves through the
CMDB control.
tmod:@turbot/azure#/control/types/subscriptionDiscovery
Azure > Subscription > Stack
Configure a custom stack on Azure, per the custom Stack > Source
.
A Guardrails Stack
is a set of resources configured by Guardrails, as specified
via Terraform source. Stacks are responsible for the creation and deletion
of multiple resources. Once created, stack resources are responsible for
configuring themselves from the stack source via their Configured
control.
tmod:@turbot/azure#/control/types/subscriptionStack
Azure > Tenant > CMDB
tmod:@turbot/azure#/control/types/tenantCmdb
Azure > Turbot
Turbot control root.
Azure > Turbot > Event Handlers
Configure the set of resources in a Guardrails Stack per the Event Handlers ><br />Source
policy.
Guardrails Stacks are used to manage a set of resources via Terraform.
Stacks are responsible for the creation and deletion of multiple resources,
but once created, the resources are responsible for configuring themselves
with their Configured
control, using the Source from the parent stack.
The Azure Event Handlers stack is responsible for configuring the resources
required for the Guardrails Event Handler, which attaches the Guardrails Router to
a cloud provider's audit trail. This is a pre-requisite for Guardrails to
process and respond to real-time events -- a core capability that allows
Guardrails to respond to changes on resources as they occur.
tmod:@turbot/azure#/control/types/eventHandlers
Azure > Turbot > Event Poller
The Guardrails Azure Poller control will query the Activity Log for relevant events on a schedule, and forward them to the router for processing.
tmod:@turbot/azure#/control/types/eventPoller
Azure > Turbot > Management Group Event Poller
Poll Azure management group events to Guardrails.
tmod:@turbot/azure#/control/types/managementGroupEventPoller
Azure > Turbot > Resource Group
Configure the Guardrails Event Handler stack. This stack configures
the resourceGroup required for Guardrails real-time event routing.
tmod:@turbot/azure#/control/types/resourceGroup