Control types for @turbot/azure
- Azure > Management Group > CMDB
- Azure > Management Group > Discovery
- Azure > Resource Group > CMDB
- Azure > Resource Group > Configured
- Azure > Resource Group > Discovery
- Azure > Resource Group > Stack
- Azure > Resource Group > Tags
- Azure > Subscription > CMDB
- Azure > Subscription > Discovery
- Azure > Subscription > Stack
- Azure > Tenant > CMDB
- Azure > Turbot
- Azure > Turbot > Event Handlers
- Azure > Turbot > Event Poller
- Azure > Turbot > Management Group Event Poller
- Azure > Turbot > Resource Group
Azure > Management Group > CMDB
Record and synchronize details for the Azure Azure management group into the CMDB.\n\nThe CMDB control is\nresponsible for populating and updating all the attributes for that\nresource type in the Guardrails CMDB.\n\nNote that if CMDB is set to Skip for a resource, then it will not be added\nto the CMDB, and no controls that target it will run.\n
Azure > Management Group > Discovery
Discover Azure Azure management groups and add them to Guardrails.\n\nThe Discovery\ncontrol is tasked with identifying instances for a particular resource.\nThe Discovery control will periodically search for new target resources and\nsave them to the Guardrails CMDB. Once discovered, resources are then\nresponsible for tracking changes to themselves through the\nCMDB control.\n
Azure > Resource Group > CMDB
Record and synchronize details for the Azure resource group into the CMDB.\n\nThe CMDB control is\nresponsible for populating and updating all the attributes for that\nresource type in the Guardrails CMDB.\n\nNote: If CMDB is set to Skip for a resource, then it will not be added\nto the CMDB, and no controls that target it will run.\n
Azure > Resource Group > Configured
Maintain Azure > Azure > Resource Group configuration.\n\nNote: If the resource is managed by another stack, then the Skip/Check/Enforce values here are ignored\nand inherit from the stack that owns it.\n
Azure > Resource Group > Discovery
Discover all Azure resource group resources and add them to the CMDB.\n\nThe Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.\n
Azure > Resource Group > Stack
Configure a custom stack on Azure, per the custom Stack > Source
.\n\nA Guardrails Stack
is a set of resources configured by Guardrails, as specified\nvia Terraform source. Stacks are responsible for the creation and deletion\nof multiple resources. Once created, stack resources are responsible for\nconfiguring themselves from the stack source via their Configured
control.\n
Azure > Resource Group > Tags
Take an action when an Azure Azure resource group tags is not updated based on the Azure > Azure > Resource Group > Tags > *
policies.\n\nIf the resource is not updated with the tags defined in Azure > Azure > Resource Group > Tags > Template
, this control raises an alarm and takes the defined enforcement action.\n\nSee Tags for more information.\n
Azure > Subscription > CMDB
Record and synchronize details for the Azure Subscription into the CMDB.\n\nThe CMDB control is\nresponsible for populating and updating all the attributes for that\nresource type in the Guardrails CMDB.\n\nNote that if CMDB is set to Skip for a resource, then it will not be added\nto the CMDB, and no controls that target it will run.\n
Azure > Subscription > Discovery
Discover Azure Azure subscriptions and add them to Guardrails.\n\nThe Discovery\ncontrol is tasked with identifying instances for a particular resource.\nThe Discovery control will periodically search for new target resources and\nsave them to the Guardrails CMDB. Once discovered, resources are then\nresponsible for tracking changes to themselves through the\nCMDB control.\n
Azure > Subscription > Stack
Configure a custom stack on Azure, per the custom Stack > Source
.\n\nA Guardrails Stack
is a set of resources configured by Guardrails, as specified\nvia Terraform source. Stacks are responsible for the creation and deletion\nof multiple resources. Once created, stack resources are responsible for\nconfiguring themselves from the stack source via their Configured
control.\n
Azure > Tenant > CMDB
Azure > Turbot
Turbot control root.
Azure > Turbot > Event Handlers
Configure the set of resources in a Guardrails Stack per the Event Handlers >\nSource
policy.\n\nGuardrails Stacks are used to manage a set of resources via Terraform.\nStacks are responsible for the creation and deletion of multiple resources,\nbut once created, the resources are responsible for configuring themselves\nwith their Configured
control, using the Source from the parent stack.\n\nThe Azure Event Handlers stack is responsible for configuring the resources\nrequired for the Guardrails Event Handler, which attaches the Guardrails Router to\na cloud provider's audit trail. This is a pre-requisite for Guardrails to\nprocess and respond to real-time events -- a core capability that allows\nGuardrails to respond to changes on resources as they occur.\n
Azure > Turbot > Event Poller
The Guardrails Azure Poller control will query the Activity Log for relevant events on a schedule, and forward them to the router for processing.\n
Azure > Turbot > Management Group Event Poller
Poll Azure management group events to Guardrails.
Azure > Turbot > Resource Group
Configure the Guardrails Event Handler stack. This stack configures\nthe resourceGroup required for Guardrails real-time event routing.\n