This quickstart describes how to get started with Forseti Scanner. Forseti Scanner uses a JSON or YAML rules definition file to audit your Google Cloud Platform (GCP) resources, such as organizations or projects. After running the audit, Forseti Scanner outputs rule violations to Cloud SQL and optionally writes it to Cloud Storage bucket.
Forseti Scanner runs in batch mode, executing each scanner serially for each run. To modify the scanner settings:
trueenables the scanner, and
falsedisables the scanner. For example, setting
trueenables Config Validator Scanner.
When you’re finished making changes:
terraform planto see the infrastructure plan.
terraform applyto apply the infrastructure build.
You can learn how to run the Forseti Scanner.