This quickstart describes how to get started with Forseti Scanner. Forseti Scanner uses a JSON or YAML rules definition file to audit your Google Cloud Platform (GCP) resources, such as organizations or projects. After running the audit, Forseti Scanner outputs rule violations to Cloud SQL and optionally writes it to Cloud Storage bucket.
Forseti Scanner runs in batch mode, executing each scanner serially for each run. To modify the scanner settings:
forseti-security/configs/server/forseti_conf_server.yaml
.scanner
> scanners
section.enabled
property for the appropriate scanners.
true
enables the scanner, and false
disables the scanner.When you’re finished making changes, run the configuration reload command to update the configuration of the server.
You can learn how to run the Forseti Scanner.