This quickstart describes how to get started with Forseti Scanner. Forseti Scanner uses a JSON or YAML rules definition file to audit your Google Cloud Platform (GCP) resources, such as organizations or projects. After running the audit, Forseti Scanner outputs rule violations to Cloud SQL and optionally writes it to Cloud Storage bucket.
Forseti Scanner runs in batch mode, executing each scanner serially for each run. To modify the scanner settings:
true
or false
in your main.tf
, where true
enables the scanner, and
false
disables the scanner. For example, setting config_validator_enabled
to
true
enables Config Validator Scanner.When you’re finished making changes:
terraform plan
to see the infrastructure plan.terraform apply
to apply the infrastructure build.You can learn how to run the Forseti Scanner.