Skip to content

Commit

Permalink
Initial commit
Browse files Browse the repository at this point in the history
  • Loading branch information
@drichards-87
drichards-87 committed Jan 13, 2025
1 parent fb2ff42 commit 23851de
Show file tree
Hide file tree
Showing 8 changed files with 8 additions and 62 deletions.
2 changes: 1 addition & 1 deletion ...ty/cloud_security_management/setup/agentless_scanning/azure_resource_manager.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ Follow the instructions for setting up the [Datadog Azure integration][1].

1. On the [Cloud Security Management Setup][3] page, click **Cloud Integrations** > **Azure**.
1. Locate your subscription's tenant, expand the list of subscriptions, and identify the subscription for which you want to disable Agentless Scanning.
1. Click the **Edit** button {{< img src="security/csm/setup/edit-button.png" inline="true" style="width:24px;">}} and toggle **Vulnerability Scanning** to the off position.
1. Click the **Edit** button ({{< img src="security/csm/setup/edit-button.png" inline="true" style="width:24px;">}}) and toggle **Vulnerability Scanning** to the off position.
1. Click **Done**.

## Uninstall with Azure Resource Manager
Expand Down
4 changes: 2 additions & 2 deletions ...n/security/cloud_security_management/setup/agentless_scanning/cloudformation.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ If you've already [set up Cloud Security Management][3] and want to add a new cl
{{% tab "Existing AWS account" %}}

1. On the [Cloud Security Management Setup][1] page, click **Cloud Integrations** > **AWS**.
1. Click the **Edit** button {{< img src="security/csm/setup/edit-button.png" inline="true" style="width:24px;">}} for the AWS account where you want to deploy the Agentless scanner.
1. Click the **Edit** button ({{< img src="security/csm/setup/edit-button.png" inline="true" style="width:24px;">}}) for the AWS account where you want to deploy the Agentless scanner.
1. Verify that **Enable Resource Scanning** is toggled on. If it isn't, switch the **Enable Resource Scanning** toggle to the on position and complete Steps 3-7 in [New AWS Account][2].
1. In the **Agentless Scanning** section, toggle **Host Vulnerability Scanning**, **Container Vulnerability Scanning**, **Lambda Vulnerability Scanning**, and **Data Security Scanning** to the on position.
1. Click **Done**.
Expand All @@ -65,7 +65,7 @@ Datadog recommends updating the CloudFormation stack regularly, so you can get a
## Disable Agentless Scanning

1. On the [Cloud Security Management Setup][3] page, click **Cloud Integrations** > **AWS**.
1. To disable Agentless Scanning for an account, click the **Edit** button {{< img src="security/csm/setup/edit-button.png" inline="true" style="width:24px;">}} and toggle the **Agentless Scanning** section to the off position.
1. To disable Agentless Scanning for an account, click the **Edit** button ({{< img src="security/csm/setup/edit-button.png" inline="true" style="width:24px;">}}) and toggle the **Agentless Scanning** section to the off position.
1. Click **Done**.

## Uninstall with CloudFormation
Expand Down
2 changes: 1 addition & 1 deletion ...t/en/security/cloud_security_management/setup/agentless_scanning/quick_start.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ Datadog recommends updating the CloudFormation stack regularly, so you can get a
## Disable Agentless Scanning

1. On the [Cloud Security Management Setup][10] page, click **Cloud Integrations** > **AWS**.
1. To disable Agentless Scanning for an account, click the **Edit** button {{< img src="security/csm/setup/edit-button.png" inline="true" style="width:24px;">}} and toggle the **Agentless Scanning** section to the off position.
1. To disable Agentless Scanning for an account, click the **Edit** button ({{< img src="security/csm/setup/edit-button.png" inline="true" style="width:24px;">}}) and toggle the **Agentless Scanning** section to the off position.
1. Click **Done**.

## Uninstall Agentless Scanning
Expand Down
4 changes: 2 additions & 2 deletions ...ent/en/security/cloud_security_management/setup/agentless_scanning/terraform.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ If you've already [set up Cloud Security Management][4] and want to add a new cl
{{% tab "Existing AWS account" %}}

1. On the [Cloud Security Management Setup][1] page, click **Cloud Integrations > AWS**.
1. Click the **Edit scanning** button {{< img src="security/csm/setup/edit-button.png" inline="true" style="width:24px;">}} for the AWS account where you want to deploy the Agentless scanner.
1. Click the **Edit scanning** button ({{< img src="security/csm/setup/edit-button.png" inline="true" style="width:24px;">}}) for the AWS account where you want to deploy the Agentless scanner.
1. **Enable Resource Scanning** should already be toggled on. If it isn't, toggle **Enable Resource Scanning** to the on position.
1. In the **How would you like to set up Agentless Scanning?** section, select **Terraform**.
1. Follow the instructions for installing the [Datadog Agentless Scanner module][2].
Expand Down Expand Up @@ -72,7 +72,7 @@ If you've already [set up Cloud Security Management][4] and want to add a new cl
## Disable Agentless Scanning

1. On the [Cloud Security Management Setup][4] page, click **Cloud Integrations**, and then expand the **AWS** or **Azure** section.
1. To disable Agentless Scanning for an account, click the **Edit** button {{< img src="security/csm/setup/edit-button.png" inline="true" style="width:24px;">}} and toggle **Vulnerability Scanning** to the off position.
1. To disable Agentless Scanning for an account, click the **Edit** button ({{< img src="security/csm/setup/edit-button.png" inline="true" style="width:24px;">}}) and toggle **Vulnerability Scanning** to the off position.
1. Click **Done**.

## Uninstall with Terraform
Expand Down
28 changes: 2 additions & 26 deletions content/en/security/cloud_security_management/setup/cloud_integrations.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,62 +37,38 @@ To enable resource scanning for your cloud accounts, you must first set up the i

## Disable resource scanning

To disable resource scanning for your cloud accounts, navigate to either the [**CSM Setup**][1] page or the cloud account integration page. Disabling resource scanning does not affect your ability to access historical findings. You can still review data from the past 15 months.
<div class="alert alert-info">You can access historical findings from the past 15 months even if resource scanning is disabled.</div>

{{< tabs >}}
{{% tab "AWS" %}}

### CSM Setup page

1. On the [**Cloud Security Management Setup**][1] page, click **Cloud Integrations**.
1. Expand the **AWS** section.
1. To stop resource collection for an account, click the Edit button and switch the **Enable Resource Scanning** toggle to the off position.
1. To stop resource collection for an account, click the **Edit** button ({{< img src="security/csm/setup/edit-button.png" inline="true" style="width:24px;">}}) and switch the **Enable Resource Scanning** toggle to the off position.
1. Click **Done**.

### Amazon Web Services integration page

1. On the [**Amazon Web Services Integration**][2] page, select an AWS account.
1. On the **Resource Collection** tab, clear the **Enable Cloud Security Management** checkbox.
1. Click Save.

[1]: https://app.datadoghq.com/security/configuration/csm/setup
[2]: https://app.datadoghq.com/integrations/amazon-web-services

{{% /tab %}}
{{% tab "Azure" %}}

### CSM Setup page

1. On the [**Cloud Security Management Setup**][1] page, click **Cloud Integrations**.
1. Expand the **Azure** section.
1. To stop resource collection for a subscription, switch the **Resource Scanning** toggle to the off position.
1. Click **Done**.

### Azure integration page

1. On the [**Azure Integration**][2] page, select an app registration.
1. On the **Resource Collection** tab, clear the **Enable Cloud Security Management** checkbox.
1. Click Save.

[1]: https://app.datadoghq.com/security/configuration/csm/setup
[2]: https://app.datadoghq.com/integrations/azure

{{% /tab %}}
{{% tab "Google Cloud" %}}

### CSM Setup page

1. On the [**Cloud Security Management Setup**][1] page, click **Cloud Integrations**.
1. Expand the **GCP** section.
1. To stop resource collection for a project, switch the **Resource Scanning** toggle to the off position.
1. Click **Done**.

### Google Cloud Platform integration page

1. On the [**Google Cloud Platform Integration**][2] page, select a Google Cloud account.
1. On the **Resource Collection** tab, clear the **Enable Cloud Security Management** checkbox.
1. Click **Save**.

[1]: https://app.datadoghq.com/security/configuration/csm/setup
[2]: https://app.datadoghq.com/integrations/google-cloud-platform

Expand Down
10 changes: 0 additions & 10 deletions layouts/shortcodes/csm-setup-aws.en.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,23 +4,13 @@ If you haven't already, set up the [Amazon Web Services integration][1]. You mus

### Enable CSM for your AWS accounts

Use one of the following methods to enable CSM for your AWS accounts:

#### CSM Setup page

1. On the [**Cloud Security Management Setup**][3] page, click **Cloud Integrations**.
1. Expand the **AWS** section.
1. To enable resource scanning for an account, click the **Plus** button, then switch the **Enable Resource Scanning** toggle to the on position.
1. Click **Done**.
1. To create a filter that excludes certain resources from being evaluated by CSM, click the **Plus** (+) icon under **Resource Evaluation Filters (Optional)**. For more information, see [Use Filters to Exclude Resources from Evaluation][5].
1. Click **Done**.

#### Amazon Web Services integration page

1. On the [**Amazon Web Services Integration**][4] page, select an AWS account.
1. On the **Resource Collection** tab, select **Enable Cloud Security Management**.
1. Click **Save**.

[1]: https://docs.datadoghq.com/integrations/amazon_web_services/
[2]: /integrations/amazon_web_services/?tab=roledelegation#cloud-security-management-misconfigurations
[3]: https://app.datadoghq.com/security/configuration/csm/setup
Expand Down
10 changes: 0 additions & 10 deletions layouts/shortcodes/csm-setup-azure.en.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,22 +6,12 @@ If you haven't already, set up the [Microsoft Azure integration][1].

### Enable CSM for your Azure subscriptions

Use one of the following methods to enable CSM for your Azure subscriptions:

#### CSM Setup page

1. On the [**Cloud Security Management Setup**][2] page, click **Cloud Integrations**.
2. Expand the **Azure** section.
3. To enable resource scanning for a subscription, switch the **Resource Scanning** toggle to the on position.
4. To create a filter that excludes certain resources from being evaluated by CSM, click the **Plus** (+) icon under **Resource Evaluation Filters (Optional)**. For more information, see [Use Filters to Exclude Resources from Evaluation][4].
5. Click **Done**.

#### Azure integration page

1. On the [**Azure Integration**][3] page, select an Azure app registration.
2. Under **Resource Collection**, select **Enable Cloud Security Management**.
3. Click **Submit Changes**.

[1]: https://docs.datadoghq.com/integrations/azure
[2]: https://app.datadoghq.com/security/configuration/csm/setup
[3]: https://app.datadoghq.com/integrations/azure
Expand Down
10 changes: 0 additions & 10 deletions layouts/shortcodes/csm-setup-google-cloud.en.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,22 +15,12 @@ The Datadog Google Cloud Platform integration uses service accounts to create an

### Enable CSM for your Google Cloud projects

Use one of the following methods to enable CSM for your Google Cloud projects:

#### CSM Setup page

1. On the [**Cloud Security Management Setup**][2] page, click **Cloud Integrations**.
2. Expand the **GCP** section.
3. To enable resource scanning for a project, switch the **Resource Scanning** toggle to the on position.
4. To create a filter that excludes certain resources from being evaluated by CSM, click the **Plus** (+) icon under **Resource Evaluation Filters (Optional)**. For more information, see [Use Filters to Exclude Resources from Evaluation][11].
5. Click **Done**.

#### Google Cloud Platform integration page

1. On the [**Google Cloud Platform Integration**][10] page, select a Google Cloud project.
2. Under **Resource Collection**, select **Enable Cloud Security Management**.
3. Click **Save**.

[1]: https://docs.datadoghq.com/integrations/google_cloud_platform
[2]: https://app.datadoghq.com/security/configuration/csm/setup
[4]: https://support.google.com/cloud/answer/6293499?hl=en
Expand Down

0 comments on commit 23851de

Please sign in to comment.