Azure- Identify the resources with missing tags using the Cloud Custodian for Azure

An organization may have several hundred developers and almost the same number of cloud subscriptions to continuously innovate and work on the “next big thing”. These developers continuously create and tear down the cloud infrastructure as needed. It is very important to know your cloud assets /resources for several reasons. I will discuss the three most important- 1) GTKYA (Get to know your assets) — Simply put this way, If you don't know what resources you have you can’t put the security controls around those assets. Hence, very important to know what are those assets, their purpose, their ownership, environment variables, compliance impact, and others. 2) Secondly, if any incident had to happen, you must be able to find the owner, data sensitivity, business criticality, and impacts on the upstream and downstream resources. 3) Satisfying the compliance requirement. In Annexure A of ISO 27002 within Asset Management Controls, there are several control objectives that cover identifying the assets, maintaining full inventory with ownership, classifying the data, acceptable use, and drawing handling procedure to follow it consistently with its classification.

Cloud Custodian is an open-source tool from CapitalOne written in python language and comprises many tools and scripts. It is a rule engine where you can write policy definitions in YAML. This enables an organization to manage their public cloud resources by writing policies for cost savings, explore tagging…

--

--

Aakif Shaikh, CISSP, CEH, CHFI, CISA, GWAPT
Aakif Shaikh, CISSP, CEH, CHFI, CISA, GWAPT

Written by Aakif Shaikh, CISSP, CEH, CHFI, CISA, GWAPT

Over 18 years of experience in a wide variety of technical domains within information security including information assurance, compliance, and risk management.

No responses yet