This repository contains resources to deploy an automation framework to on-board Azure Container Registries to Falcon Cloud Security. The main.bicep file is the primary deployment template that provisions the necessary Azure resources.
graph LR;
A[Start] --> B[Scan Azure Container Registries]
B --> C{New Registry Found?}
C -- Yes --> D[Onboard to Falcon Cloud Security]
C -- No --> E[End]
D --> E --> A[Start]
The main.bicep template deploys the following resources:
- Resource Group
- Azure Automation Account
- Automation Account Runbook
- Automation Account Schedule
- Automation Account Modules for PSFalcon
- Key Vault
- Key Vault Secrets
The solution leverages the PSFalcon PowerShell module to interact with Falcon Cloud Security. PSFalcon Module
You can deploy the resources using the Azure portal UI or Azure Government portal UI.
| Deployment Type | Link |
|---|---|
| Azure Commercial | |
| Azure Government |
Before deploying the resources, ensure you have the following:
- An active Azure subscription.
- Sufficient permissions to create resources in the target subscription.
- Click on the appropriate deployment button above.
- Follow the prompts in the Azure portal to complete the deployment.
After the deployment is complete, the automation account will run on a schedule. When new Azure Container Registries are found in your subscription they will be on-boarded to Falcon Cloud Security. By default the schedule is set to run every one hour.
Contributions are welcome! Please submit a pull request or open an issue to discuss any changes.
This project is licensed under the MIT License. See the LICENSE file for details.