Enabling Agentless Scanning
Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel,
n'hésitez pas à nous contacter.
Agentless Scanning for Cloud Security Management is not supported for your selected
Datadog site (
).
Prerequisites
Before setting up Agentless Scanning, ensure the following prerequisites are met:
AWS integration: The AWS integration must be installed and configured for your AWS accounts.
Remote Configuration: Remote Configuration is required to enable Datadog to send information to Agentless scanners, such as which cloud resources to scan.
IAM permissions: The Agentless Scanning instance requires specific IAM permissions to scan hosts, containers, and Lambda functions. These permissions are automatically applied as part of the installation process.
ec2:DescribeVolumes
ec2:CreateTags
ec2:CreateSnapshot
ec2:DeleteSnapshot
ec2:DescribeSnapshots
ec2:DescribeSnapshotAttribute
ebs:ListSnapshotBlocks
ebs:ListChangedBlocks
ebs:GetSnapshotBlock
Setup
Running Agentless scanners incurs additional costs. To optimize these costs while still ensuring reliable 12-hour scans, Datadog recommends setting up
Agentless Scanning with Terraform as the default template.
To enable Agentless Scanning, use one of the following workflows:
Quick start
Designed for new users, the quick start workflow offers an efficient setup process for Cloud Security Management, enabling immediate monitoring of AWS resources. It uses AWS CloudFormation to automate the configuration.
The Terraform Datadog Agentless Scanner module provides a simple and reusable configuration for installing the Datadog Agentless scanner. For more information, see Setting up Agentless Scanning using Terraform.
Use the AWS CloudFormation template to create a CloudFormation stack. The template includes the IAM permissions required to deploy and manage Agentless scanners. For more information, see Setting up Agentless Scanning using AWS CloudFormation.
Further Reading
Documentation, liens et articles supplémentaires utiles: