How is data collected from cloud providers?

[DaulGitHub]

Currently only GCP is supported?
I expected to see here https://github.com/OpenCSPM/opencspm/tree/main/collection AWS, Azure... or at the moment it is possible to work only with one GCP provider?

Tell me please:

1. how does the provider status survey work?
2. What do you use terraform for?

Thanks!)

[joshlarsen]

Hi @DaulGitHub, OpenCSPM currently supports AWS, GCP, Kubernetes standalone, EKS, and GKE resources. The files you are referencing are helper scripts for certain specific cases.

See data collection for more details.

Terraform is used to deploy OpenCSPM into your cloud environment (as opposed to running it locally in Docker).

[DaulGitHub]

@joshlarsen Thank you!)
do you have ready-made benchmarks?
I see that I can write the checks myself(https://github.com/OpenCSPM/opencspm-darkbit-community-controls), but I would like to have the best practices of the checks already ready.

[DaulGitHub]

the state of cloud resources is stored in a graph database, and when performing tests, we extract the state from the database using queries.
Do I understand correctly that before running tests, we need to drag the entire state of the user's cloud into the database?

[bgeesaman]

Yes, AWS-Recon or the GCP CAI gathers the relevant metadata (inventory) from your cloud account, and that data collection link describes how to arrange it so that opencspm loads and analyzes it via control packs. The community control pack covers serval CIS best practices standards for GCP, GKE, AWS, and EKS.