With customers like Rapyd, Coralogix, and ReasonLabs already benefiting from compliance visibility, ControlMonkey is raising the bar for proactive cloud governance.

For teams managing their Terraform, OpenTofu, or Terragrunt environments, compliance is often a moving target. The new Cloud Compliance Dashboard in ControlMonkey delivers a unified, drill-down view into your compliance posture across AWS, Azure, and GCP helping you identify gaps before they turn into risks.

Introducing Cloud Compliance Dashboarding

The Compliance Dashboard gives DevOps and Cloud managers the ability to select relevant standards, track consolidated scores, and drill down into failed controls and resources.

Supported frameworks include:

• CIS Benchmarks (2.0, 2.1, 3.0)
• PCI DSS 4.0
• HIPAA Security Rule
• MITRE ATT&CK
• ENS_RD2022 (Spanish National Security Framework)
• DORA Regulation
• And more – Full List below

Teams can move from high-level compliance scores down to specific failed checks, pinpoint which resources triggered non-compliance (for example, an exposed EC2 instance), and shift compliance from reactive audits to proactive prevention.

Stay Ahead with Cloud Governance and Infrastructure Control

The dashboard provides decision-makers with measurable clarity. I Teams can continuously check compliance instead of just reacting to audit findings. They can enforce IaC policies on a large scale and strengthen infrastructure pipelines. This means:

• Improved visibility into your compliance score
• Reduced risk with drill-down checks at the resource level
• IaC alignment through proactive enforcement
• Scalable governance across multi-cloud environments

“When teams gain full visibility and proactive compliance controls, they stop reacting to problems and start preventing them. That’s how you consistently raise your compliance score.” said Ori Yemini, CTO, ControlMonkey

Customer Perspectives

2 of Control monkey customers already enjoying full IaC coverage visibility:

More IaC coverage means fewer security issues — period. What stood out with ControlMonkey was how easy it became to do things the right, modern way. When infrastructure and security teams can finally collaborate by design, that’s when security actually works

Nir Rothenberg

CISO

As a company that manages huge clusters of AWS resources, the ControlMonkey Platform and specifically its GitOps pipeline capabilities is an integral part of our infrastructure deployment process, enabling us to shift left our infrastructure policies, best practices, and guardrails to make sure our production environment is stable, compliant and secure

Yoni Farin

Coralogix

See it for yourself

Join our next Product Showdown to experience the Cloud Compliance Dashboard in action.

Supported Frameworks include:

Find below full list of framework support by cloud provider:

AWS

• CISA
• SOC 2
• CIS Benchmarks (1.4, 1.5, 2.0, 3.0, 4.0.1, 5.0)
• MITRE ATT&CK
• GDPR
• AWS Foundational Security Best Practices
• ISO/IEC 27001:2013 & 2022
• KISA ISMS-P 2023 (incl. Korean version)
• HIPAA Security Rule
• GxP 21 CFR Part 11
• GxP EU Annex 11
• NIST 800-171 Rev 2
• NIST 800-53 Rev 4 & Rev 5
• PCI DSS 4.0 & PCI DSS 3.2.1
• AWS Well-Architected Framework (Security & Reliability Pillars)
• AWS Account Security Onboarding
• AWS Foundational Technical Review
• AWS Audit Manager Control Tower Guardrails
• NIST Cybersecurity Framework (CSF) 1.1
• ENS_RD2022
• RBI Cyber Security Framework
• FFIEC Cybersecurity Assessment
• FedRAMP (Low & Moderate, Rev 4)
• NIS2 Directive

Azure

• PCI DSS 4.0
• SOC 2
• ISO/IEC 27001:2022
• CIS Benchmarks (2.0, 2.1, 3.0, 4.0)
• ENS_RD2022
• MITRE ATT&CK
• NIS2 Directive

GCP

• MITRE ATT&CK
• SOC 2
• CIS Benchmarks (2.0, 3.0, 4.0)
• ENS_RD2022
• PCI DSS 4.0
• ISO/IEC 27001:2022
• NIS2 Directive

Azure Organization Integration is now available in ControlMonkey, making it easier than ever for enterprises to govern and scale their Azure environments. For teams managing their Terraform, OpenTofu, or Terragrunt deployments across multiple subscriptions, this integration eliminates the need to onboard subscriptions one by one – delivering instant visibility, compliance, and automation at scale.

Introducing Azure Organization Integration

With Azure Organization Integration, ControlMonkey now supports seamless onboarding across dozens—or even hundreds—of Azure subscriptions in just a click.
You can also control what subscriptions to connect to ControlMonkey by choosing one or more Azure Management Groups.

Top benefits include:

• One-click onboarding for all Azure subscriptions
• Unified cloud inventory across the entire Azure footprint
• Automated backups spanning every subscription
• Consistent IaC governance across cloud environments
• Enterprise-ready scale to support regulated and governed organizations

“For enterprises operating Azure at scale, onboarding and governance must be frictionless. With Azure Organization Integration, we’re giving customers complete visibility, backup, and IaC governance across every subscription in just one step"

Ori Yemini

CTO, ControlMonkey

ControlMonkey for Cloud Governance 

By extending our multi-cloud enterprise capabilities, Azure Integration ensures teams:

• Gain visibility across all Azure subscriptions without manual setup
• Reduce risk with governed, consistent controls across accounts
• Strengthen IaC adoption and compliance at enterprise scale
• Confidently operate in regulated environments with full coverage

Ready to take control?

Explore Azure Organization today and bring order to your multi-subscription cloud – Lean More in our Product Showdown Next Week.

ControlMonkey now offers a unified Cloud Inventory view. With our latest update, users can search and visualize resources across all cloud providers- AWS, Azure, and GCP in a single dashboard. Whether you’re managing a global architecture or multiple cloud accounts, ControlMonkey brings total Cross Cloud Visibility and control to your fingertips.

Introducing Cross-Cloud Visibility in Cloud Inventory 

With multi-cloud inventory search, ControlMonkey users can now:

• Search and find any resource: like Queues, Load Balancers, or Buckets – across clouds and accounts in seconds
• Instantly spot IaC coverage gaps, including unmanaged resources by cloud, region, and state
• Drill down to any asset and see if it’s managed by IaC, where it the code in your version control system that manages that asset, and by which ControlMonkey stack

Stay Ahead with Cross-Cloud Visibility and Governance

As cloud environments grow in complexity, visibility becomes non-negotiable. ControlMonkey’s new Cloud Inventory ensures DevOps and CloudOps teams can confidently track and govern resources across regions, vendors, and IaC states — Get time with us today!

Unauthorized console operations, aka “ClickOps,” are one of the major causes of Terraform Drifts that lead to costly production misconfigurations. It also bypasses the golden path of deploying infrastructure with a clear SDLC (Software Development Life Cycle)process.
Tracking infrastructure changes, ensuring cloud vs code integrity, and avoiding configuration drifts is an ongoing battle.
Today, we’re happy to bring our ClickOps scanner feature to Azure, giving cloud teams total real-time visibility into every infrastructure change made from the Azure console.

ClickOps Scanner for Azure

In large-scale cloud environments, every change made through the Azure console can potentially cause drifts, misconfigurations, or security risks.
Azure users now have a single source of truth for every change happening across their infrastructure.

ControlMonkey’s ClickOps Scanner for Azure is a simplified insights dashboard where users can easily understand:

• How many Console Operations (ClickOps) have been made on an Azure subscription at a given timeframe
• How many Other Operations (IaC) have been made on an Azure subscription at a given timeframe
• The breakdown of the operations by User
• The breakdown of the operation by Resource
• The complete audit of all cloud events with detailed information for quick investigation

With ClickOps Scanner for Azure, ControlMonkey users can now:

• Monitor every change in real-time across Azure subscriptions, whether intentional or unexpected.
• Resolve Terraform Drifts faster by quickly detecting the Cloud Event (ClickOps) that caused the configuration drift and shorten investigation and resolution times.
• Ensure compliance and security by keeping a complete audit trail of all infrastructure changes made through code or the console.
• Speed up debugging and root cause analysis. Quickly trace changes back to their source and understand the impact of every action.

Total Cloud Control for Azure

The ControlMonkey Terraform Automation Platform helps Azure users standardize, optimize, and secure their cloud infrastructure. ControlMonkey provides the necessary solutions to achieve Total Cloud Control with Terraform, whether managing a few subscriptions or an enterprise-scale Azure deployment.

Ready to take control of your infrastructure?
Meet with our Terraform experts for a 30-minute technical call to learn more.

Today, we are pleased to announce another milestone in our support for Azure with the release of our Custom Terraform Modules Creation Wizard.

Following the major announcement of our Terraform Import Engine for Azure, our Azure users can now build custom Terraform modules with just a few clicks.
This enhancement makes our Terraform Import Engine a 360 automated solution that simplifies the import of Azure resources to Terraform.

Rather than spending time manually writing Custom Terraform Modules, the ControlMonkey Terraform Import Dashboard provides the easiest way to create modules with a user-friendly wizard in a few clicks.

After selecting which resources to bundle together, ControlMonkey automatically generates the Terraform module code. It’s as easy as that.

After the code is generated, users can rename the resources and extract variables to customize it even further.  

ControlMonkey saves cloud engineers precious time and improves productivity: 

• Automatically generates the Terraform module code rather than manually.
• Determines the relationship between the resources by leveraging ControlMonkey’s
  ‘Smart Stacking’ technology.
• Replicates resources or environments in a fast and productive way. 

Do you have Azure infrastructure that you’re looking to manage with Terraform?
ControlMonkey offers the easiest and most swift way to do it.

Are you interested in learning more and seeing it for yourself?
Book a 30-minute technical discussion with our Terraform Experts.

In the past few months, our engineering team has been developing more and more Azure capabilities to enhance our multi-cloud support of the ControlMonkey Platform.
With exciting releases such as Resource Explorer, Managed Policies, and Azure IaC Coverage, our Azure users can now leverage advanced Terraform Automation solutions to manage and govern their Azure environments.

So, we are delighted to announce that we have released ControlMonkey’s Terraform Import Engine for Azure Users!

ControlMonkey’s Terraform Import Engine for Azure

Starting today, ControlMonkey users with legacy infrastructure can easily shift their Azure resources to Terraform with our AI-powered Terraform Code Generator.
ControlMonkey’s Terraform Import Engine automatically detects Azure resources not managed with Terraform and generates the code representing the resources’ current state with a single click.
Our platform also generates the Terraform state file, so you don’t need to run any ‘Import’ commands or use any ‘Import’ blocks within your code and then run ‘Apply.’

Using our Smart Stacking contextual algorithm, we can identify which resources are related to each other and automatically generate ready-to-import stacks.

Importing 1000s of Azure resources to Terraform has never been easier:

• Visualize how many resources are not managed with Terraform and their cost with the option to filter by region.

• Select the stacks to import to Terraform and choose the import method. You can also search and filter by resource type.

• Get a 100% verified Terraform code and state file that matches your resource’s configuration.

Benefits of leveraging ControlMonkey’s Terraform Import Engine for Azure:

1. Generate Terraform code in 75% less time.
2. Increase Terraform coverage to 99%.
3. Out-of-the-box automatic custom Terraform Module creation.
4. Save thousands of DevOps hours by eliminating manual Terraform code writing.

Do you have Azure infrastructure that you’re looking to shift to Terraform?
ControlMonkey offers the easiest and most swift way to do it.
Are you interested in learning more and seeing it for yourself? Book a 30-minute technical discussion with our Terraform Experts.

2 months ago, we announced the support of Resource Explorer for Azure environments, which was the first major release for ControlMonkey on Azure.
We’re happy to announce another milestone in our multi-cloud support with ControlMonkey
IaC Coverage Dashboard for Azure.

Starting today, ControlMonkey customers with Azure environments can gain visibility into their Azure Subscriptions and understand:

1. What is their IaC coverage across their subscription
2. What is the IaC coverage per region
3. How many resources are unmanaged by IaC

As well as:

1. Top Azure resources and their IaC coverage
2. IaC Coverage over time
3. IaC Distribution across IaC tools

With this new capability, companies running Azure workloads at scale with multiple subscriptions in multiple regions can get a bird’s-eye view of their IaC coverage.

The release of Azure IaC Dashboard reinforces ControlMonkey’s multi-cloud capabilities and provides our customers with a centralized view across clouds, subscriptions/accounts, and regions.

This is just the tip of the iceberg. We have many exciting new capabilities for our Azure customers planned until the end of the year, so stay tuned!

Running on Azure? Our team would love to jump on a call and show you how ControlMonkey can help.

We are excited to announce another milestone in our multi-cloud support, with a major enhancement to our Terraform CI/CD solution.
Starting today, ControlMonkey’s Managed Security Policies are also available for Azure Cloud!

These Security Policies are predefined, managed, and maintained by ControlMonkey.
Rather than writing and maintaining common security policies with OPA, you get managed security policies that are enforced whenever someone changes your Terraform code right out of the box.

Cloud Engineering teams can granularly select which unit of deployment the Security Policy will be enforced and the enforcement level (warning or block).
So, if you need to separate and divide your policy enforcement across environments, you can easily do that with ControlMonkey.

The benefits of Managed Security Policies:

• You get a library of pre-defined security policies straight out of the box.
• Save time on writing, managing, and maintaining these policies.
  ControlMonkey does all the heavy lifting for you.
• By shifting left your security, you are:
  • Preventing security issues before they reach production
  • Saving time on manual code review.
  • Enable a proactive operations mode Vs. reacting to security misconfigurations.
  • Educating Cloud Engineering teams on the organization’s security standards.

If you’re using Azure today and looking to turn on your proactive mode, let’s talk.

Today, we are super excited to announce that we are continuing our expansion beyond AWS and adding support to Microsoft Azure in our Resource Explorer.

Until now, ControlMonkey’s resource explorer helped DevOps teams discover and investigate their AWS resources. Starting today, we have added the option to discover and investigate Azure resources.

Azure users can leverage our Resource Explorer to:

• Search for Azure resources per subscription, region, resource type, and name.
• Determine whether this resource is managed by Terraform code or not.
• Access the resource’s corresponding code in your GIT repository with a 1-click link.
• Access the resource’s corresponding ControlMonkey stack with a 1-click link.

With Resource Explorer, you can search for any Azure resource, gain visibility into your Terraform coverage, and easily access the corresponding Terraform Code in your GIT repository or corresponding ControlMonkey stack.

ControlMonkey’s Resource Explorer serves as the organization’s Terraform knowledge base, providing your team an easy way to locate Terraform code across your Git repositories regardless of specific team member seniority or tenure within the organization.

Save precious time when searching for resources and ensure that all your Azure resources are covered with Terraform Code.

This is one of many Azure enhancements we will release this year, so stay tuned to what’s coming next!

Today we are excited to announce the latest enhancement to ControlMonkey’s Drift Center, Drift auto-sync.

What is Drift auto-sync?

Our Drift Center helps DevOps teams identify and address discrepancies. These lie between the specified configuration in the Terraform, OpenTofu and Terragrunt code and the actual state of resources in the cloud environment.

Whenever a drift is detected and ‘Drift auto-sync’ is enabled, ControlMonkey will automatically trigger a deployment (reconciliation). This is to align the AWS resource (The “Actual State”) to the Terraform Code (The “Desired state”).

This feature is very similar to ArgoCD reconciliation capability.

The new capability is a checkbox configuration that is part of the stack’s configuration. This capability is included to all levels of subscription.

Drift auto-sync supports 2 types of Terraform Drifts:

1. Drift that originated from a configuration change that was made from the AWS, GCP or Azure console. This change was not from Terraform Apply.
2. Drift that originated from a change to a Terraform Data Source.
   e.g An auto-scaling group configuration fetches an image ID from a Data Source and that image ID has changed. This occurs since the last deployment, causing the Auto-scaling group to drift because it has the old image.

What next?

So if your stack is heavily dependent on data sources and you want to validate that you are always using the latest values, then the Drift auto-sync is the ideal solution. It will automatically reconcile the resource and save you the trouble of manually resolving the drift.

Join our Product Showdown this week to see it in action