Unauthorized console operations, aka “ClickOps,” are one of the major causes of Terraform Drifts that lead to costly production misconfigurations. It also bypasses the golden path of deploying infrastructure with a clear SDLC (Software Development Life Cycle)process.
Tracking infrastructure changes, ensuring cloud vs code integrity, and avoiding configuration drifts is an ongoing battle.
Today, we’re happy to bring our ClickOps scanner feature to Azure, giving cloud teams total real-time visibility into every infrastructure change made from the Azure console.

ClickOps Scanner for Azure

In large-scale cloud environments, every change made through the Azure console can potentially cause drifts, misconfigurations, or security risks.
Azure users now have a single source of truth for every change happening across their infrastructure.

ControlMonkey’s ClickOps Scanner for Azure is a simplified insights dashboard where users can easily understand:

• How many Console Operations (ClickOps) have been made on an Azure subscription at a given timeframe
• How many Other Operations (IaC) have been made on an Azure subscription at a given timeframe
• The breakdown of the operations by User
• The breakdown of the operation by Resource
• The complete audit of all cloud events with detailed information for quick investigation

With ClickOps Scanner for Azure, ControlMonkey users can now:

• Monitor every change in real-time across Azure subscriptions, whether intentional or unexpected.
• Resolve Terraform Drifts faster by quickly detecting the Cloud Event (ClickOps) that caused the configuration drift and shorten investigation and resolution times.
• Ensure compliance and security by keeping a complete audit trail of all infrastructure changes made through code or the console.
• Speed up debugging and root cause analysis. Quickly trace changes back to their source and understand the impact of every action.

Total Cloud Control for Azure

The ControlMonkey Terraform Automation Platform helps Azure users standardize, optimize, and secure their cloud infrastructure. ControlMonkey provides the necessary solutions to achieve Total Cloud Control with Terraform, whether managing a few subscriptions or an enterprise-scale Azure deployment.

Ready to take control of your infrastructure?
Meet with our Terraform experts for a 30-minute technical call to learn more.

Last month we released the feature ‘Console Operations Notifications’, which notifies ControlMonkey users whenever someone performs operations from the AWS console.

The feedback we got from our customers was outstanding, but some of them also indicated that there are certain actions that they allow their teams to perform in the AWS console, so they wanted to have a mechanism to allow-list those actions that are permitted in their organization.

So to support this request we have developed a new capability, ‘Allowed Console Operations’.

‘Allowed Console Operations’ enables ControlMonkey users to define rules for specific actions that are permitted to be performed in the AWS console. 
For example: Updating Lambda function code from the AWS console.

This feature’s granularity allows ControlMonkey users to apply the rule to a specific account, region, resource name, or resource type. 

To make things easier, we have also added the option to create an allowed console operation rule directly from a console operations event in our cloud events dashboard, in 2 clicks. 

While our vision is enabling our customers to minimize their ClickOps in the AWS console, this capability adds that extra layer of customization which allows them to also reduce unnecessary ClickOps and also the notifications for permitted actions.