With customers like Rapyd, Coralogix, and ReasonLabs already benefiting from compliance visibility, ControlMonkey is raising the bar for proactive cloud governance.

For teams managing their Terraform, OpenTofu, or Terragrunt environments, compliance is often a moving target. The new Cloud Compliance Dashboard in ControlMonkey delivers a unified, drill-down view into your compliance posture across AWS, Azure, and GCP helping you identify gaps before they turn into risks.

Introducing Cloud Compliance Dashboarding

The Compliance Dashboard gives DevOps and Cloud managers the ability to select relevant standards, track consolidated scores, and drill down into failed controls and resources.

Supported frameworks include:

• CIS Benchmarks (2.0, 2.1, 3.0)
• PCI DSS 4.0
• HIPAA Security Rule
• MITRE ATT&CK
• ENS_RD2022 (Spanish National Security Framework)
• DORA Regulation
• And more – Full List below

Teams can move from high-level compliance scores down to specific failed checks, pinpoint which resources triggered non-compliance (for example, an exposed EC2 instance), and shift compliance from reactive audits to proactive prevention.

Stay Ahead with Cloud Governance and Infrastructure Control

The dashboard provides decision-makers with measurable clarity. I Teams can continuously check compliance instead of just reacting to audit findings. They can enforce IaC policies on a large scale and strengthen infrastructure pipelines. This means:

• Improved visibility into your compliance score
• Reduced risk with drill-down checks at the resource level
• IaC alignment through proactive enforcement
• Scalable governance across multi-cloud environments

“When teams gain full visibility and proactive compliance controls, they stop reacting to problems and start preventing them. That’s how you consistently raise your compliance score.” said Ori Yemini, CTO, ControlMonkey

Customer Perspectives

2 of Control monkey customers already enjoying full IaC coverage visibility:

More IaC coverage means fewer security issues — period. What stood out with ControlMonkey was how easy it became to do things the right, modern way. When infrastructure and security teams can finally collaborate by design, that’s when security actually works

Nir Rothenberg

CISO

As a company that manages huge clusters of AWS resources, the ControlMonkey Platform and specifically its GitOps pipeline capabilities is an integral part of our infrastructure deployment process, enabling us to shift left our infrastructure policies, best practices, and guardrails to make sure our production environment is stable, compliant and secure

Yoni Farin

Coralogix

See it for yourself

Join our next Product Showdown to experience the Cloud Compliance Dashboard in action.

Supported Frameworks include:

Find below full list of framework support by cloud provider:

AWS

• CISA
• SOC 2
• CIS Benchmarks (1.4, 1.5, 2.0, 3.0, 4.0.1, 5.0)
• MITRE ATT&CK
• GDPR
• AWS Foundational Security Best Practices
• ISO/IEC 27001:2013 & 2022
• KISA ISMS-P 2023 (incl. Korean version)
• HIPAA Security Rule
• GxP 21 CFR Part 11
• GxP EU Annex 11
• NIST 800-171 Rev 2
• NIST 800-53 Rev 4 & Rev 5
• PCI DSS 4.0 & PCI DSS 3.2.1
• AWS Well-Architected Framework (Security & Reliability Pillars)
• AWS Account Security Onboarding
• AWS Foundational Technical Review
• AWS Audit Manager Control Tower Guardrails
• NIST Cybersecurity Framework (CSF) 1.1
• ENS_RD2022
• RBI Cyber Security Framework
• FFIEC Cybersecurity Assessment
• FedRAMP (Low & Moderate, Rev 4)
• NIS2 Directive

Azure

• PCI DSS 4.0
• SOC 2
• ISO/IEC 27001:2022
• CIS Benchmarks (2.0, 2.1, 3.0, 4.0)
• ENS_RD2022
• MITRE ATT&CK
• NIS2 Directive

GCP

• MITRE ATT&CK
• SOC 2
• CIS Benchmarks (2.0, 3.0, 4.0)
• ENS_RD2022
• PCI DSS 4.0
• ISO/IEC 27001:2022
• NIS2 Directive

For teams managing their Terraform, OpenTufo or Teragrunt in GCP, no visibility is a risk you can’t afford. Managing infrastructure across GCP shouldn’t mean setting up each project manually. With ControlMonkey’s new GCP Support, you can now connect your entire GCP organization in just a few clicks – gaining centralized control and governance across all your GCP projects.

Introducing GCP Organization Support

Our newest capability extends ControlMonkey’s powerful automation and visibility to Google Cloud Platform organizations:

1. One-click integration with your entire GCP organization
2. Auto-discovery of all GCP projects under the org
3. Unified visibility across every GCP environment
4. Consistent policy enforcement and drift detection across projects
5. Simplified cloud credentials management for organization-wide onboarding

Stay Ahead with Cloud Governance and Infrastructure Control

With GCP Organization, ControlMonkey helps you scale without sacrificing security or visibility. Here’s how:

This new support gives you operational control where it matters:

• Full Project Inventory: Instantly discover and index all GCP projects under your organization
• Increase IaC Coverage: Import your entire GCP footprint to Terraform code with 1-click Terraform code generation
• Policy-Driven Governance: Apply security, compliance, and usage policies across all projects from a single place
• Code-vs-Cloud Accuracy: Continuously monitor GCP for drift and ensure alignment with your Terraform configurations
• Centralized Management: Manage credentials, visibility, and enforcement rules across your org without manual overhead

Want to hear more? Explore GCP Support today.

Also using AWS? This feature brings GCP to the same level – Read the AWS Organization Support announcement →

ControlMonkey now offers a unified Cloud Inventory view. With our latest update, users can search and visualize resources across all cloud providers- AWS, Azure, and GCP in a single dashboard. Whether you’re managing a global architecture or multiple cloud accounts, ControlMonkey brings total Cross Cloud Visibility and control to your fingertips.

Introducing Cross-Cloud Visibility in Cloud Inventory 

With multi-cloud inventory search, ControlMonkey users can now:

• Search and find any resource: like Queues, Load Balancers, or Buckets – across clouds and accounts in seconds
• Instantly spot IaC coverage gaps, including unmanaged resources by cloud, region, and state
• Drill down to any asset and see if it’s managed by IaC, where it the code in your version control system that manages that asset, and by which ControlMonkey stack

Stay Ahead with Cross-Cloud Visibility and Governance

As cloud environments grow in complexity, visibility becomes non-negotiable. ControlMonkey’s new Cloud Inventory ensures DevOps and CloudOps teams can confidently track and govern resources across regions, vendors, and IaC states — Get time with us today!

Managing cloud infrastructure at scale requires complete visibility into every change.
But what happens when someone bypasses Terraform and modifies resources directly in the GCP console?

These untracked console changes, AKA ClickOps, can lead to drifts, misconfigurations, compliance violations, and security risks. Without visibility into these actions, teams are left troubleshooting unexpected issues instead of proactively managing their cloud.

Today, we’re excited to introduce ClickOps Scanner for GCP, a new capability for Google Cloud users that tracks and detects console operations across your GCP projects, ensuring that all infrastructure changes stay accounted for.

ClickOps Scanner for GCP

With ClickOps Scanner for GCP, ControlMonkey users can now:

• Monitor every change in real-time across GCP projects, whether intentional or unexpected.
• Resolve Terraform Drifts faster by quickly detecting the Cloud Event (ClickOps) that caused the configuration drift and shorten investigation and resolution times.
• Ensure compliance and security by keeping a complete audit trail of all infrastructure changes made through code or the console.
• Speed up debugging and root cause analysis. Quickly trace changes back to their source and understand the impact of every action.

Bring Total Cloud Control to your GCP Environment

Untracked console operations can create security risks and disrupt infrastructure stability.
With ClickOps Scanner for GCP, you get a complete insight into every manual change, so nothing slips through the cracks.

Ready to take control of your infrastructure?
Meet with our Terraform experts for a 30-minute technical call to learn more.

Recently, our engineering team has been developing various GCP capabilities to enhance multi-cloud support for the ControlMonkey Platform. With comprehensive releases such as Inventory Dashboard and GCP IaC Coverage, our GCP users can now leverage more advanced Terraform Automation solutions to govern and automate their GCP environments.  Today we are happy to announce the General Availability of ControlMonkey’s Terraform Import Engine for GCP Users! GCP Terraform Import!

New GCP Terraform Import

Starting today, ControlMonkey users with old systems can easily move their GCP resources to Terraform. Our AI-powered Terraform Code Generator makes this simple.
ControlMonkey’s Terraform Import Engine finds GCP resources that Terraform does not manage. It creates code that shows the resources’ current state with just one click.
Our platform also generates the Terraform state file, so you don’t need to run any ‘Import’ commands or use any ‘Import’ blocks within your code and then run ‘Apply.’

We use our Smart Stacking algorithm to find related resources. It can also create stacks that are ready to import.

Importing 1000s of GCP resources to Terraform has never been easier:

• Visualize how many resources are not managed with Terraform and their cost with the option to filter by region.

• Select the stacks to import to Terraform and choose the import method. You can also search and filter by resource type.

• Get a 100% verified Terraform code and state file that matches your resource’s configuration.

TL,DR – Terraform Import and ControlMonkey

The benefits of leveraging ControlMonkey’s Terraform Import Engine:

1. Generate Terraform code in 75% less time.
2. Increase Terraform coverage to 99%.
3. Out-of-the-box automatic custom Terraform Module creation.
4. Save thousands of DevOps hours by eliminating manual Terraform code writing.

Do you have GCP infrastructure that you’re looking to shift to Terraform? ControlMonkey offers the easiest and most swift way to do it.

Are you interested in learning more and seeing it for yourself? 
Book a 30-minute technical discussion with our Terraform Experts.

Last month, we announced the release of the Cloud Inventory Dashboard for GCP, the first significant capability of our cloud visibility solution for GCP.
We’re happy to announce another milestone in our multi-cloud support with ControlMonkey’s IaC Coverage for GCP.

Starting today, ControlMonkey customers with GCP environments can gain complete visibility into their GCP Projects and understand the following:

1. What is their IaC coverage across projects
2. What is the IaC coverage per region
3. How many resources are unmanaged by IaC

As well as:

1. IaC Coverage over time
2. IaC Distribution across IaC tools

With this new capability, companies running GCP workloads at scale with multiple projects in multiple regions can get a bird’s-eye view of their IaC coverage.

The release of the GCP IaC Coverage reinforces ControlMonkey’s multi-cloud capabilities and provides our customers with a centralized view across clouds, subscriptions/accounts/projects, and regions.

We are just getting started. In the coming months, we plan to release many exciting new capabilities for our GCP customers.

Are you running on GCP? Our team would love to jump on a call and show you how ControlMonkey can help.

As part of our multi-cloud vision of the ControlMonkey platform, we are happy to announce another milestone in our integration with GCP (Google Cloud Platform).

We kicked off our GCP support with Managed Security Policies for GCP a few months ago, and today, we are releasing the Cloud Inventory Dashboard for GCP.

ControlMonkey customers with GCP environments can now gain a 30K view of their projects and understand:

• Resources distribution across geo-region
• Resources distribution across services

With this new capability, companies running GCP workloads at scale with multiple projects in multiple regions can get a bird’s-eye view of their cloud resources.

The release of the GCP Cloud Inventory Dashboard reinforces ControlMonkey’s multi-cloud capabilities and provides our customers with a centralized view across clouds, subscriptions/accounts/projects, and regions.

We plan to release many exciting new capabilities for our GCP customers soon, so stay tuned!

Running on GCP or multi-cloud? Our team would love to jump on a call and show you how ControlMonkey can help.

We are excited to announce another milestone in our support for multiple cloud providers, this time with a major enhancement to our Terraform CI/CD solution.
Starting today, ControlMonkey’s Managed Security Policies are also available for Google Cloud users!

These Security Policies are predefined, managed, and maintained by ControlMonkey.
Rather than writing and maintaining common security policies with OPA, which also requires understanding the Terraform Plan output internals, you get managed security policies that are enforced whenever someone changes your Terraform code, right out of the box.

Cloud Engineering teams can granularly select on which unit of deployment the Security Policy will be enforced, and also the enforcement level (warning or block).
So if you need to separate and divide your policy enforcement across environments, you can easily do that with ControlMonkey.

The benefits of Managed Security Policies:

• You get a library of pre-defined security policies to choose from, straight out of the box.
• Save time on writing, managing, and maintaining these policies, ControlMonkey does all the heavy lifting for you.
• By shifting left your security, you are:
  • Preventing security issues before they reach production
  • Saving time on manual code review.
  • Enable a proactive operations mode Vs. reacting to security misconfigurations.
  • Educating Cloud Engineering teams on the organization’s security standards.

If you’re using GCP today and looking to turn on your proactive mode, let’s talk.

Today we are excited to announce the latest enhancement to ControlMonkey’s Drift Center, Drift auto-sync.

What is Drift auto-sync?

Our Drift Center helps DevOps teams identify and address discrepancies. These lie between the specified configuration in the Terraform, OpenTofu and Terragrunt code and the actual state of resources in the cloud environment.

Whenever a drift is detected and ‘Drift auto-sync’ is enabled, ControlMonkey will automatically trigger a deployment (reconciliation). This is to align the AWS resource (The “Actual State”) to the Terraform Code (The “Desired state”).

This feature is very similar to ArgoCD reconciliation capability.

The new capability is a checkbox configuration that is part of the stack’s configuration. This capability is included to all levels of subscription.

Drift auto-sync supports 2 types of Terraform Drifts:

1. Drift that originated from a configuration change that was made from the AWS, GCP or Azure console. This change was not from Terraform Apply.
2. Drift that originated from a change to a Terraform Data Source.
   e.g An auto-scaling group configuration fetches an image ID from a Data Source and that image ID has changed. This occurs since the last deployment, causing the Auto-scaling group to drift because it has the old image.

What next?

So if your stack is heavily dependent on data sources and you want to validate that you are always using the latest values, then the Drift auto-sync is the ideal solution. It will automatically reconcile the resource and save you the trouble of manually resolving the drift.

Join our Product Showdown this week to see it in action