Does Pacbot scan the cloud or the cloud infrastructure code (eg, like TF scripts)

[bhuvi11]

Hello Team,

I am trying to use pacbot and curious to know how it works.

Does it scan the cloud infrastructure or the scrips written to up the services like tf scripts? I see we have checkov that scans the IaC files, does pacbot does the same?

[Akashbhaskaran]

It scans the cloud (AWS and Azure ) infrastructure and not the Iac scripts.

[bhuvi11]

Hello @Akashbhaskaran,

Thanks for the quick response. So pacbot would need authentication details for the cloud account?

[Akashbhaskaran]

Pacbot is installed in AWS . For scanning AWS resources, it requires iam roles and trust relationship configuration for role assumption . For scanning azure resources , the authentication details such as client id / client secret is required.