Create a scan configuration

  • Release version: Zurich
  • Updated July 31, 2025
  • 1 minute to read

    • Create a scan configuration in Cloud Configuration Governance to scan the cloud resources against one or more policy sets and identify the policy violations.

    Before you begin

    • Ensure that a suitable policy set is available for the scan. The policy set enforces a given security or organizational standard. For more information on creating the policy set, see Create a policy set.
    • Role required: sn_itom_ccg.scheduling_admin

    About this task

    Note:
    Starting with Cloud Configuration Governance version 1.3.7, the base system contents are moved to the CCG Content Pack. Install the CCG Content Pack to access the base system Cloud Configuration Governance contents.

    Procedure

    1. Navigate to Cloud Configuration Governance > Scan Configurations.
    2. Select New.
    3. Fill the values on the Scan Configuration form.
      For a description of the form fields, see Cloud Configuration Governance Scan configuration form.
    4. Select Submit.
    5. To create a schedule to execute the scan configuration, select Setup Schedule.
      1. Optional: Set a criteria to cancel the long running scan runs.
        To import the configuration data of the cloud resources, Cloud Configuration Governance resource collectors and configuration collectors use Workflow Studio subflows. Sometimes, the subflow errors out and it doesn't report the error. In such cases, the scan run can run indefinitely. Setting a cancellation criteria helps to cancel such scans.

    What to do next

    Run the scan configuration to evaluate the resource configuration of the given cloud against the specified policy sets and identify the policy violations. For more information, see Run the scan configuration.