This sample provides an Azure Function based implementation of running the Cloud Scanner tool
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
RunRules Deploy to Functions app on commit to master Oct 26, 2018
ScanResources Setup Travis build (#4) Oct 25, 2018
StoreResources Setup Travis build (#4) Oct 25, 2018
TagResources Setup Travis build (#4) Oct 25, 2018
TaskScheduler Setup Travis build (#4) Oct 25, 2018
config-generator fix setup file Oct 30, 2018
deployment Updated travis deployment script (#14) Oct 26, 2018
tests Setup Travis build (#4) Oct 25, 2018
.funcignore Moved deploy scripts out to shell script (#13) Oct 26, 2018
.gitignore Setup Travis build (#4) Oct 25, 2018
.travis.yml Updated travis deployment script (#14) Oct 26, 2018
LICENSE init commit Oct 12, 2018
Makefile Setup Travis build (#4) Oct 25, 2018 Updated readme with deployment info (#15) Oct 26, 2018
extensions.csproj init commit Oct 12, 2018
host.json init commit Oct 12, 2018
requirements-dev.txt Deploy to Functions app on commit to master Oct 26, 2018
requirements.txt Deploy to Functions app on commit to master Oct 26, 2018 init commit Oct 12, 2018

Cloud Scanner - Azure Functions Sample App

Build Status

This is an example Azure Function App that demonstrates the use of the cloud-scanner library and its providers. cloud-scanner is a Python package that pulls cloud resources from different providers (Azure, AWS, GCP) and puts the metadata into data stores.

Note: This library is NOT affiliated with the Azure team at Microsoft and was developed by the Commercial Software Engineering team as a tool for the Open Source community to use and contribute to as they see fit. Use at your own risk!

Related Projects

The following are a list of related projects that are dependencies for the Azure Functions sample:

  1. cloud-scanner

    Core library components for cloud-scanner project

  2. cloud-scanner-azure

    Azure components for cloud-scanner project. Includes Azure support for discovering Azure resources in addition to storage and workflow components for hosting on Azure

  3. cloud-scanner-generic

    Generic components for cloud-scanner project including MySql, ElasticSearch and more

Running Locally

  1. Create Python 3.6 virtualenv env with all dependencies installed
    python3.6 -m virtualenv env
    source env/bin/activate
    (env) pip install -r requirements.txt
    (env) pip install -r requirements-dev.txt
    If running on Windows CMD Prompt/Powershell:
    python3.6 -m virtualenv env
    (env) pip install -r requirements.txt
    (env) pip install -r requirements-dev.txt
  2. Create an Azure Service Principal
  3. Create .env file in root directory and populate with appropriate data:
    # Azure authentication
    # Container & Queue Names
    # Resource types
    # Needed for 'rest_storage_service' storage type
    # App Insights (optional)
  4. Create local.settings.json file in root directory and populate:
         "IsEncrypted": false,
         "Values": {
             "AzureWebJobsStorage": "<azure-storage-connection-string",
             "FUNCTIONS_WORKER_RUNTIME": "python"
  5. Generate cloud config file
    (env) generate-config -p <cloud-provider1,cloud-provider2> -t <resource-type1,resource-type2>
    Example: Generate config to pull all Azure resources
    (env) generate-config -p azure -t "*"
  6. Install Azure Core Tools
  7. Register binding types
    (env) func extensions install
  8. Deploy necessary resources
  9. Run Azure Functions locally
    (env) func host start

Publish Function App to Azure

Azure Resources

The Azure Functions Sample runs on a Linux consumption plan with python support. The ARM template is complete and deploys the following resources:

  • Functions App
  • Linux Consumption App Service Plan
  • Storage Account
  • Application Insights

Automatically deploy using the deployments/deploy.ps1 or the following Azure CLI commands.

$resourceGroupName = <resource-group-name>
az group create -l westus -n $resourceGroupName

az group deployment create 
    --resource-group $resourceGroupName 
    --name cloud-scanner 
    --parameters parameters.json 

Deploying Function App Code

This repo is set up to use Travis CI to deploy code from the master branch. In order for this to work properly, you will need to use the service principal created previously (or create a new one) and add the following environment variables to your Travis settings with the appropriate values:


Login to your Azure account with standard username or password or with the service principal you created

az login --service-principal --username "$AZ_APP_ID" --password "$AZ_SP_SECRET" --tenant "$AZ_TENANT_ID"
az account get-access-token --query "accessToken"

To deploy from your machine, create and activate your virtual environment and run:

func azure functionapp publish $AZ_FUNCTIONS_APP_NAME --build-native-deps --force


This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit

When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact with any additional questions or comments.