diff --git a/Makefile b/Makefile
index fbfa95bb..062df46c 100644
--- a/Makefile
+++ b/Makefile
@@ -25,6 +25,8 @@ SPLUNK_WIN_FILENAME ?= splunk-${SPLUNK_VERSION}-${SPLUNK_BUILD}-x64-release.msi
 SPLUNK_WIN_BUILD_URL ?= https://download.splunk.com/products/${SPLUNK_PRODUCT}/releases/${SPLUNK_VERSION}/windows/${SPLUNK_WIN_FILENAME}
 UF_WIN_FILENAME ?= splunkforwarder-${SPLUNK_VERSION}-${SPLUNK_BUILD}-x64-release.msi
 UF_WIN_BUILD_URL ?= https://download.splunk.com/products/universalforwarder/releases/${SPLUNK_VERSION}/windows/${UF_WIN_FILENAME}
+# Splunk Cloud SDK binary
+SCLOUD_URL ?= https://github.com/splunk/splunk-cloud-sdk-go/releases/download/v1.7.0/scloud_v4.0.0_linux_amd64.tar.gz
 
 # Security Scanner Variables
 SCANNER_DATE := `date +%Y-%m-%d`
@@ -59,16 +61,16 @@ ansible:
 base: base-debian-9 base-debian-10 base-centos-7 base-redhat-8 base-windows-2016
 
 base-debian-10:
-	docker build ${DOCKER_BUILD_FLAGS} -t base-debian-10:${IMAGE_VERSION} ./base/debian-10
+	docker build ${DOCKER_BUILD_FLAGS} --build-arg SCLOUD_URL=${SCLOUD_URL} -t base-debian-10:${IMAGE_VERSION} ./base/debian-10
 
 base-debian-9:
-	docker build ${DOCKER_BUILD_FLAGS} -t base-debian-9:${IMAGE_VERSION} ./base/debian-9
+	docker build ${DOCKER_BUILD_FLAGS} --build-arg SCLOUD_URL=${SCLOUD_URL} -t base-debian-9:${IMAGE_VERSION} ./base/debian-9
 
 base-centos-7:
-	docker build ${DOCKER_BUILD_FLAGS} -t base-centos-7:${IMAGE_VERSION} ./base/centos-7
+	docker build ${DOCKER_BUILD_FLAGS} --build-arg SCLOUD_URL=${SCLOUD_URL} -t base-centos-7:${IMAGE_VERSION} ./base/centos-7
 
 base-redhat-8:
-	docker build ${DOCKER_BUILD_FLAGS} --label version=${SPLUNK_VERSION} -t base-redhat-8:${IMAGE_VERSION} ./base/redhat-8
+	docker build ${DOCKER_BUILD_FLAGS} --build-arg SCLOUD_URL=${SCLOUD_URL} --label version=${SPLUNK_VERSION} -t base-redhat-8:${IMAGE_VERSION} ./base/redhat-8
 
 base-windows-2016:
 	docker build ${DOCKER_BUILD_FLAGS} -t base-windows-2016:${IMAGE_VERSION} ./base/windows-2016
diff --git a/base/centos-7/Dockerfile b/base/centos-7/Dockerfile
index 53f7dd55..9421d5f5 100644
--- a/base/centos-7/Dockerfile
+++ b/base/centos-7/Dockerfile
@@ -15,5 +15,8 @@
 FROM centos:7
 LABEL maintainer="support@splunk.com"
 
+ARG SCLOUD_URL
+ENV SCLOUD_URL ${SCLOUD_URL}
+
 COPY install.sh /install.sh
 RUN /install.sh && rm -rf /install.sh
diff --git a/base/centos-7/install.sh b/base/centos-7/install.sh
index 3bf831a1..7de4088b 100755
--- a/base/centos-7/install.sh
+++ b/base/centos-7/install.sh
@@ -19,7 +19,12 @@ localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
 export LANG=en_US.utf8
 
 yum -y update && yum -y install wget sudo epel-release
-yum -y install busybox ansible python-requests
+yum -y install busybox ansible python-requests python-jmespath
+
+# Install scloud
+wget -O /usr/bin/scloud.tar.gz ${SCLOUD_URL}
+tar -xf /usr/bin/scloud.tar.gz -C /usr/bin/
+rm /usr/bin/scloud.tar.gz
 
 cd /bin
 ln -s busybox killall
diff --git a/base/debian-10/Dockerfile b/base/debian-10/Dockerfile
index 1f3d0755..b8387264 100644
--- a/base/debian-10/Dockerfile
+++ b/base/debian-10/Dockerfile
@@ -15,6 +15,9 @@
 FROM debian:buster-slim
 LABEL maintainer="support@splunk.com"
 
+ARG SCLOUD_URL
+ENV SCLOUD_URL ${SCLOUD_URL}
+
 ENV DEBIAN_FRONTEND=noninteractive
 
 COPY install.sh /install.sh
diff --git a/base/debian-10/install.sh b/base/debian-10/install.sh
index 1e2f7d0e..a2033e53 100755
--- a/base/debian-10/install.sh
+++ b/base/debian-10/install.sh
@@ -33,10 +33,15 @@ apt update
 # put back tools for customer support
 apt-get install -y --no-install-recommends curl sudo libgssapi-krb5-2 busybox procps acl gcc libpython-dev libffi-dev libssl-dev
 apt-get install -y --no-install-recommends python-pip python-setuptools python-requests python-yaml
-pip --no-cache-dir install ansible
+pip --no-cache-dir install ansible jmespath
 apt-get remove -y gcc libffi-dev libssl-dev libpython-dev
 apt-get autoremove -y
 
+# Install scloud
+wget -O /usr/bin/scloud.tar.gz ${SCLOUD_URL}
+tar -xf /usr/bin/scloud.tar.gz -C /usr/bin/
+rm /usr/bin/scloud.tar.gz
+
 cd /bin
 ln -s busybox killall
 ln -s busybox netstat
diff --git a/base/debian-9/Dockerfile b/base/debian-9/Dockerfile
index 9b8f867a..9ecb89f2 100644
--- a/base/debian-9/Dockerfile
+++ b/base/debian-9/Dockerfile
@@ -15,6 +15,9 @@
 FROM debian:stretch-slim
 LABEL maintainer="support@splunk.com"
 
+ARG SCLOUD_URL
+ENV SCLOUD_URL ${SCLOUD_URL}
+
 ENV DEBIAN_FRONTEND=noninteractive
 
 COPY install.sh /install.sh
diff --git a/base/debian-9/install.sh b/base/debian-9/install.sh
index 9c591ead..2f04be36 100755
--- a/base/debian-9/install.sh
+++ b/base/debian-9/install.sh
@@ -35,7 +35,12 @@ apt-get update
 # put back tools for customer support
 apt-cache show ansible
 apt-get install -y --no-install-recommends ansible curl sudo libgssapi-krb5-2 busybox procps acl
-apt-get install -y --no-install-recommends python-requests
+apt-get install -y --no-install-recommends python-requests python-jmespath
+
+# Install scloud
+wget -O /usr/bin/scloud.tar.gz ${SCLOUD_URL}
+tar -xf /usr/bin/scloud.tar.gz -C /usr/bin/
+rm /usr/bin/scloud.tar.gz
 
 cd /bin
 ln -s busybox diff
diff --git a/base/redhat-8/Dockerfile b/base/redhat-8/Dockerfile
index 69cb834d..912f2650 100644
--- a/base/redhat-8/Dockerfile
+++ b/base/redhat-8/Dockerfile
@@ -24,6 +24,9 @@ LABEL name="splunk" \
       summary="UBI 8 Docker image of Splunk Enterprise" \
       description="Splunk Enterprise is a platform for operational intelligence. Our software lets you collect, analyze, and act upon the untapped value of big data that your technology infrastructure, security systems, and business applications generate. It gives you insights to drive operational performance and business results."
 
+ARG SCLOUD_URL
+ENV SCLOUD_URL ${SCLOUD_URL}
+
 COPY install.sh /install.sh
 
 RUN mkdir /licenses \
diff --git a/base/redhat-8/install.sh b/base/redhat-8/install.sh
index b679bcaf..2bb08447 100755
--- a/base/redhat-8/install.sh
+++ b/base/redhat-8/install.sh
@@ -34,7 +34,7 @@ wget -O /bin/busybox https://busybox.net/downloads/binaries/1.28.1-defconfig-mul
 chmod +x /bin/busybox
 microdnf -y --nodocs update gnutls kernel-headers
 microdnf -y --nodocs install python2-pip python2-devel redhat-rpm-config gcc libffi-devel openssl-devel
-pip2 --no-cache-dir install requests ansible
+pip2 --no-cache-dir install requests ansible jmespath
 microdnf -y remove gcc openssl-devel redhat-rpm-config python2-devel device-mapper-libs device-mapper trousers systemd systemd-pam \
                    dwz dbus dbus-common dbus-daemon dbus-tools dbus-libs go-srpm-macros iptables-libs annobin cryptsetup-libs \
                    ocaml-srpm-macros openblas-srpm-macros qt5-srpm-macros perl-srpm-macros rust-srpm-macros ghc-srpm-macros \
@@ -44,6 +44,11 @@ microdnf -y remove gcc openssl-devel redhat-rpm-config python2-devel device-mapp
                    libfdisk libpcap libseccomp libselinux-devel libutempter binutils libxcrypt-devel cpp glibc-devel glibc-headers \
                    krb5-devel libkadm5 platform-python-pip
 
+# Install scloud
+wget -O /usr/bin/scloud.tar.gz ${SCLOUD_URL}
+tar -xf /usr/bin/scloud.tar.gz -C /usr/bin/
+rm /usr/bin/scloud.tar.gz
+
 cd /bin
 ln -s python2 python || true
 ln -s busybox diff || true
diff --git a/splunk/common-files/Dockerfile b/splunk/common-files/Dockerfile
index 0f00308a..c9701c90 100644
--- a/splunk/common-files/Dockerfile
+++ b/splunk/common-files/Dockerfile
@@ -1,4 +1,4 @@
-# Copyright 2018 Splunk
+# Copyright 2018-2020 Splunk
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
diff --git a/tests/test_docker_splunk.py b/tests/test_docker_splunk.py
index eeee973c..e699a3a3 100644
--- a/tests/test_docker_splunk.py
+++ b/tests/test_docker_splunk.py
@@ -455,7 +455,7 @@ def test_splunk_entrypoint_no_provision(self):
             if cid:
                 self.client.remove_container(cid, v=True, force=True)
     
-    def test_splunk_uid_gid(self):
+    def test_splunk_scloud(self):
         cid = None
         try:
             # Run container
@@ -465,11 +465,13 @@ def test_splunk_uid_gid(self):
             # Wait a bit
             time.sleep(5)
             # If the container is still running, we should be able to exec inside
-            # Check that the git SHA exists in /opt/ansible
-            exec_command = self.client.exec_create(cid, "id", user="splunk")
+            # Check that the version returns successfully for multiple users
+            exec_command = self.client.exec_create(cid, "scloud version", user="splunk")
             std_out = self.client.exec_start(exec_command)
-            assert "uid=41812" in std_out
-            assert "gid=41812" in std_out
+            assert "scloud version " in std_out
+            exec_command = self.client.exec_create(cid, "scloud version", user="ansible")
+            std_out = self.client.exec_start(exec_command)
+            assert "scloud version " in std_out
         except Exception as e:
             self.logger.error(e)
             raise e
@@ -487,7 +489,7 @@ def test_splunk_uid_gid(self):
             # Wait a bit
             time.sleep(5)
             # If the container is still running, we should be able to exec inside
-            # Check that the git SHA exists in /opt/ansible
+            # Check that the uid/gid is correct
             exec_command = self.client.exec_create(cid, "id", user="splunk")
             std_out = self.client.exec_start(exec_command)
             assert "uid=41812" in std_out
@@ -559,8 +561,8 @@ def test_uf_entrypoint_no_provision(self):
         finally:
             if cid:
                 self.client.remove_container(cid, v=True, force=True)
-    
-    def test_uf_uid_gid(self):
+
+    def test_uf_scloud(self):
         cid = None
         try:
             # Run container
@@ -570,11 +572,13 @@ def test_uf_uid_gid(self):
             # Wait a bit
             time.sleep(5)
             # If the container is still running, we should be able to exec inside
-            # Check that the git SHA exists in /opt/ansible
-            exec_command = self.client.exec_create(cid, "id", user="splunk")
+            # Check that the version returns successfully for multiple users
+            exec_command = self.client.exec_create(cid, "scloud version", user="splunk")
             std_out = self.client.exec_start(exec_command)
-            assert "uid=41812" in std_out
-            assert "gid=41812" in std_out
+            assert "scloud version " in std_out
+            exec_command = self.client.exec_create(cid, "scloud version", user="ansible")
+            std_out = self.client.exec_start(exec_command)
+            assert "scloud version " in std_out
         except Exception as e:
             self.logger.error(e)
             raise e
@@ -592,7 +596,7 @@ def test_uf_uid_gid(self):
             # Wait a bit
             time.sleep(5)
             # If the container is still running, we should be able to exec inside
-            # Check that the git SHA exists in /opt/ansible
+            # Check that the uid/gid is correct
             exec_command = self.client.exec_create(cid, "id", user="splunk")
             std_out = self.client.exec_start(exec_command)
             assert "uid=41812" in std_out